{"Findings":[{"Id":"gd-LAB-0001","Severity":9.0,"Type":"UnauthorizedAccess:IAMUser/ConsoleLoginSuccess.B","Resource":{"AccessKeyDetails":{"UserName":"intern.summer2025"}},"Service":{"Action":{"AwsApiCallAction":{"Api":"ConsoleLogin","RemoteIpDetails":{"IpAddressV4":"185.220.101.7","Country":{"CountryName":"Tor exit"}}}}}},{"Id":"gd-LAB-0002","Severity":8.0,"Type":"Discovery:S3/MaliciousIPCaller","Resource":{"S3BucketDetails":[{"Name":"keensafe-private-backups-eu-west-1"}]},"Service":{"Action":{"AwsApiCallAction":{"Api":"ListObjects","RemoteIpDetails":{"IpAddressV4":"185.220.101.7"}}}}},{"Id":"gd-LAB-0003","Severity":7.0,"Type":"PrivilegeEscalation:IAMUser/AdministrativePermissions","Resource":{"AccessKeyDetails":{"UserName":"intern.summer2025"}},"Service":{"Action":{"AwsApiCallAction":{"Api":"AttachUserPolicy"}}}},{"Id":"gd-LAB-0004","Severity":5.0,"Type":"Trojan:EC2/DGADomainRequest.B","Resource":{"InstanceDetails":{"InstanceId":"i-0a1b2c3d4e5f60718"}}},{"Id":"gd-LAB-0005","Severity":8.0,"Type":"CredentialAccess:Kubernetes/MaliciousIPCaller","Resource":{"KubernetesDetails":{"KubernetesWorkloadDetails":{"Namespace":"keensafe-bank","Name":"internet-banking-7d4b9c-x8m2k"}}}}]}