When an attacker finds an AWS access key, it’s like an unscratched instant lottery ticket. If they’re lucky, the prize is full control of your cloud infrastructure. If they’re unlucky, it’s just an information disclosure vector that leads to more chances for them to win.
By Dan Bourke & Daniel Grzelak
Full Abstract & Presentation Materials: https://www.blackhat.com/asia-18/briefings.html#breach-detection-at-scale-with-aws-honey-tokens