Tag
This brief outlines how to detect the creation of AWS Access Keys, a common tactic used by attackers to establish persistence and escalate privileges within compromised AWS environments.