🔶 New AWS Security Incident Response helps organizations respond to and recover from security events
AWS introduced a new service to streamline security event response, providing automated triage, coordinated communication, and expert guidance to recover from cybersecurity threats.
https://aws.amazon.com/ru/blogs/aws/new-aws-security-incident-response-helps-organizations-respond-to-and-recover-from-security-events/
(Use VPN to open from Russia)
#aws
AWS introduced a new service to streamline security event response, providing automated triage, coordinated communication, and expert guidance to recover from cybersecurity threats.
https://aws.amazon.com/ru/blogs/aws/new-aws-security-incident-response-helps-organizations-respond-to-and-recover-from-security-events/
(Use VPN to open from Russia)
#aws
👍2❤1🔥1
🔶 Introducing Amazon GuardDuty Extended Threat Detection: AI/ML attack sequence identification for enhanced cloud security
AWS extends GuardDuty with AI/ML capabilities to detect complex attack sequences across workloads, applications, and data, correlating multiple security signals over time for proactive cloud security.
https://aws.amazon.com/ru/blogs/aws/introducing-amazon-guardduty-extended-threat-detection-aiml-attack-sequence-identification-for-enhanced-cloud-security/
(Use VPN to open from Russia)
#aws
AWS extends GuardDuty with AI/ML capabilities to detect complex attack sequences across workloads, applications, and data, correlating multiple security signals over time for proactive cloud security.
https://aws.amazon.com/ru/blogs/aws/introducing-amazon-guardduty-extended-threat-detection-aiml-attack-sequence-identification-for-enhanced-cloud-security/
(Use VPN to open from Russia)
#aws
👍2🔥2❤1
🔴 sftp-gcs
An implementation of an SFTP to Google Cloud Storage bridge.
https://github.com/kolban-google/sftp-gcs
#gcp
An implementation of an SFTP to Google Cloud Storage bridge.
https://github.com/kolban-google/sftp-gcs
#gcp
👍2❤1🔥1
🔶 AWS Clean Rooms now supports multiple clouds and data sources
With expanded data sources, AWS Clean Rooms helps customers securely collaborate with their partners' data across clouds, eliminating data movement, safeguarding sensitive information, promoting data freshness, and streamlining cross-company insights.
https://aws.amazon.com/ru/blogs/aws/aws-clean-rooms-now-supports-multiple-clouds-and-data-sources/
(Use VPN to open from Russia)
#aws
With expanded data sources, AWS Clean Rooms helps customers securely collaborate with their partners' data across clouds, eliminating data movement, safeguarding sensitive information, promoting data freshness, and streamlining cross-company insights.
https://aws.amazon.com/ru/blogs/aws/aws-clean-rooms-now-supports-multiple-clouds-and-data-sources/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶🔷🔴 How Adversaries Abuse Serverless Services to Harvest Sensitive Data from Environment Variables
How threat actors can exploit sensitive data stored in serverless environment variables in AWS, Azure, GCP and Kubernetes, and the use of cloud-offensive tools for this purpose.
https://permiso.io/blog/how-adversaries-abuse-serverless-services-to-harvest-sensitive-data-from-environment-variables
#aws #azure #gcp
How threat actors can exploit sensitive data stored in serverless environment variables in AWS, Azure, GCP and Kubernetes, and the use of cloud-offensive tools for this purpose.
https://permiso.io/blog/how-adversaries-abuse-serverless-services-to-harvest-sensitive-data-from-environment-variables
#aws #azure #gcp
🔥2❤1👍1
🔶 Exploring AWS STS AssumeRoot
A post from the Elastic team exploring AWS STS AssumeRoot, its risks, detection strategies, and practical scenarios to secure against privilege escalation and account compromise.
https://www.elastic.co/security-labs/exploring-aws-sts-assumeroot
#aws
A post from the Elastic team exploring AWS STS AssumeRoot, its risks, detection strategies, and practical scenarios to secure against privilege escalation and account compromise.
https://www.elastic.co/security-labs/exploring-aws-sts-assumeroot
#aws
❤1👍1🔥1
Microsoft Azure allows Windows Virtual Machines to join an Entra tenant that differs from the hosting tenant, using an Azure AD VM Extension for domain joining.
https://akingscote.co.uk/posts/microsoft-azure-cross-tenant-vm-domain-join/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2❤1🔥1
This article discusses log poisoning attacks against Microsoft Sentinel, explaining how attackers can manipulate logs to evade detection. It covers attack techniques, potential impacts, and mitigation strategies for defenders to protect their SIEM environments.
https://akingscote.co.uk/posts/microsoft-sentinel-log-poisoning/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥2❤1👍1
🔶 Tales from the cloud trenches: Unwanted visitor
A cloud attack targeting Amazon SES, persistence, and a malicious AWS account ID.
https://securitylabs.datadoghq.com/articles/tales-from-the-cloud-trenches-unwanted-visitor/
#aws
A cloud attack targeting Amazon SES, persistence, and a malicious AWS account ID.
https://securitylabs.datadoghq.com/articles/tales-from-the-cloud-trenches-unwanted-visitor/
#aws
👍2❤1🔥1
🔴 Locking down Cloud Run: Inside Commerzbank's adoption of Custom Org Policies
Commerzbank has adopted Google Cloud's Custom Org Policies to enhance security for its Cloud Run environments, addressing the critical need for robust security in financial services.
https://cloud.google.com/blog/topics/financial-services/commerzbank-cloud-run-custom-org-policies/
#gcp
Commerzbank has adopted Google Cloud's Custom Org Policies to enhance security for its Cloud Run environments, addressing the critical need for robust security in financial services.
