🔴 Filling up the DagBag: Privilege Escalation in Google Cloud Composer
An attacker that has write access to the Cloud Composer environment's dedicated bucket can gain command execution in the Composer environment.
https://www.netspi.com/blog/technical-blog/cloud-pentesting/privilege-escalation-google-cloud-composer/
#gcp
An attacker that has write access to the Cloud Composer environment's dedicated bucket can gain command execution in the Composer environment.
https://www.netspi.com/blog/technical-blog/cloud-pentesting/privilege-escalation-google-cloud-composer/
#gcp
👍2❤1🔥1
🔶 Implement effective data authorization mechanisms to secure your data used in generative AI applications
Post walking through the risks associated with using sensitive data as part of fine-tuning for FMs, retrieval augmented generation (RAG), AI agents, and tooling with generative AI workloads.
https://aws.amazon.com/ru/blogs/security/implement-effective-data-authorization-mechanisms-to-secure-your-data-used-in-generative-ai-applications/
(Use VPN to open from Russia)
#aws
Post walking through the risks associated with using sensitive data as part of fine-tuning for FMs, retrieval augmented generation (RAG), AI agents, and tooling with generative AI workloads.
https://aws.amazon.com/ru/blogs/security/implement-effective-data-authorization-mechanisms-to-secure-your-data-used-in-generative-ai-applications/
(Use VPN to open from Russia)
#aws
👍2❤1🔥1
🔶 Unauthorized tactic spotlight: Initial access through a third-party identity provider
Some of the recent techniques used by threat actors that leverage specific customer configurations or design to make unauthorized use of resources within an AWS account.
https://aws.amazon.com/ru/blogs/security/unauthorized-tactic-spotlight-initial-access-through-a-third-party-identity-provider/
(Use VPN to open from Russia)
#aws
Some of the recent techniques used by threat actors that leverage specific customer configurations or design to make unauthorized use of resources within an AWS account.
https://aws.amazon.com/ru/blogs/security/unauthorized-tactic-spotlight-initial-access-through-a-third-party-identity-provider/
(Use VPN to open from Russia)
#aws
👍4❤1🔥1
🔶 How AWS enforcement code logic evaluates requests to allow or deny access
AWS updated the IAM policy evaluation chart.
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic_policy-eval-denyallow.html
(Use VPN to open from Russia)
#aws
AWS updated the IAM policy evaluation chart.
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic_policy-eval-denyallow.html
(Use VPN to open from Russia)
#aws
👍2❤1🔥1
Microsoft has recently published a Graph API that allows administrators to pre-provision passkeys for users. From an offensive security point of view this raises the question whether this functionality can be abused to take over accounts.
https://www.secura.com/services/information-technology/vapt/what-can-be-pentested/cloud-pentesting/abusing-fido2-passkeys
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2❤1🔥1
The general availability of the Bastion Developer SKU, virtual network encryption, and the public preview of DNSSEC support in Azure.
https://azure.microsoft.com/en-us/blog/unlocking-the-future-azure-networking-updates-on-security-reliability-and-high-availability/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2❤1🔥1
🔶 Peek inside your AWS CloudFormation Deployments with timeline view
The new CloudFormation deployment timeline view provides visibility into the orchestration flow and dependencies involved when CloudFormation provisions resources defined in your infrastructure-as-code templates.
https://aws.amazon.com/ru/blogs/devops/peek-inside-your-aws-cloudformation-deployments-with-timeline-view/
(Use VPN to open from Russia)
#aws
The new CloudFormation deployment timeline view provides visibility into the orchestration flow and dependencies involved when CloudFormation provisions resources defined in your infrastructure-as-code templates.
https://aws.amazon.com/ru/blogs/devops/peek-inside-your-aws-cloudformation-deployments-with-timeline-view/
(Use VPN to open from Russia)
#aws
👍2❤1🔥1
🔴 A new flexible DNS-based approach for accessing the GKE control plane
A new DNS-based endpoint for GKE clusters provides enhanced flexibility when accessing the control plane and configuring security.
