The hacker got ephemeral keys by remotely exploiting the WAF. The WAF had no reason to have privileges to read from S3, that was a mistake.
I’m unclear if data in bucket was encrypted at rest but I guess if you get keys to read it’s a moot point.
The hacker got ephemeral keys by remotely exploiting the WAF. The WAF had no reason to have privileges to read from S3, that was a mistake.
I’m unclear if data in bucket was encrypted at rest but I guess if you get keys to read it’s a moot point.