🔶 The Risk You Can't Afford to Ignore: AWS SES and Email Spoofing
This article discusses AWS SES email spoofing vulnerabilities, potentially enabling phishing attacks.
https://badshah.io/aws-ses-and-email-spoofing/
#aws
This article discusses AWS SES email spoofing vulnerabilities, potentially enabling phishing attacks.
https://badshah.io/aws-ses-and-email-spoofing/
#aws
❤1🔥1😱1
🔴 Finding Malware: Detecting Fake Browser Updates Attacks with Google Security Operations
This post dive into Fake Browser Update Attacks, the payloads they deliver, and detection opportunities within the Google SecOps platform.
https://www.googlecloudcommunity.com/gc/Community-Blog/Finding-Malware-Detecting-Fake-Browser-Updates-Attacks-with/ba-p/876307
#gcp
This post dive into Fake Browser Update Attacks, the payloads they deliver, and detection opportunities within the Google SecOps platform.
https://www.googlecloudcommunity.com/gc/Community-Blog/Finding-Malware-Detecting-Fake-Browser-Updates-Attacks-with/ba-p/876307
#gcp
👍2❤1🔥1
🔴 Inter-VPC connectivity architecture patterns in Cross-Cloud Network
How to use Cross-Cloud Network to design inter-network communication architectures with Network Connectivity Center or VPC peering.
https://cloud.google.com/blog/products/networking/inter-network-communication-design-with-ncc-vpc-peering/
#gcp
How to use Cross-Cloud Network to design inter-network communication architectures with Network Connectivity Center or VPC peering.
https://cloud.google.com/blog/products/networking/inter-network-communication-design-with-ncc-vpc-peering/
#gcp
👍3❤1🔥1
🔶 Connect your on-premises Kubernetes cluster to AWS APIs using IAM Roles Anywhere
IAM Roles Anywhere enables workloads outside of AWS to access AWS resources by exchanging X.509 bound identities for temporary AWS credentials.
https://aws.amazon.com/ru/blogs/security/connect-your-on-premises-kubernetes-cluster-to-aws-apis-using-iam-roles-anywhere/
(Use VPN to open from Russia)
#aws
IAM Roles Anywhere enables workloads outside of AWS to access AWS resources by exchanging X.509 bound identities for temporary AWS credentials.
https://aws.amazon.com/ru/blogs/security/connect-your-on-premises-kubernetes-cluster-to-aws-apis-using-iam-roles-anywhere/
(Use VPN to open from Russia)
#aws
👍2❤1🔥1
🔶 From log analysis to rule creation: How AWS Network Firewall automates domain-based security for outbound traffic
Post guiding you through the implementation of the AWS Network Firewall automated domain list feature, providing a detailed overview, step-by-step instructions, and best practices to optimize your network security.
https://aws.amazon.com/ru/blogs/security/from-log-analysis-to-rule-creation-how-aws-network-firewall-automates-domain-based-security-for-outbound-traffic/
(Use VPN to open from Russia)
#aws
Post guiding you through the implementation of the AWS Network Firewall automated domain list feature, providing a detailed overview, step-by-step instructions, and best practices to optimize your network security.
https://aws.amazon.com/ru/blogs/security/from-log-analysis-to-rule-creation-how-aws-network-firewall-automates-domain-based-security-for-outbound-traffic/
(Use VPN to open from Russia)
#aws
👍2❤1🔥1
A vulnerability in Microsoft Azure that allows users with Reader access to expose sensitive metadata about secrets stored in Azure Key Vaults.
https://cirriustech.co.uk/blog/azure-vault-recon/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔶 Evaluating AWS Native Approaches for Detecting Suspicious API Calls
Three primary approaches: 1) EventBridge → SNS → Email, 2) CloudTrail → S3 → Lambda → SNS → Email, and 3) CloudTrail → CloudWatch → MetricFilter → MetricAlert → SNS → Email.
https://medium.com/@adan.alvarez/diy-evaluating-aws-native-approaches-for-detecting-suspicious-api-calls-c6e05de97a49
(Use VPN to open from Russia)
#aws
Three primary approaches: 1) EventBridge → SNS → Email, 2) CloudTrail → S3 → Lambda → SNS → Email, and 3) CloudTrail → CloudWatch → MetricFilter → MetricAlert → SNS → Email.
https://medium.com/@adan.alvarez/diy-evaluating-aws-native-approaches-for-detecting-suspicious-api-calls-c6e05de97a49
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔴 Introducing AI Protection: Security for the AI era
Google Cloud's new AI Protection safeguards AI workloads and data across clouds and models, no matter the platform.
https://cloud.google.com/blog/products/identity-security/introducing-ai-protection-security-for-the-ai-era/
#gcp
Google Cloud's new AI Protection safeguards AI workloads and data across clouds and models, no matter the platform.
https://cloud.google.com/blog/products/identity-security/introducing-ai-protection-security-for-the-ai-era/
#gcp
👍2❤1🔥1
Microsoft is actively fighting against a global cybercrime network known as Storm-2139, which exploits generative AI technologies.
https://blogs.microsoft.com/on-the-issues/2025/02/27/disrupting-cybercrime-abusing-gen-ai/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔴 gcp-landing-zone
This repository contains the Terraform code necessary to set up a Landing Zone using the Google Cloud Platform (GCP).