https://cloud.google.com/blog/products/containers-kubernetes/new-dns-based-endpoint-for-the-gke-control-plane/
(Use VPN to open from Russia)
#gcp
A new DNS-based endpoint for GKE clusters provides enhanced flexibility when accessing the control plane and configuring security.
https://cloud.google.com/blog/products/containers-kubernetes/new-dns-based-endpoint-for-the-gke-control-plane/
(Use VPN to open from Russia)
#gcp
👍2❤1🔥1
🔶 Securing AWS Lambda - How Misconfigurations Can Lead to Lateral Movement
How several misconfigurations and user-defined code issues in AWS Lambda could lead to potential credential theft and lateral movement.
https://www.sentinelone.com/blog/lateral-movement-in-aws-lambda-environments/
#aws
How several misconfigurations and user-defined code issues in AWS Lambda could lead to potential credential theft and lateral movement.
https://www.sentinelone.com/blog/lateral-movement-in-aws-lambda-environments/
#aws
👍3❤1🔥1
🔴 Sketchy Cheat Sheet - Story of a Cloud Architecture Diagramming Tool gone wrong
A series of vulnerabilities found in Google's Architecture Diagramming Tool, leading to its eventual decommissioning due to security concerns.
https://jdomeracki.github.io/2024/11/09/sketchy_cheat_sheet/
#gcp
A series of vulnerabilities found in Google's Architecture Diagramming Tool, leading to its eventual decommissioning due to security concerns.
https://jdomeracki.github.io/2024/11/09/sketchy_cheat_sheet/
#gcp
❤1👍1🔥1
Post sharing a few inconsistencies found in Azure logs which make detection engineering more challenging.
https://tracebit.com/blog/azure-detection-engineering-log-idiosyncrasies-you-should-know-about
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥2❤1👍1
🔶 Resource Control Policies: Closing the data perimeter gap
This post explores this new feature, how it helps, what its limits are, and what we might see in the future.
https://onecloudplease.com/blog/resource-control-policies-closing-the-data-perimeter-gap
#aws
This post explores this new feature, how it helps, what its limits are, and what we might see in the future.
https://onecloudplease.com/blog/resource-control-policies-closing-the-data-perimeter-gap
#aws
👍2❤1👏1
🔴 Shift-left your cloud compliance auditing with Audit Manager
Google announced that their Audit Manager service, which can digitize and help streamline the compliance auditing process, is now generally available.
https://cloud.google.com/blog/products/identity-security/shift-left-your-cloud-compliance-auditing-with-audit-manager/
#gcp
Google announced that their Audit Manager service, which can digitize and help streamline the compliance auditing process, is now generally available.
https://cloud.google.com/blog/products/identity-security/shift-left-your-cloud-compliance-auditing-with-audit-manager/
#gcp
👍2❤1🔥1
🔶 Stop Using Predictable Bucket Names: A Failed Attempt at Hacking Satellites
This blog discusses the security risks of S3 bucket namesquatting in AWS, where attackers could potentially exploit predictable bucket naming patterns.
https://www.securityrunners.io/post/stop-using-predictable-bucket-names-a-failed-attempt-at-hacking-satellites
#aws
This blog discusses the security risks of S3 bucket namesquatting in AWS, where attackers could potentially exploit predictable bucket naming patterns.
https://www.securityrunners.io/post/stop-using-predictable-bucket-names-a-failed-attempt-at-hacking-satellites
#aws
🔥2❤1👍1
🔶 Creating a Data Perimeter with Resource Control Policies (RCPs) and AWS KMS
Post which analyses Resource Control Policies, explains the benefits of RCPs vs SCPs, and gives 5 examples of how to use RCPs to build a multi-layered data perimeter to protect data.
https://www.fogsecurity.io/blog/data-perimeters-with-resource-control-policies-and-aws-kms
#aws
Post which analyses Resource Control Policies, explains the benefits of RCPs vs SCPs, and gives 5 examples of how to use RCPs to build a multi-layered data perimeter to protect data.
