|
Just a friendly reminder to turn on MFA if you use AWS. My account was compromised yesterday morning and I wouldn't have caught it if Amazon didn't do checks on unusual activity (like maxing instances in every area). In 3 hours it racked up $2k in usage charges, which they are fortunately making a concession for. I'm still not sure how they got my password, it was a pretty secure one (random alpha + numbers).
|
# ¿ Feb 28, 2017 17:39 |
|
|
# ¿ May 3, 2024 09:08 |
|
fluppet posted:I'd be checking the iam keys rather than the password I'd checked those, the only one I had created was for one of my EC2 instances to be able to access S3. It was definitely compromised on the root account. It was certainly a wake up call and I've gone to 2FA for as many of my other major accounts across the internet as a result.
|
# ¿ Mar 1, 2017 05:21 |