Product
medium
advisory
AWS KMS Key User Performing S3 Encryption
2 rules 1 TTPDetection of AWS users employing KMS keys for S3 encryption, potentially indicating suspicious data handling within cloud environments.
AWS Identity and Access Management +2
aws
kms
s3
cloud
encryption
2r
1t
high
advisory
AWS KMS Key Creation with Public Encryption Policy
2 rules 1 TTPAn attacker may create AWS KMS keys with a permissive encryption policy, granting `kms:Encrypt` permissions to all principals, potentially leading to unauthorized encryption and data compromise across multiple organizations.
AWS Key Management Service
aws
kms
encryption
misconfiguration
ransomware
2r
1t