Skip to content
Threat Feed

Product

AWS Bedrock Claude

4 briefs RSS
medium advisory

Detection of Unusually Large Prompts in AWS Bedrock Claude

This brief describes how to detect unusually large prompts sent to AWS Bedrock Claude models, which may indicate prompt injection attacks, data exfiltration attempts, or abuse of the AI service, through statistical baselining or high static thresholds.

AWS Bedrock Claude aws ai-security prompt-injection data-exfiltration anomaly-detection cloud
1r 2t
high advisory

Sensitive Data Exposure in AWS Bedrock Claude Prompts

This detection identifies instances where sensitive data, including social security numbers, passwords, API keys, and credit card numbers, is inadvertently or maliciously sent within prompts to AWS Bedrock Claude AI models, indicating potential data loss, credential leakage, or insider threat activity.

AWS Bedrock Claude aws bedrock claude data-exposure insider-threat cloud application anomaly
1r 2t
high advisory

AWS Bedrock Claude High Risk Filesystem and Exec Tool Invocation

Detection identifies anomalous or high-risk usage of filesystem and execution tools (such as bash, curl, edit, write, webfetch, grep, read, read_file) invoked by an identity through AWS Bedrock Claude, flagging suspicious activity that could indicate attempts to escalate privileges, exfiltrate data, execute unauthorized commands, or establish persistence.

AWS Bedrock Claude cloud-security ai aws insider-threat privilege-escalation data-exfiltration
1r 5t
high advisory

Potential Cross-Region Inference Abuse in AWS Bedrock Claude

This threat brief details the potential for malicious actors to exploit AWS Bedrock Claude models by performing cross-region inference with high input token counts, indicating attempts to bypass regional restrictions, exfiltrate sensitive data, or conduct unauthorized actions across different AWS regions.

AWS Bedrock Claude cloud aws inference-abuse data-exfiltration defense-evasion
1r 3t