Fortifying Your Cloud Against Cross-Service Confused Deputy Attacks

This report describes Cross-Service Confused Deputy attacks in AWS—particularly how ELB and other services can be abused via overly permissive S3 bucket policies to write (and potentially manipulate) logs in a victim's bucket—provides an attack path, maps to MITRE ATT&CK techniques, outlines impacts such as log integrity loss and compliance risk, and recommends mitigations like strict resource ARNs, aws:SourceAccount conditions, encryption, object lock, and monitoring.