Product
medium
advisory
AWS RDS DB Snapshot Shared with Another Account
2 rules 1 TTPAn AWS RDS DB snapshot is shared with another AWS account or made public, potentially enabling unauthorized access, offline analysis, or data exfiltration by allowing adversaries to restore the snapshot in their controlled infrastructure.
AWS RDS
aws
rds
snapshot
exfiltration
2r
1t
medium
advisory
AWS RDS DB Instance or Cluster Deletion Protection Disabled
2 rules 2 TTPsAn adversary may disable deletion protection on an AWS RDS DB instance or cluster as a precursor to destructive actions, such as deleting databases containing sensitive data.
AWS RDS
cloud
aws
rds
datadestruction
2r
2t
medium
advisory
AWS RDS DB Instance Made Public
2 rules 3 TTPsAn attacker with compromised AWS credentials may modify an Amazon RDS DB instance or cluster to be publicly accessible for persistence, data exfiltration, or to bypass network restrictions.
AWS RDS
cloud
aws
rds
persistence
defense_evasion
2r
3t