valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 09:25:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update aws_attached_malicious_lambda_layer.yml

Browse Source
This commit is contained in:
Austin Songer 2021-09-23 08:40:26 -05:00 committed by GitHub
parent fdc45505e0
commit 8203a2d5f2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rules/cloud/aws/aws_attached_malicious_lambda_layer.yml
View File

@ -1,5 +1,5 @@
title: AWS Attached Malicious Lambda Layer
id: 97fbabf8-8e1b-47a2-b7d5-a418d2b95e3d
id: 97fbabf8-8e1b-47a2-b7d5-a418d2b95e3d
description: Detects when an user attached a Lambda layer to an existing function to override a library that is in use by the function, where their malicious code could utilize the function's IAM role for AWS API calls. This would give an adversary access to the privileges associated with the Lambda service role that is attached to that function.
author: Austin Songer
status: experimental