https://www.fogsecurity.io/blog/data-perimeters-with-resource-control-policies-and-aws-kms
#aws
👍2❤1🔥1
🔶 How to use AWS Resource Control Policies
Another article, this time from Wiz, looking at the newly introduced RCPs.
https://www.wiz.io/blog/how-to-use-aws-resource-control-policies
#aws
Another article, this time from Wiz, looking at the newly introduced RCPs.
https://www.wiz.io/blog/how-to-use-aws-resource-control-policies
#aws
👍2❤1🔥1
🔶 Hands-On Security Tips For Centralize Root Access In AWS
AWS has recently introduced a centralized root access management feature for AWS Organizations. This blog covers why this is important, how it changes root access management, and tips for how to handle this new feature.
https://medium.com/@oraspir/hands-on-security-tips-for-centralize-root-access-in-aws-assumeroot-5d315de423cd
#aws
AWS has recently introduced a centralized root access management feature for AWS Organizations. This blog covers why this is important, how it changes root access management, and tips for how to handle this new feature.
https://medium.com/@oraspir/hands-on-security-tips-for-centralize-root-access-in-aws-assumeroot-5d315de423cd
#aws
👍2❤1🔥1
🔶 Secure root user access for member accounts in AWS Organizations
How you can centrally manage root credentials and perform tasks that previously required root credentials across member accounts in your organization.
https://aws.amazon.com/ru/blogs/security/secure-root-user-access-for-member-accounts-in-aws-organizations/
#aws
How you can centrally manage root credentials and perform tasks that previously required root credentials across member accounts in your organization.
https://aws.amazon.com/ru/blogs/security/secure-root-user-access-for-member-accounts-in-aws-organizations/
#aws
👍2❤1🔥1
🔶 The New PKCE Authentication in AWS SSO Brings Hope (Mostly)
Post taking a closer look at the newly-released PKCE support for AWS SSO authentication flows.
https://blog.christophetd.fr/pkce-aws-sso/
#aws
Post taking a closer look at the newly-released PKCE support for AWS SSO authentication flows.
https://blog.christophetd.fr/pkce-aws-sso/
#aws
👍2❤1🔥1
🔶 New AWS Security Incident Response helps organizations respond to and recover from security events
AWS introduced a new service to streamline security event response, providing automated triage, coordinated communication, and expert guidance to recover from cybersecurity threats.
https://aws.amazon.com/ru/blogs/aws/new-aws-security-incident-response-helps-organizations-respond-to-and-recover-from-security-events/
(Use VPN to open from Russia)
#aws
AWS introduced a new service to streamline security event response, providing automated triage, coordinated communication, and expert guidance to recover from cybersecurity threats.
https://aws.amazon.com/ru/blogs/aws/new-aws-security-incident-response-helps-organizations-respond-to-and-recover-from-security-events/
(Use VPN to open from Russia)
#aws
👍2❤1🔥1
🔶 Introducing Amazon GuardDuty Extended Threat Detection: AI/ML attack sequence identification for enhanced cloud security
AWS extends GuardDuty with AI/ML capabilities to detect complex attack sequences across workloads, applications, and data, correlating multiple security signals over time for proactive cloud security.
https://aws.amazon.com/ru/blogs/aws/introducing-amazon-guardduty-extended-threat-detection-aiml-attack-sequence-identification-for-enhanced-cloud-security/
(Use VPN to open from Russia)
#aws
AWS extends GuardDuty with AI/ML capabilities to detect complex attack sequences across workloads, applications, and data, correlating multiple security signals over time for proactive cloud security.
https://aws.amazon.com/ru/blogs/aws/introducing-amazon-guardduty-extended-threat-detection-aiml-attack-sequence-identification-for-enhanced-cloud-security/
(Use VPN to open from Russia)
#aws
👍2🔥2❤1