https://github.com/ollionorg/gcp-landing-zone
#gcp
This repository contains the Terraform code necessary to set up a Landing Zone using the Google Cloud Platform (GCP).
https://github.com/ollionorg/gcp-landing-zone
#gcp
❤1👍1🔥1
Post discussing vulnerabilities in Azure's CLI related to cloud image confusion attacks, similar to those identified last month in AWS.
https://onecloudplease.com/blog/mistakenvmtity-another-cloud-image-confusion-attack
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔴 Safer and Multimodal: Responsible AI with Gemma
ShieldGemma 2 can detect harmful content in AI models' text and image inputs/outputs, built on Gemma 3 for safer AI development.
https://developers.googleblog.com/en/safer-and-multimodal-responsible-ai-with-gemma/
#gcp
ShieldGemma 2 can detect harmful content in AI models' text and image inputs/outputs, built on Gemma 3 for safer AI development.
https://developers.googleblog.com/en/safer-and-multimodal-responsible-ai-with-gemma/
#gcp
❤1👍1🔥1
🔴 Project Shield makes it easier to sign up, set up, automate DDoS protection
Project Shield employs Google Cloud Armor to defend against DDoS attacks with minimal user configuration.
https://cloud.google.com/blog/products/identity-security/project-shield-makes-it-easier-to-sign-up-set-up-automate-ddos-protection/
#gcp
Project Shield employs Google Cloud Armor to defend against DDoS attacks with minimal user configuration.
https://cloud.google.com/blog/products/identity-security/project-shield-makes-it-easier-to-sign-up-set-up-automate-ddos-protection/
#gcp
❤1👍1🔥1
🔶 Amazon EKS now envelope encrypts all Kubernetes API data by default
EKS enables default envelope encryption for all Kubernetes API data in EKS clusters running Kubernetes version 1.28 or higher.
https://aws.amazon.com/ru/about-aws/whats-new/2025/03/amazon-eks-envelope-encrypts-kubernetes-api-data-default/
(Use VPN to open from Russia)
#aws
EKS enables default envelope encryption for all Kubernetes API data in EKS clusters running Kubernetes version 1.28 or higher.
https://aws.amazon.com/ru/about-aws/whats-new/2025/03/amazon-eks-envelope-encrypts-kubernetes-api-data-default/
(Use VPN to open from Russia)
#aws
👍2❤1🔥1
Enumerate all secrets in all Azure Key Vaults and Logic Apps across all subnoscriptions.
https://github.com/Az-Skywalker/Az-Skywalker
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
This article aims to provide a deeper technical understanding of the Elevate Access mechanism, including its underlying implementation, the specific logs where activities are recorded, when you DON'T need Elevate Access to get the same permissions, and the practical techniques attackers use to leverage it.
https://permiso.io/blog/azures-apex-permissions-elevate-access-the-logs-security-teams-overlook
(Use VPN to open from Russia)
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔶👩💻 AWS CloudWatch log ingestion to Microsoft Sentinel
A solution using CloudWatch log subnoscription filters to stream logs to an S3 bucket via Kinesis Firehose.
https://medium.com/@paulschwarzenberger/aws-cloudwatch-log-ingestion-to-microsoft-sentinel-fa5084de41f9
(Use VPN to open from Russia)
#aws #azure
A solution using CloudWatch log subnoscription filters to stream logs to an S3 bucket via Kinesis Firehose.
https://medium.com/@paulschwarzenberger/aws-cloudwatch-log-ingestion-to-microsoft-sentinel-fa5084de41f9
(Use VPN to open from Russia)
#aws #azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔴 Streamlined Security: Introducing Network Security Integration
Network Security Integration can help you integrate third-party network appliance or service deployments with your Google Cloud workloads.
https://cloud.google.com/blog/products/networking/introducing-network-security-integration/
#gcp
Network Security Integration can help you integrate third-party network appliance or service deployments with your Google Cloud workloads.
https://cloud.google.com/blog/products/networking/introducing-network-security-integration/
#gcp
👍2❤1🔥1
🔴 Google Cloud - Managing Google's Unverified Authentication Library
In Google Cloud, Application Default Credentials (ADC) allows your code/applications to automatically find and use credentials.
https://akingscote.co.uk/posts/gcloud-unconfigured-third-party-apps/
#gcp
In Google Cloud, Application Default Credentials (ADC) allows your code/applications to automatically find and use credentials.
https://akingscote.co.uk/posts/gcloud-unconfigured-third-party-apps/
#gcp
👍2❤1🔥1
Imagine trying to disable a malicious user in your Azure environment, only to find it can't be modified! Datadog recently identified a timing-based bug in Entra ID's restricted administrative units (AUs) that could have allowed just this scenario to occur.
https://securitylabs.datadoghq.com/articles/creating-immutable-users-entra-id-administrative-units/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔶 Interactive AWS NAT Gateway
An interactive blog post exploring how AWS NAT Gateway works.
https://malithr.com/aws/natgateway/
#aws
An interactive blog post exploring how AWS NAT Gateway works.
https://malithr.com/aws/natgateway/
#aws
👍2❤1🔥1