CyberWire Daily cover image

CyberWire Daily

Leaking your AWS API keys, on purpose? [Research Saturday]

Apr 6, 2024
Noah Pack, a SANS Intern, discusses leaking AWS API keys intentionally for research. He shares insights on responses from different automated processes and security services. The aftermath of publicly revealing AWS API keys and the alerts triggered by GitGuardian, AWS, and suspicious IP addresses are highlighted. Implications of accidental leaks and risk mitigation strategies are explored, emphasizing the need for immediate action and key rotation.
26:30

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

  • Accidentally leaking AWS API keys can result in immediate exploitation by threat actors, as demonstrated by Noah Pack's experience with exposing email credentials on GitHub.
  • Utilizing Canary Tokens can help in detecting unauthorized access, acting as honeypots that notify creators when triggered and providing valuable information to mitigate risks of exposing sensitive information.

Deep dives

Risks of Accidentally Sharing API Keys

Accidentally sharing AWS API keys can lead to immediate exploitation by threat actors. Noah Pack, an intern with the SANS Internet Storm Center, shared his experience when he posted code containing hardcoded email credentials on GitHub. Instantly, his email account was bombarded with login attempts, highlighting the risks of exposing sensitive information.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner