Multi-Session Compromise
ACM.146 How session compromise could defeat segregation of duties
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.
🔒 Related Stories: IAM | AWS Security | Data Breaches | Penetration Testing
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Yesterday I explained some of the issues related to session compromise.
Then I mentioned that I have one other concern [at least] for this approach of using two different roles for separation of duties to limit an abuse of create user permissions.
The way I have been demonstrating segregation of duties in these posts up till now is with all my code on one host where I execute commands with one user that requires MFA to assume…