🔶 AWS CodeBuild: Self-Hosted GitHub Action Runners
How to set up AWS CodeBuild for GitHub Action Runners, including configuration steps and integration advantages.
https://kieranlowe.io/implementing-self-hosted-github-action-runners-using-aws-codebuild
#aws
How to set up AWS CodeBuild for GitHub Action Runners, including configuration steps and integration advantages.
https://kieranlowe.io/implementing-self-hosted-github-action-runners-using-aws-codebuild
#aws
❤1👍1🔥1
A (now remediated) vulnerability allowed the Reader role on the AML service to gain write access to these Storage Accounts to ultimately get code execution through Jupyter notebooks.
https://www.netspi.com/blog/technical-blog/cloud-pentesting/hijacking-azure-machine-learning-notebooks/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔶 How to share security telemetry per OU using Amazon Security Lake and AWS Lake Formation
How to extract OU structure and account metadata from your organization and use it to securely share Security Lake data on a per-OU basis across your organization.
https://aws.amazon.com/ru/blogs/security/how-to-share-security-telemetry-per-ou-using-amazon-security-lake-and-aws-lake-formation/
(Use VPN to open from Russia)
#aws
How to extract OU structure and account metadata from your organization and use it to securely share Security Lake data on a per-OU basis across your organization.
https://aws.amazon.com/ru/blogs/security/how-to-share-security-telemetry-per-ou-using-amazon-security-lake-and-aws-lake-formation/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶 How to bypass honeypots in AWS
This post suggests a way to detect and avoid honeypots set up for access key IDs in an AWS environment.
https://tejaszarekar.gitbook.io/tejaszarekar
#aws
This post suggests a way to detect and avoid honeypots set up for access key IDs in an AWS environment.
https://tejaszarekar.gitbook.io/tejaszarekar
#aws
❤1👍1🔥1
This article explains how to use Microsoft Entra ID FIDO2 Provisioning APIs to register YubiKeys on behalf of users. It covers the process, required permissions, and provides code examples for implementing this functionality in applications.
https://janbakker.tech/register-yubikeys-on-behalf-of-your-users-with-microsoft-entra-id-fido2-provisioning-apis/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔶 Terraform S3 Backend Setup: Skip the Table
It is now possible to remove DynamoDB as a dependency, and streamline your S3 backend setup.
https://kieranlowe.io/terraform-s3-backend-setup-skip-the-table
#aws
It is now possible to remove DynamoDB as a dependency, and streamline your S3 backend setup.
https://kieranlowe.io/terraform-s3-backend-setup-skip-the-table
#aws
👍3🔥2❤1
🔴 Securing Grafana on Kubernetes
A step-by-step guide to secure a Grafana deployment on Kubernetes using Google Cloud Identity-Aware Proxy (GCP IAP), Gateway API, and Terraform.
https://www.vidbregar.com/blog/grafana-gcp-iap
#gcp
A step-by-step guide to secure a Grafana deployment on Kubernetes using Google Cloud Identity-Aware Proxy (GCP IAP), Gateway API, and Terraform.
https://www.vidbregar.com/blog/grafana-gcp-iap
#gcp
👍2❤1🔥1
Part 1 of an Intune Attack Paths series, discussing the fundamental components and mechanics of Intune that lead to the emergence of attack paths.
https://posts.specterops.io/intune-attack-paths-part-1-4ad1882c1811
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥2❤1👍1
Azure DevOps can be accessed using multiple 1st party client ids, allowing anyone to pivot from a stolen session to access the repositories.
https://zolder.io/blog/devops-access-is-closer-than-you-assume/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2❤1🔥1
🔴 Introducing BigQuery metastore, a unified metadata service with Apache Iceberg support
BigQuery metastore is a highly scalable runtime metadata service that works with multiple engines, for example, BigQuery, Apache Spark, Apache Hive and Apache Flink, and supports the open Apache Iceberg table format.
https://cloud.google.com/blog/products/data-analytics/introducing-bigquery-metastore-fully-managed-metadata-service/
#gcp
BigQuery metastore is a highly scalable runtime metadata service that works with multiple engines, for example, BigQuery, Apache Spark, Apache Hive and Apache Flink, and supports the open Apache Iceberg table format.
https://cloud.google.com/blog/products/data-analytics/introducing-bigquery-metastore-fully-managed-metadata-service/
#gcp
❤1👍1🔥1
🔴 Unifying Your Cloud Defenses: Security Command Center & Cloud NGFW Enterprise
The article discusses the integration of Google Cloud's Security Command Center (SCC) and Cloud Next Generation Firewall (NGFW), by combining threat detection from NGFW with SCC's automation and response features.
https://www.googlecloudcommunity.com/gc/Community-Blog/Unifying-Your-Cloud-Defenses-Security-Command-Center-amp-Cloud/ba-p/843202
#gcp
The article discusses the integration of Google Cloud's Security Command Center (SCC) and Cloud Next Generation Firewall (NGFW), by combining threat detection from NGFW with SCC's automation and response features.
https://www.googlecloudcommunity.com/gc/Community-Blog/Unifying-Your-Cloud-Defenses-Security-Command-Center-amp-Cloud/ba-p/843202
#gcp
👍2❤1🔥1
🔶 Safeguard your generative AI workloads from prompt injections
This blog post provides an overview of prompt injection risks in generative AI applications and outlines effective strategies for mitigating these risks on Bedrock.
