Maui Easy Riders

Maui Easy Riders Established in 2010, I created Maui Easy Riders because I love being a tour guide. Your safety, and a superior tour is now bookable at your fingertips.

Crafting my trade since the age of 21, now 47, you couldn't possibly find a more experienced, passionate, professional guide on Maui. Our Mission is Simple & Sincere:
We deliver an unforgettable experience that unveils Maui's hidden gems, breathtaking landscapes, and cherished traditions, all while embodying the true spirit of Aloha. We operate every excursion in a low impact, low profile manner t

hat demonstrates our committed respect to Maui, its residents, the culture & Hawaii's amazing history. A true, legitimate, licensed and insured tour company.

~ Guided Haleakala Bike Tours ~ Mornings at 8:30,
~ Sunset Haleakala Bike Tours ~
~ Road to Hana, Waterfalls & Jungle Tours
~ Full & half day options. (Private Tours & Small Groups with a max of 6 guests)
~ South Maui Beach Tours & West Maui Tours ~ (Private Tours)

Cowards from The Department of Defense at this IP Address are invading our home network, they’ve stolen our identities a...
02/15/2026

Cowards from The Department of Defense at this IP Address are invading our home network, they’ve stolen our identities and they are involved in a massive fraudulent campaign in the Hawaii Tourusm Industry!

Before my business and my identity were stolen I lived next door to a “Threat Actor” by the name of Lois Wardell, she wo...
10/31/2025

Before my business and my identity were stolen I lived next door to a “Threat Actor” by the name of Lois Wardell, she works for Galapagos Federal Systems. She exploits a sh*tload of devices by way of remote code ex*****on using my device and many others as her personal socks proxy. She needs a lot of certificates to keep up her crime spree, she needs a face lift too, she ugly inside and out!

Maui Bombers is a Maui Fraud! Visit the website and get hacked!POS!
10/24/2025

Maui Bombers is a Maui Fraud!
Visit the website and get hacked!
POS!

Ransomware log
10/23/2025

Ransomware log

Look here, bi***es. I get it, I know, I’m a great lover, the best either of you ever had, and ever will have. You have g...
10/10/2025

Look here, bi***es. I get it, I know, I’m a great lover, the best either of you ever had, and ever will have. You have got to move on, I aint neva going back to dating a crazy bitch!

Cybersecurity and Infrastructure Security Agency Cloudflare IRS Hawaii – gohawaii.com Hawaii News Now
05/15/2025

Cybersecurity and Infrastructure Security Agency Cloudflare IRS Hawaii – gohawaii.com Hawaii News Now

I must be special!IRS Hawaii News Now FBI – Federal Bureau of Investigation CyberSecurity County of Maui
04/13/2025

I must be special!
IRS Hawaii News Now FBI – Federal Bureau of Investigation CyberSecurity County of Maui

