These risk actors have been then capable to steal AWS session tokens, the short-term keys that permit you to request non permanent credentials towards your employer??s AWS account. By hijacking Lively tokens, the attackers ended up in the position to bypass MFA controls and get entry to Secure