These risk actors had been then able to steal AWS session tokens, the non permanent keys that assist you to ask for short term credentials to your employer??s AWS account. By hijacking active tokens, the attackers ended up in a position to bypass MFA controls and acquire usage of Safe and sound