04/03/2025

Check this out!
{"Summary":"We observed anomalous behavior for Root from
03/09/2025 - 03/16/2025 which might be indicative of compromise. The
user invoked CloudTrail management actions mapped to Impact MITRE
tactic(s). The user was also involved in 1 finding, 31 impossible travels, 4
new ASOs, 20 new geolocations, and 24 new user
agents.","GraphArn":"arn:aws:detective:us-
east-1:442042525312:graph:2ab5bf77c1a342bfb94d25feeb37d89f","Inv
estigationId":"174210131584260025998","EntityArn":"arn:aws:iam::4420
42525312:root","EntityType":"IAM_USER","CreatedTime":"2025-03-16T0
5:01:55.878Z","ScopeStartTime":"2025-03-09T05:00:00.000Z","ScopeE
ndTime":"2025-03-16T05:00:00.000Z","Status":"SUCCESSFUL","Severit
y":"MEDIUM","State":"ACTIVE","Indicators":
[{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Honolulu, US, 21.4,
-157.9","IpAddress":"172.59.59.167","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Makawao, US, 20.9,
-156.3","IpAddress":"72.130.67.155","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Honolulu, US, 21.3,
-157.9","IpAddress":"172.59.56.240","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Honolulu, US, 21.3,
-157.9","IpAddress":"172.59.56.220","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Honolulu, US, 21.3,
-157.9","IpAddress":"172.59.57.4","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Honolulu, US, 21.3,
-157.9","IpAddress":"172.59.59.83","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Honolulu, US, 21.3,
-157.9","IpAddress":"172.59.57.244","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Honolulu, US, 21.3,
-157.9","IpAddress":"172.59.57.30","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Honolulu, US, 21.3,
-157.9","IpAddress":"172.59.57.42","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Honolulu, US, 21.3,
-157.9","IpAddress":"172.59.58.51","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Honolulu, US, 21.3,
-157.9","IpAddress":"172.59.56.192","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Honolulu, US, 21.3,
-157.9","IpAddress":"172.59.58.215","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Honolulu, US, 21.3,
-157.9","IpAddress":"172.59.56.122","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Ashburn, US, 39.0,
-77.5","IpAddress":"18.208.181.18","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Ashburn, US, 39.0,
-77.5","IpAddress":"54.239.98.143","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Ashburn, US, 39.0,
-77.5","IpAddress":"3.217.188.5","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Ashburn, US, 39.0,
-77.5","IpAddress":"184.72.130.212","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Ashburn, US, 39.0,
-77.5","IpAddress":"54.239.98.169","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Ashburn, US, 39.0,
-77.5","IpAddress":"54.239.98.139","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_GEOLOCATION","IndicatorDetail":
{"NewGeolocationDetail":{"Location":"Ashburn, US, 39.0,
-77.5","IpAddress":"34.224.243.143","IsNewForEntireAccount":true}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"184.72.130.212","EndingIpAddress":"172.59.57.244"
,"StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"184.72.130.212","EndingIpAddress":"172.59.57.30","
StartingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Honolulu,
US, 21.3, -157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"184.72.130.212","EndingIpAddress":"172.59.56.192"
,"StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"184.72.130.212","EndingIpAddress":"172.59.56.122"
,"StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"34.224.243.143","EndingIpAddress":"172.59.57.244
","StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"34.224.243.143","EndingIpAddress":"172.59.57.30",
"StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"34.224.243.143","EndingIpAddress":"172.59.56.192
","StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"34.224.243.143","EndingIpAddress":"172.59.56.122
","StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"18.208.181.18","EndingIpAddress":"172.59.56.240",
"StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"18.208.181.18","EndingIpAddress":"172.59.59.83","
StartingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Honolulu,
US, 21.3, -157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"18.208.181.18","EndingIpAddress":"172.59.58.51","S
tartingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Honolulu,
US, 21.3, -157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"18.208.181.18","EndingIpAddress":"172.59.58.215","
StartingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Honolulu,
US, 21.3, -157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"18.208.181.18","EndingIpAddress":"72.130.67.155","
StartingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Makawao,
US, 20.9, -156.3","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"3.217.188.5","EndingIpAddress":"172.59.57.244","St
artingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Honolulu,
US, 21.3, -157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"3.217.188.5","EndingIpAddress":"172.59.57.42","Sta
rtingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Honolulu,
US, 21.3, -157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"3.217.188.5","EndingIpAddress":"172.59.56.192","St
artingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Honolulu,
US, 21.3, -157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"54.239.98.169","EndingIpAddress":"172.59.57.244",
"StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"54.239.98.169","EndingIpAddress":"172.59.57.42","
StartingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Honolulu,
US, 21.3, -157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"54.239.98.169","EndingIpAddress":"172.59.56.192",
"StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"34.224.243.143","EndingIpAddress":"172.59.57.244
","StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"34.224.243.143","EndingIpAddress":"172.59.57.42",
"StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"34.224.243.143","EndingIpAddress":"172.59.56.192
","StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"3.217.188.5","EndingIpAddress":"72.130.67.155","St
artingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Makawao,
US, 20.9, -156.3","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"54.239.98.169","EndingIpAddress":"72.130.67.155",
"StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Makawao, US, 20.9,
-156.3","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"34.224.243.143","EndingIpAddress":"72.130.67.155
","StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Makawao, US, 20.9,
-156.3","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"54.239.98.143","EndingIpAddress":"172.59.57.4","S
tartingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Honolulu,
US, 21.3, -157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"54.239.98.143","EndingIpAddress":"172.59.57.42","
StartingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Honolulu,
US, 21.3, -157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"54.239.98.143","EndingIpAddress":"172.59.56.192",
"StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"54.239.98.139","EndingIpAddress":"172.59.57.4","S
tartingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Honolulu,
US, 21.3, -157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"54.239.98.139","EndingIpAddress":"172.59.57.42","
StartingLocation":"Ashburn, US, 39.0, -77.5","EndingLocation":"Honolulu,
US, 21.3, -157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"IMPOSSIBLE_TRAVEL","IndicatorDetail":
{"ImpossibleTravelDetail":
{"StartingIpAddress":"54.239.98.139","EndingIpAddress":"172.59.56.192",
"StartingLocation":"Ashburn, US, 39.0,
-77.5","EndingLocation":"Honolulu, US, 21.3,
-157.9","HourlyTimeDelta":0}}},
{"IndicatorType":"NEW_ASO","IndicatorDetail":{"NewAsoDetail":
{"Aso":"T-MOBILE-AS21928","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_ASO","IndicatorDetail":{"NewAsoDetail":
{"Aso":"TWC-20001-PACWEST","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_ASO","IndicatorDetail":{"NewAsoDetail":
{"Aso":"AMAZON-AES","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_ASO","IndicatorDetail":{"NewAsoDetail":
{"Aso":"AMAZON-02","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"Mozilla/5.0 (iPhone; CPU iPhone
OS 18
3
_
_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko)
Version/18.3.1 Mobile/15E148 Safari/
604.1","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"aws-sdk-go/1.55.6 (go1.23.6; linux;
amd64) moontide-service","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"aws-internal/3 aws-sdk-java/
1.12.781 Linux/5.10.234-206.910.amzn2int.x86_64 OpenJDK_
64-
Bit
Server
_
_VM/17.0.14+8-LTS java/1.8.0_442 vendor/N/A cfg/retry-mode/
standard m/P","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"aws-internal/3 aws-sdk-java/
1.12.781 Linux/5.10.234-205.895.amzn2int.x86_64 OpenJDK_
64-
Bit
Server
_
_VM/17.0.14+8-LTS java/1.8.0_442 vendor/N/A cfg/retry-mode/
standard m/P","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"AWS
Internal","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"aws-sdk-java/2.30.28 md/io
md/http ua/2.1 os/
Linux #5.10.234-225.895.amzn2.x86
_64 lang/java #17.0.14 md/
OpenJDK_
64-Bit
Server
_
_VM #17.0.14+8-LTS md/
vendor .com
_Inc. md/en_US exec-env/AWS_
ECS
_FARGATE cfg/
auth-source m/D","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"aws-sdk-java/2.30.28 md/io
md/http md/internal ua/2.1 os/
Linux #5.10.234-225.895.amzn2.x86
_64 lang/java #17.0.14 md/
OpenJDK_
64-Bit
Server
_
_VM #17.0.14+8-LTS md/
vendor .com
_Inc. md/en_US exec-env/AWS_
ECS
_FARGATE cfg/
auth-source m/E","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"aws-internal/account-
settings","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"aws-internal/3 cfg/retry-mode/
legacy","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"[Mozilla/5.0 (iPhone; CPU iPhone
OS 18
3
_
_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko)
Version/18.3.1 Mobile/15E148 Safari/
604.1]","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":
{"UserAgent":"mobileconsole.amazonaws.com","IsNewForEntireAccount":
true}}},{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"Java/
1.8.0
_442","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"AWSBFF BFFiOS/3.9.4.210309
Mobile iOS/18.3.2 iPhone14,7","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":
{"UserAgent":"signin.amazonaws.com","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":
{"UserAgent":"sso.amazonaws.com","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"AWS
Internal","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"Mozilla/5.0 (iPhone; CPU iPhone
OS 18
3
_
_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko)
Version/18.3.1 Mobile/15E148 Safari/
604.1","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":
{"UserAgent":"securityhub.amazonaws.com","IsNewForEntireAccount":tru
