An Azure utility for mounting Azure Storage that comes preinstalled on Azure HPC/AI images allowed an unprivileged user on a Linux machine with this utility installed to escalate their privileges to root.
https://www.varonis.com/blog/aznfs-root-privilege-escalation-on-azure
(Use VPN to open from Russia)
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔶 AI lifecycle risk management: ISO/IEC 42001:2023 for AI governance
Post explaining how ISO/IEC 42001 enables effective AI governance, review the risk management requirements, and explore how you can use threat modeling as a practical technique to meet those expectations.
https://aws.amazon.com/ru/blogs/security/ai-lifecycle-risk-management-iso-iec-420012023-for-ai-governance/
(Use VPN to open from Russia)
#aws
Post explaining how ISO/IEC 42001 enables effective AI governance, review the risk management requirements, and explore how you can use threat modeling as a practical technique to meet those expectations.
https://aws.amazon.com/ru/blogs/security/ai-lifecycle-risk-management-iso-iec-420012023-for-ai-governance/
(Use VPN to open from Russia)
#aws
❤2👍1🔥1
🔶 Implementing safety guardrails for applications using Amazon SageMaker
Post explaining guardrail implementation strategies.
https://aws.amazon.com/ru/blogs/security/implementing-safety-guardrails-for-applications-using-amazon-sagemaker/
(Use VPN to open from Russia)
#aws
Post explaining guardrail implementation strategies.
https://aws.amazon.com/ru/blogs/security/implementing-safety-guardrails-for-applications-using-amazon-sagemaker/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶 TrailAlerts
TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events in AWS.
https://github.com/adanalvarez/TrailAlerts
#aws
TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events in AWS.
https://github.com/adanalvarez/TrailAlerts
#aws
❤1👍1🔥1
🔶 Root in prod: The most important security analysis you will never do on your AWS accounts
This article outlines steps for identifying AWS accounts, determining which ones are truly production, and analyzing access levels, including finding users and roles with AdministratorAccess.
https://www.plerion.com/blog/root-in-prod
#aws
This article outlines steps for identifying AWS accounts, determining which ones are truly production, and analyzing access levels, including finding users and roles with AdministratorAccess.
https://www.plerion.com/blog/root-in-prod
#aws
❤1👍1🔥1
🔶 PowerUserAccess vs. AdministratorAccess from an attacker's perspective
The article highlights the dangers of using the AWS managed policy PowerUserAccess in complex environments by sharing an attacker's perspective on the matter.
https://www.offensai.com/blog/poweruseraccess-vs-administratoraccess-from-an-attacker-perspective
(Use VPN to open from Russia)
#aws
The article highlights the dangers of using the AWS managed policy PowerUserAccess in complex environments by sharing an attacker's perspective on the matter.
https://www.offensai.com/blog/poweruseraccess-vs-administratoraccess-from-an-attacker-perspective
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔴 Hunting for Bucket Traversals in Google's Client Libraries
A bucket traversal vulnerability arises when an application mishandles user input while interacting with cloud storage, allowing unauthorized access to storage objects.
https://jdomeracki.github.io/2025/05/04/hunting_for_bucket_traversals/
#gcp
A bucket traversal vulnerability arises when an application mishandles user input while interacting with cloud storage, allowing unauthorized access to storage objects.
https://jdomeracki.github.io/2025/05/04/hunting_for_bucket_traversals/
#gcp
❤1👍1🔥1
Microsoft introduced Microsoft Entra Agent ID, which extends identity management and access capabilities to AI agents.
https://www.microsoft.com/en-us/security/blog/2025/05/19/microsoft-extends-zero-trust-to-secure-the-agentic-workforce/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔴 Removing GitHub PATs and Private Keys From Google Cloud: Extending Token Server to Google Cloud
This article introduces the technologies, challenges, and solutions behind extending Token Server and migrating workloads on Google Cloud to use short-lived credentials.
https://engineering.mercari.com/en/blog/entry/20241203-token-server-google-cloud/
#gcp
This article introduces the technologies, challenges, and solutions behind extending Token Server and migrating workloads on Google Cloud to use short-lived credentials.
https://engineering.mercari.com/en/blog/entry/20241203-token-server-google-cloud/
#gcp
❤1👍1🔥1
🔴 Mark Your Calendar: APT41 Innovative Tactics
Post which analyzes the malware delivery methods, technical details of the malware attack chain, discuss other recent APT41 activities, and share indicators of compromise (IOCs) to help security practitioners defend against similar attacks.