https://cloud.google.com/blog/topics/financial-services/commerzbank-cloud-run-custom-org-policies/
#gcp
👍2❤1🔥1
🔶 A practical guide to getting started with policy as code
Post detailing the concepts, processes, and steps to get started with policy as code (PaC) and adopt this into your software development lifecycle.
https://aws.amazon.com/ru/blogs/infrastructure-and-automation/a-practical-guide-to-getting-started-with-policy-as-code/
(Use VPN to open from Russia)
#aws
Post detailing the concepts, processes, and steps to get started with policy as code (PaC) and adopt this into your software development lifecycle.
https://aws.amazon.com/ru/blogs/infrastructure-and-automation/a-practical-guide-to-getting-started-with-policy-as-code/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶 AWS Network Firewall Geographic IP Filtering launch
Geographic IP Filtering is a new feature of Network Firewall that you can use to filter traffic based on geographic location and meet compliance requirements.
https://aws.amazon.com/ru/blogs/security/aws-network-firewall-geographic-ip-filtering-launch/
(Use VPN to open from Russia)
#aws
Geographic IP Filtering is a new feature of Network Firewall that you can use to filter traffic based on geographic location and meet compliance requirements.
https://aws.amazon.com/ru/blogs/security/aws-network-firewall-geographic-ip-filtering-launch/
(Use VPN to open from Russia)
#aws
❤2👍2🔥1
🔴 Improve your security posture with expanded Custom Org Policy
Administrators can use custom organization policies to set granular resource configurations in order to enhance security posture, address regulatory requirements, and increase operational efficiencies, all without impacting development velocity.
https://cloud.google.com/blog/products/identity-security/announcing-expanded-custom-org-policy-portfolio-of-supported-products/
#gcp
Administrators can use custom organization policies to set granular resource configurations in order to enhance security posture, address regulatory requirements, and increase operational efficiencies, all without impacting development velocity.
https://cloud.google.com/blog/products/identity-security/announcing-expanded-custom-org-policy-portfolio-of-supported-products/
#gcp
❤1👍1🔥1
🔶 A small digest of AWS news:
1️⃣ AWS Control Tower launches managed controls using declarative policies
These policies are a set of new optional controls that help you consistently enforce the desired configuration for a service.
2️⃣ AWS Config now supports a service-linked recorder
AWS Config added support for a service-linked recorder, a new type of AWS Config recorder that is managed by an AWS service and can record configuration data on service-specific resources, such as the new Amazon CloudWatch telemetry configurations audit.
(Use VPN to open from Russia)
#aws
1️⃣ AWS Control Tower launches managed controls using declarative policies
These policies are a set of new optional controls that help you consistently enforce the desired configuration for a service.
2️⃣ AWS Config now supports a service-linked recorder
AWS Config added support for a service-linked recorder, a new type of AWS Config recorder that is managed by an AWS service and can record configuration data on service-specific resources, such as the new Amazon CloudWatch telemetry configurations audit.
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🙂 Dear friends,
this year we have already become more than 2000 people. And this is very cool.
Only thanks to you we will make even cooler content. Thank you very much.
🎉 Happy New Year 2025! We wish you success in your personal life and career. Let's make the new year much better than 2024 together!
#HappyNewYear
this year we have already become more than 2000 people. And this is very cool.
Only thanks to you we will make even cooler content. Thank you very much.
🎉 Happy New Year 2025! We wish you success in your personal life and career. Let's make the new year much better than 2024 together!
#HappyNewYear
👍4❤1🔥1
🔶 hidden-services-revealer
A tool to map hidden services in AWS. It does this by following the triggered events of a user's actions.
https://github.com/tenable/hidden-services-revealer
#aws
A tool to map hidden services in AWS. It does this by following the triggered events of a user's actions.
https://github.com/tenable/hidden-services-revealer
#aws
❤1👍1🔥1
🔶🔴 cloudranger
Go library for mapping IP address ranges to cloud provider regions (currently: AWS and GCP).
https://github.com/planetscale/cloudranger
#aws #gcp
Go library for mapping IP address ranges to cloud provider regions (currently: AWS and GCP).
https://github.com/planetscale/cloudranger
#aws #gcp
👍2❤1🔥1
🔶 safer-scps
Safer AWS Service Control Policies (SCPs) deployments via real-time error monitoring.
https://github.com/matthewdfuller/safer-scps
#aws
Safer AWS Service Control Policies (SCPs) deployments via real-time error monitoring.
https://github.com/matthewdfuller/safer-scps
#aws
❤1👍1🔥1
Azure Key Vault Contributors are not allowed access to Key Vault keys, certificates, and secrets. But did you know they can still gain access to this sensitive data? This post will cover a privilege escalation vector to access data in key vaults using the access policy permissions model.
https://securitylabs.datadoghq.com/articles/escalating-privileges-to-read-secrets-with-azure-key-vault-access-policies/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2❤1🔥1
🔴 The dark cloud around GCP service accounts
Why does this service account still have access even though I deleted its service account key?
https://redcanary.com/blog/threat-detection/gcp-service-accounts/
#gcp
Why does this service account still have access even though I deleted its service account key?
https://redcanary.com/blog/threat-detection/gcp-service-accounts/
#gcp
❤1👍1🔥1
🔶 Hat Trick: AWS introduced same RCE vulnerability three times in four years
Amazon has introduced the same dependency confusion issue at least on 3 separate occasions when adding new packages to the Neuron SDK registry.
https://giraffesecurity.dev/posts/amazon-hat-trick/
#aws
Amazon has introduced the same dependency confusion issue at least on 3 separate occasions when adding new packages to the Neuron SDK registry.
https://giraffesecurity.dev/posts/amazon-hat-trick/
#aws
❤1👍1🔥1