e}}},{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":
{"UserAgent":"iam.amazonaws.com","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":{"UserAgent":"ssm-
quicksetup.amazonaws.com","IsNewForEntireAccount":true}}},
{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":
{"UserAgent":"guardduty.amazonaws.com","IsNewForEntireAccount":true
}}},{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":
{"UserAgent":"cloudformation.amazonaws.com","IsNewForEntireAccount"
:true}}},{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":
{"UserAgent":"apigateway.amazonaws.com","IsNewForEntireAccount":tru
e}}},{"IndicatorType":"NEW_
USER
_AGENT","IndicatorDetail":
{"NewUserAgentDetail":
{"UserAgent":"supportrecommendations.amazonaws.com","IsNewForEnti
reAccount":true}}},{"IndicatorType":"TTP _OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
Snapshots","APISuccessCount":5,"APIFailureCount":0}}},
{"IndicatorType":"TTP _OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beNetworkAcls","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP _OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"cloudfront:
ListDistributions","APISuccessCount":6,"APIFailureCount":0}}},
{"IndicatorType":"TTP _OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"72.130.67.155","APIName":"iam:ListPol
icies","APISuccessCount":16,"APIFailureCount":0}}},
{"IndicatorType":"TTP _OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"ec2:Descri
beVpcEndpoints","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
VpnConnections","APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Impact","Technique":"IAM Principal
Destruction","Procedure":"Delete IAM
Principal","IpAddress":"172.59.56.122","APIName":"iam:DeleteRole","APIS
uccessCount":10,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"ec2:Descri
beInstances","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"iam:ListPol
icies","APISuccessCount":86,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
LaunchTemplates","APISuccessCount":5,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Collection","Technique":"Authentication
Discovery","Procedure":"IAM Principal Authentication
Discovery","IpAddress":"172.59.56.240","APIName":"iam:GenerateCreden
tialReport","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:GetAcco
untPasswordPolicy","APISuccessCount":1,"APIFailureCount":1}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Impact","IpAddress":"172.59.56.240","APIName":"cloudshell:Cr
eateEnvironment","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Defense
Evasion","IpAddress":"172.59.57.4","APIName":"cloudtrail:PutEventSelect
ors","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Initial
Access","IpAddress":"172.59.56.240","APIName":"cloudshell:CreateSessi
on","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
Subnets","APISuccessCount":19,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"shield:Des
cribeSubscription","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Impact","IpAddress":"172.59.57.4","APIName":"ec2:EnableSeria
lConsoleAccess","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
Vpcs","APISuccessCount":38,"APIFailureCount":2}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"shield:Get
SubscriptionState","APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"ec2:Descri
beNetworkAcls","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:ListRoles
","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"Authentication
Discovery","Procedure":"IAM Principal Authentication
Discovery","IpAddress":"172.59.56.240","APIName":"iam:GenerateCreden
tialReport","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:ListPol
icyVersions","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:ListOp
enIDConnectProviders","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:ListPolici
es","APISuccessCount":107,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"iam:GetPo
licy","APISuccessCount":6,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"iam:ListIns
tanceProfilesForRole","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:ListInsta
nceProfilesForRole","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"Account Name Configuration
Discovery","IpAddress":"172.59.56.192","APIName":"iam:ListAccountAlias
es","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Authorization Discovery","Procedure":" IAM Principal Authorization
Discovery","IpAddress":"172.59.56.122","APIName":"iam:ListAccessKeys",
"APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:ListPol
icies","APISuccessCount":16,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:ListSAM
LProviders","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Impact","IpAddress":"172.59.57.4","APIName":"iam:EnableMFA
Device","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"iam:GetPol
icy","APISuccessCount":26,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Impact","Technique":"IAM Principal
Manipulation","Procedure":"Delete Identity Based
Policies","IpAddress":"172.59.56.192","APIName":"iam:DeleteRolePolicy","
APISuccessCount":8,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.42","APIName":"guardduty:L
istMembers","APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"Account Name Configuration
Discovery","IpAddress":"172.59.56.122","APIName":"iam:ListAccountAlias
es","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"Account Name Configuration
Discovery","IpAddress":"172.59.56.240","APIName":"iam:ListAccountAlias