https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics/
#gcp
Post which analyzes the malware delivery methods, technical details of the malware attack chain, discuss other recent APT41 activities, and share indicators of compromise (IOCs) to help security practitioners defend against similar attacks.
https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics/
#gcp
❤2👍1🔥1
🔶 How to set up and track SLAs for resolving Security Hub findings
Step-by-step instructions for tracking Security Hub findings in each severity category against service-level agreements (SLAs) through visual dashboards.
https://aws.amazon.com/ru/blogs/security/how-to-set-up-and-track-slas-for-resolving-security-hub-findings/
(Use VPN to open from Russia)
#aws
Step-by-step instructions for tracking Security Hub findings in each severity category against service-level agreements (SLAs) through visual dashboards.
https://aws.amazon.com/ru/blogs/security/how-to-set-up-and-track-slas-for-resolving-security-hub-findings/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔴 Safer automated deployments with new Cloud Deploy features
New automations in the Cloud Deploy continuous delivery platform help keep production environments reliable and up-to-date.
https://cloud.google.com/blog/products/devops-sre/new-cloud-deploy-features-for-automated-deployments/
#gcp
New automations in the Cloud Deploy continuous delivery platform help keep production environments reliable and up-to-date.
https://cloud.google.com/blog/products/devops-sre/new-cloud-deploy-features-for-automated-deployments/
#gcp
❤1👍1🔥1
🔶 boto3-refresh-session
A simple Python package for refreshing AWS temporary credentials in boto3 automatically.
https://github.com/michaelthomasletts/boto3-refresh-session
#aws
A simple Python package for refreshing AWS temporary credentials in boto3 automatically.
https://github.com/michaelthomasletts/boto3-refresh-session
#aws
❤1👍1🔥1
SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.
https://github.com/quarkslab/proxyblob
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
Post exploring Azure Arc's overlooked C2aaS potential: attacking and defending against its usage and exploring use cases for Red Teams.
https://blog.zsec.uk/azure-arc-c2aas/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔶 CloudTrail Logging Evasion: Where Policy Size Matters
Permiso uncovered a subtle yet critical logging evasion vulnerability within AWS environments - mainly the differing size limitations of individual AWS CloudTrail logs versus the actual content being logged. By exploiting whitespace and other syntactic quirks, an attacker can create valid IAM policies that effectively bypass CloudTrail logging.
https://permiso.io/blog/cloudtrail-logging-evasion-where-policy-size-matters
#aws
Permiso uncovered a subtle yet critical logging evasion vulnerability within AWS environments - mainly the differing size limitations of individual AWS CloudTrail logs versus the actual content being logged. By exploiting whitespace and other syntactic quirks, an attacker can create valid IAM policies that effectively bypass CloudTrail logging.
https://permiso.io/blog/cloudtrail-logging-evasion-where-policy-size-matters
#aws
❤1👍1🔥1
Unit 42 researchers discovered an issue with Azure OpenAI's Domain Name System (DNS) resolution logic that could have enabled cross-tenant data leaks and meddler-in-the-middle (MitM) attacks.
https://unit42.paloaltonetworks.com/azure-openai-dns-resolution/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔴 The Cost of a Call: From Voice Phishing to Data Extortion
UNC6040 uses vishing to impersonate IT support, deceiving victims into granting access to their Salesforce instances.
https://cloud.google.com/blog/topics/threat-intelligence/voice-phishing-data-extortion
#gcp
UNC6040 uses vishing to impersonate IT support, deceiving victims into granting access to their Salesforce instances.
https://cloud.google.com/blog/topics/threat-intelligence/voice-phishing-data-extortion
#gcp
❤1👍1🔥1
🔶 Implementing just-in-time privileged access to AWS with Microsoft Entra and AWS IAM Identity Center
By using security groups in Entra and mapping them to permission sets in IAM Identity Center, you can automate the provisioning and deprovisioning of privileged access based on defined policies and approval workflows.
https://aws.amazon.com/ru/blogs/security/implementing-just-in-time-privileged-access-to-aws-with-microsoft-entra-and-aws-iam-identity-center/
#aws
By using security groups in Entra and mapping them to permission sets in IAM Identity Center, you can automate the provisioning and deprovisioning of privileged access based on defined policies and approval workflows.
https://aws.amazon.com/ru/blogs/security/implementing-just-in-time-privileged-access-to-aws-with-microsoft-entra-and-aws-iam-identity-center/
#aws
❤1👍1🔥1
Post covering some methods attackers may use now or in the near future to maintain access to Entra ID (formerly Azure AD) once they've obtained a privileged foothold.
https://kknowl.es/posts/defending-against-entra-id-persistence/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1