AWS SNS Topic modified to allow public access
Description
AlphaSOC detected that an AWS Simple Notification Service (SNS) Topic was modified to allow public access. Allowing public access to these topics potentially discloses sensitive information or messaging infrastructure to adversaries.
Impact
Public access to an AWS SNS Topic enables threat actors to intercept sensitive communications and manipulate message content. This exposure may lead to data leaks, reputational damage, and regulatory compliance violations. The compromised messaging infrastructure can serve as a stepping stone for further attacks in the AWS environment.
Severity
| Severity | Condition |
|---|---|
Medium | SNS Topic made publicly accessible |
Investigation and Remediation
Review the SNS Topic's access policy and revert any unauthorized changes. Investigate the AWS CloudTrail logs to identify the user or role responsible for the modification and the exact changes made. Check for any suspicious subscriptions or published messages during the exposure period.