es","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"72.130.67.155","APIName":"ec2:Descri
beInstances","APISuccessCount":23,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"ec2:Descri
beRouteTables","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"iam:ListRo
lePolicies","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
Instances","APISuccessCount":11,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Authorization Discovery","Procedure":" IAM Principal Authorization
Discovery","IpAddress":"172.59.56.240","APIName":"iam:ListAccessKeys",
"APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:ListOpen
IDConnectProviders","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
VpcPeeringConnections","APISuccessCount":12,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"iam:ListUs
ers","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Authorization Discovery","Procedure":" IAM Principal Authorization
Discovery","IpAddress":"172.59.57.4","APIName":"iam:ListAccessKeys","A
PISuccessCount":5,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:GetSerial
ConsoleAccessStatus","APISuccessCount":3,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.42","APIName":"guardduty:L
istFindings","APISuccessCount":11,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"Account IAM Entities Usage
Discovery","IpAddress":"172.59.58.215","APIName":"iam:GetAccountSum
mary","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
NetworkAcls","APISuccessCount":17,"APIFailureCount":3}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
AccountAttributes","APISuccessCount":17,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"ec2:Descri
beNatGateways","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"IAM Principal Membership
Discovery","IpAddress":"172.59.56.192","APIName":"iam:ListGroups","API
SuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:GetPol
icy","APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
SecurityGroups","APISuccessCount":22,"APIFailureCount":1}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
Addresses","APISuccessCount":5,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"iam:GetAc
countPasswordPolicy","APISuccessCount":0,"APIFailureCount":3}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:GetPolic
y","APISuccessCount":10,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Authorization Discovery","Procedure":" IAM Principal Authorization
Discovery","IpAddress":"172.59.58.215","APIName":"iam:ListAccessKeys",
"APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Initial Access","Technique":"Valid Cloud
Credentials","Procedure":"Console
Login","IpAddress":"172.59.59.167","APIName":"signin:ConsoleLogin","API
SuccessCount":0,"APIFailureCount":1}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Impact","Technique":"IAM Principal
Manipulation","Procedure":"Change IAM Principal
Permissions","IpAddress":"172.59.56.192","APIName":"iam:PutRolePolicy",
"APISuccessCount":10,"APIFailureCount":4}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:ListRol
es","APISuccessCount":7,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
NatGateways","APISuccessCount":12,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Persistence","IpAddress":"172.59.57.4","APIName":"cloudtrail:C
reateTrail","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Persistence","Technique":"IAM
Principal Manipulation","Procedure":"Change IAM Principal
Permissions","IpAddress":"172.59.56.192","APIName":"iam:PutRolePolicy",
"APISuccessCount":10,"APIFailureCount":4}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:ListMFA
Devices","APISuccessCount":3,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"iam:GetRo
le","APISuccessCount":11,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:ListPolic
yVersions","APISuccessCount":6,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:GetRol
e","APISuccessCount":25,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"ec2:Descri
beAddresses","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
InstanceStatus","APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"shield:Get
SubscriptionState","APISuccessCount":3,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"72.130.67.155","APIName":"ec2:Descri
beVpcs","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.42","APIName":"iam:ListRole
s","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beAddresses","APISuccessCount":6,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Initial Access","Technique":"Valid Cloud
Credentials","Procedure":"Console
Login","IpAddress":"172.59.59.83","APIName":"signin:ConsoleLogin","API
SuccessCount":0,"APIFailureCount":1}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Impact","IpAddress":"172.59.57.4","APIName":"s3:PutBucketPol
icy","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"ec2:Descri
beNetworkInterfaces","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beVolumes","APISuccessCount":3,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Privilege Escalation","Technique":"IAM
Principal Manipulation","Procedure":"Delete Identity Based
Policies","IpAddress":"172.59.56.192","APIName":"iam:DeleteRolePolicy","
APISuccessCount":8,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:ListRol
ePolicies","APISuccessCount":10,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
Images","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
