"(The attacker) proceeds to create temporary security credentials using the AWS (STS) Security Token Service. These credentials are valid for a period of time ranging from 15 mins to 36 hours based on the parameters used when requesting the tokens. In this example, the attacker uses 36 hours."
I don't use AWS often. Does AWS provide a way to receive notifications when AWS STS commands are run? Or do some admins setup syslogging to capture these events?
Yes, but figuring that out took a couple of hours. I had to install an old (new to me) version to get the instant flash bios update feature. The newest bios versions can only be installed using windows or instant flash.
I bought a Ryzen desktop with an asrock motherboard a few weeks ago. It was very unstable. Installed Ubuntu 17.04 with upgraded kernel. Most crash / lock ups happened when running vmware workstation. I returned the desktop and now have a very stable Intel I7. It seems like the issue was a combination of the CPU and the motherboard. I assume Ryzen + asrock will run fine on Windows 10.
I don't use AWS often. Does AWS provide a way to receive notifications when AWS STS commands are run? Or do some admins setup syslogging to capture these events?