https://aws.amazon.com/ru/blogs/security/safeguard-your-generative-ai-workloads-from-prompt-injections/
(Use VPN to open from Russia)
#aws
This blog post provides an overview of prompt injection risks in generative AI applications and outlines effective strategies for mitigating these risks on Bedrock.
https://aws.amazon.com/ru/blogs/security/safeguard-your-generative-ai-workloads-from-prompt-injections/
(Use VPN to open from Russia)
#aws
👍2❤1🔥1
🔴 New to Google SecOps: An Introduction to Native Dashboards
An overview of the newly launched dashboarding capabilities within Google SecOps, enabling users to create custom dashboards using statistical search syntax.
https://www.googlecloudcommunity.com/gc/Community-Blog/New-to-Google-SecOps-An-Introduction-to-Native-Dashboards/ba-p/856924
#gcp
An overview of the newly launched dashboarding capabilities within Google SecOps, enabling users to create custom dashboards using statistical search syntax.
https://www.googlecloudcommunity.com/gc/Community-Blog/New-to-Google-SecOps-An-Introduction-to-Native-Dashboards/ba-p/856924
#gcp
👍3❤1🔥1
🔶 AWS EKS Access Management & Permissions
This post explores the following AWS EKS technologies, and applies them to the context of a real scenario: aws-auth (2018), IRSA (IAM Roles for Service Accounts) (2019), EKS Pod Identities (2023), and EKS Cluster Access Management (2023).
https://akingscote.co.uk/posts/aws-eks-access-management/
#aws
This post explores the following AWS EKS technologies, and applies them to the context of a real scenario: aws-auth (2018), IRSA (IAM Roles for Service Accounts) (2019), EKS Pod Identities (2023), and EKS Cluster Access Management (2023).
https://akingscote.co.uk/posts/aws-eks-access-management/
#aws
❤1👍1🔥1
The guide explains how to use Temporary Access Pass (TAP) with internal guest users in Microsoft Entra ID. TAP is a time-limited passcode designed for single use or multiple sign-ins, enhancing security by enabling passwordless authentication.
https://techcommunity.microsoft.com/blog/itopstalkblog/step-by-step-guide--how-to-use-temporary-access-pass-tap-with-internal-guest-use/4365541
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
👍3❤1🔥1
🔴 Introducing Workload Manager custom rules
With new Workload Manager custom rules, you can validate your Google Cloud deployments against best practices to help ensure they are compliant.
https://cloud.google.com/blog/products/compute/introducing-workload-manager-custom-rules/
#gcp
With new Workload Manager custom rules, you can validate your Google Cloud deployments against best practices to help ensure they are compliant.
https://cloud.google.com/blog/products/compute/introducing-workload-manager-custom-rules/
#gcp
❤2👍1🔥1
🔶 Testing and evaluating GuardDuty detections
Deep dive into an open source tool for testing GuardDuty findings.
https://aws.amazon.com/ru/blogs/security/testing-and-evaluating-guardduty-detections/
#aws
Deep dive into an open source tool for testing GuardDuty findings.
https://aws.amazon.com/ru/blogs/security/testing-and-evaluating-guardduty-detections/
#aws
❤1👍1🔥1
🔶 AWS Firewall Manager retrofitting: Harmonizing central security with application team flexibility
Post talking about the benefits of retrofitting and how you can use this feature to allow Firewall Manager to manage existing web ACLs.
https://aws.amazon.com/ru/blogs/security/aws-firewall-manager-retrofitting-harmonizing-central-security-with-application-team-flexibility/
(Use VPN to open from Russia)
#aws
Post talking about the benefits of retrofitting and how you can use this feature to allow Firewall Manager to manage existing web ACLs.
https://aws.amazon.com/ru/blogs/security/aws-firewall-manager-retrofitting-harmonizing-central-security-with-application-team-flexibility/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶 CopyObjection: Fending off ransomware in AWS
In a compromised AWS environment, adversaries can copy S3 objects, encrypt them, and prevent the victim from recovering the encryption keys.
https://redcanary.com/blog/incident-response/aws-ransomware/
#aws
In a compromised AWS environment, adversaries can copy S3 objects, encrypt them, and prevent the victim from recovering the encryption keys.
https://redcanary.com/blog/incident-response/aws-ransomware/
#aws
👍2🔥2❤1
🔶 RogueOIDC: AWS Persistence and Evasion through attacker-controlled OIDC Identity Provider
This research shows what an attacker can achieve after creating a malicious OIDC identity provider in AWS and how they can do it. The article presents novel techniques and tools for persistence and evasion.
https://www.offensai.com/blog/rogueoidc-aws-persistence-and-evasion-through-attacker-controlled-oidc-identity-provider
(Use VPN to open from Russia)
#aws
This research shows what an attacker can achieve after creating a malicious OIDC identity provider in AWS and how they can do it. The article presents novel techniques and tools for persistence and evasion.
https://www.offensai.com/blog/rogueoidc-aws-persistence-and-evasion-through-attacker-controlled-oidc-identity-provider
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶 How Adversaries Exploit Unmonitored Cloud Regions to Evade Detection
This blog explores how unused cloud regions can be abused, the tools that enable such exploits, and strategies to mitigate these risks.
https://permiso.io/blog/how-threat-actors-leverage-unsupported-cloud-regions
#aws
This blog explores how unused cloud regions can be abused, the tools that enable such exploits, and strategies to mitigate these risks.
https://permiso.io/blog/how-threat-actors-leverage-unsupported-cloud-regions
#aws
❤1👍1🔥1