VpnGateways","APISuccessCount":10,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beRouteTables","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"inspector:
ListRulesPackages","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beKeyPairs","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beVpcEndpoints","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Initial Access","Technique":"Valid Cloud
Credentials","Procedure":"Console
Login","IpAddress":"172.59.56.192","APIName":"signin:ConsoleLogin","API
SuccessCount":3,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"ec2:Descri
beSubnets","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:ListIns
tanceProfilesForRole","APISuccessCount":10,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Impact","IpAddress":"172.59.57.42","APIName":"cloudshell:Cre
ateEnvironment","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Impact","IpAddress":"172.59.57.4","APIName":"ec2:RevokeSecu
rityGroupIngress","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
Volumes","APISuccessCount":5,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"iam:GetRol
ePolicy","APISuccessCount":8,"APIFailureCount":8}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beVpcPeeringConnections","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Impact","Technique":"IAM Principal
Manipulation","Procedure":"Change IAM Principal
Permissions","IpAddress":"172.59.56.192","APIName":"iam:DetachRolePoli
cy","APISuccessCount":11,"APIFailureCount":4}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"Account IAM Entities Usage
Discovery","IpAddress":"172.59.56.122","APIName":"iam:GetAccountSum
mary","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"Account IAM Entities Usage
Discovery","IpAddress":"172.59.57.4","APIName":"iam:GetAccountSumma
ry","APISuccessCount":16,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Impact","Technique":"IAM Principal
Manipulation","Procedure":"Change IAM Principal
Permissions","IpAddress":"172.59.56.122","APIName":"iam:DetachRolePoli
cy","APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:GetCred
entialReport","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
KeyPairs","APISuccessCount":3,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"Account IAM Entities Usage
Discovery","IpAddress":"172.59.56.192","APIName":"iam:GetAccountSum
mary","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Impact","IpAddress":"172.59.56.192","APIName":"cloudshell:Cr
eateEnvironment","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Privilege Escalation","Technique":"IAM
Principal Manipulation","Procedure":"Change IAM Principal
Permissions","IpAddress":"172.59.56.192","APIName":"iam:DetachRolePoli
cy","APISuccessCount":11,"APIFailureCount":4}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beSubnets","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beInstances","APISuccessCount":3,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.42","APIName":"guardduty:
GetMasterAccount","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"iam:ListAtt
achedRolePolicies","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"cloudfront
:ListDistributions","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Privilege Escalation","Technique":"IAM
Principal Manipulation","Procedure":"Change IAM Principal
Permissions","IpAddress":"172.59.56.122","APIName":"iam:DetachRolePoli
cy","APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"ec2:Descri
beSecurityGroups","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.42","APIName":"guardduty:L
istDetectors","APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"iam:ListRo
les","APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:GetPolic
yVersion","APISuccessCount":5,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"iam:ListUs
ers","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"Account IAM Entities Usage
Discovery","IpAddress":"172.59.56.240","APIName":"iam:GetAccountSum
mary","APISuccessCount":26,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"ec2:Descri
beVpcs","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beNatGateways","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Initial
Access","IpAddress":"172.59.57.42","APIName":"cloudshell:CreateSession
","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:GetPol
icyVersion","APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Authorization Discovery","Procedure":" IAM Principal Authorization
Discovery","IpAddress":"172.59.56.192","APIName":"iam:ListAccessKeys",
"APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"iam:GetRol
e","APISuccessCount":41,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Privilege Escalation","Technique":"IAM
Principal Manipulation","Procedure":"Change IAM Principal
Permissions","IpAddress":"172.59.56.192","APIName":"iam:PutRolePolicy",
"APISuccessCount":10,"APIFailureCount":4}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"elasticload
balancing:DescribeLoadBalancers","APISuccessCount":10,"APIFailureCou
nt":0}}},{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:ListSA
MLProviders","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"elasticloadba
lancing:DescribeLoadBalancers","APISuccessCount":6,"APIFailureCount":
0}}},{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beSecurityGroups","APISuccessCount":3,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Initial Access","Technique":"Valid Cloud
Credentials","Procedure":"Console
Login","IpAddress":"172.59.57.42","APIName":"signin:ConsoleLogin","APIS
uccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"72.130.67.155","APIName":"shield:Get
SubscriptionState","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"iam:GetPol
icyVersion","APISuccessCount":30,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
RouteTables","APISuccessCount":17,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"Account Name Configuration
Discovery","IpAddress":"172.59.58.215","APIName":"iam:ListAccountAlias
es","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"iam:ListIns
tanceProfilesForRole","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"Account Name Configuration
Discovery","IpAddress":"172.59.57.4","APIName":"iam:ListAccountAliases"
,"APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"iam:GetCr
edentialReport","APISuccessCount":1,"APIFailureCount":1}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beNetworkInterfaces","APISuccessCount":3,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:ListAtt
achedRolePolicies","APISuccessCount":10,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"72.130.67.155","APIName":"iam:GetRol
e","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"iam:ListAtt
achedRolePolicies","APISuccessCount":45,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"ec2:Descri
beVpcs","APISuccessCount":5,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"iam:ListPo
licyVersions","APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
NetworkInterfaces","APISuccessCount":5,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"iam:ListRol
ePolicies","APISuccessCount":45,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"iam:ListMF
ADevices","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Initial
Access","IpAddress":"172.59.56.192","APIName":"cloudshell:CreateSessio
n","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"iam:ListPo
licies","APISuccessCount":78,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"72.130.67.155","APIName":"ec2:Descri
beKeyPairs","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.244","APIName":"iam:GetRol
e","APISuccessCount":0,"APIFailureCount":1}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
Hosts","APISuccessCount":3,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"72.130.67.155","APIName":"iam:ListRol
es","APISuccessCount":3,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"shield:Des
cribeSubscription","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Initial Access","Technique":"Valid Cloud
Credentials","Procedure":"Console
Login","IpAddress":"172.59.57.4","APIName":"signin:ConsoleLogin","APISu
ccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"IAM Principal Membership
Discovery","IpAddress":"172.59.57.4","APIName":"iam:ListGroups","APISu
ccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Initial Access","Technique":"Valid Cloud
Credentials","Procedure":"Console
Login","IpAddress":"172.59.58.215","APIName":"signin:ConsoleLogin","API
SuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
VpcEndpoints","APISuccessCount":11,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:ListAttac
hedRolePolicies","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"Instance Profile
Discovery","IpAddress":"72.130.67.155","APIName":"iam:ListInstanceProfil
es","APISuccessCount":2,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Discovery","Technique":"IAM
Discovery","Procedure":"IAM Principal Membership
Discovery","IpAddress":"172.59.56.240","APIName":"iam:ListGroups","API
SuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.192","APIName":"iam:ListRol
es","APISuccessCount":6,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":{"Tactic":"Persistence","Technique":"IAM
Password Policy Manipulation","Procedure":"Change Account Password
Policy","IpAddress":"172.59.57.4","APIName":"iam:UpdateAccountPasswo
rdPolicy","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"ec2:Descri
beVpcPeeringConnections","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"iam:GetRole",
"APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"72.130.67.155","APIName":"eks:ListClu
sters","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP_OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.57.4","APIName":"ec2:Describe
CustomerGateways","APISuccessCount":4,"APIFailureCount":0}}},
{"IndicatorType":"TTP _OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"iam:GetPo
licyVersion","APISuccessCount":3,"APIFailureCount":0}}},
{"IndicatorType":"TTP _OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:ListUs
ers","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP _OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.240","APIName":"ec2:Descri
beVolumes","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"TTP _OBSERVED","IndicatorDetail":
{"TTPsObservedDetail":
{"Tactic":"Discovery","IpAddress":"172.59.56.122","APIName":"iam:GetAc
countPasswordPolicy","APISuccessCount":1,"APIFailureCount":0}}},
{"IndicatorType":"RELATED_FINDING","IndicatorDetail":
{"RelatedFindingDetail":{"Arn":"arn:aws:guardduty:us-
east-1:442042525312:detector/16cace83cc25f5444b5bf3a958545efe/
finding/f8cace86c829bac06416f64d1d71ba6e","Type":"TTPs/
Policy:IAMUser-RootCredentialUsage"}}}]}

Address

682 Gatesville Road
Paia, HI
46160

Telephone

(808) 344-9489

Website

http://galapagosllc.com/

Alerts

Be the first to know and let us send you an email when Maui Easy Riders posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Shortcuts

Share

Category