🔶 How to use on-demand rotation for AWS KMS imported keys
AWS announced support for on-demand rotation of symmetric encryption AWS Key Management Service (AWS KMS) keys with imported key material (EXTERNAL origin). This new capability enables you to rotate the cryptographic key material of these keys without changing the key identifier.
https://aws.amazon.com/ru/blogs/security/how-to-use-on-demand-rotation-for-aws-kms-imported-keys/
(Use VPN to open from Russia)
#aws
AWS announced support for on-demand rotation of symmetric encryption AWS Key Management Service (AWS KMS) keys with imported key material (EXTERNAL origin). This new capability enables you to rotate the cryptographic key material of these keys without changing the key identifier.
https://aws.amazon.com/ru/blogs/security/how-to-use-on-demand-rotation-for-aws-kms-imported-keys/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶 Securing Amazon Redshift
How to manage access in Amazon Redshift, focusing on best practices for security.
https://dev.to/awscommunity-asean/securing-amazon-redshift-best-practices-for-access-control-15l6
#aws
How to manage access in Amazon Redshift, focusing on best practices for security.
https://dev.to/awscommunity-asean/securing-amazon-redshift-best-practices-for-access-control-15l6
#aws
❤1👍1🔥1
🔴 How Google Cloud is securing open-source credentials at scale
Google developed a tool to scan open-source package and image files by default for leaked Google Cloud credentials to help protect Google Cloud customers who publish open-source artifacts.
https://cloud.google.com/blog/products/identity-security/securing-open-source-credentials-at-scale
#gcp
Google developed a tool to scan open-source package and image files by default for leaked Google Cloud credentials to help protect Google Cloud customers who publish open-source artifacts.
https://cloud.google.com/blog/products/identity-security/securing-open-source-credentials-at-scale
#gcp
❤1👍1🔥1
🔶 Amazon GuardDuty expands Extended Threat Detection coverage to Amazon EKS clusters
GuardDuty Extended Threat Detection introduces a new critical severity finding type, which automatically correlates security signals across Amazon EKS audit logs, runtime behaviors of processes associated with EKS clusters, malware execution in EKS clusters, and AWS API activity to identify sophisticated attack patterns that might otherwise go unnoticed.
https://aws.amazon.com/ru/blogs/aws/amazon-guardduty-expands-extended-threat-detection-coverage-to-amazon-eks-clusters/
(Use VPN to open from Russia)
#aws
GuardDuty Extended Threat Detection introduces a new critical severity finding type, which automatically correlates security signals across Amazon EKS audit logs, runtime behaviors of processes associated with EKS clusters, malware execution in EKS clusters, and AWS API activity to identify sophisticated attack patterns that might otherwise go unnoticed.
https://aws.amazon.com/ru/blogs/aws/amazon-guardduty-expands-extended-threat-detection-coverage-to-amazon-eks-clusters/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶 AWS Backup adds new Multi-party approval for logically air-gapped vaults
Multi-party approval for AWS Backup logically air-gapped vaults enables organizations to recover their backup data even when their AWS account is compromised, by creating approval teams of trusted individuals who can authorize vault sharing with a recovery account through a separate authentication path.
https://aws.amazon.com/ru/blogs/aws/aws-backup-adds-new-multi-party-approval-for-logically-air-gapped-vaults/
(Use VPN to open from Russia)
#aws
Multi-party approval for AWS Backup logically air-gapped vaults enables organizations to recover their backup data even when their AWS account is compromised, by creating approval teams of trusted individuals who can authorize vault sharing with a recovery account through a separate authentication path.
https://aws.amazon.com/ru/blogs/aws/aws-backup-adds-new-multi-party-approval-for-logically-air-gapped-vaults/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶 Unify your security with the new AWS Security Hub for risk prioritization and response at scale
Amazon announced the preview release of the new AWS Security Hub which offers additional correlation, contextualization, and visualization capabilities.
https://aws.amazon.com/ru/blogs/aws/unify-your-security-with-the-new-aws-security-hub-for-risk-prioritization-and-response-at-scale-preview/
(Use VPN to open from Russia)
#aws
Amazon announced the preview release of the new AWS Security Hub which offers additional correlation, contextualization, and visualization capabilities.
https://aws.amazon.com/ru/blogs/aws/unify-your-security-with-the-new-aws-security-hub-for-risk-prioritization-and-response-at-scale-preview/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
This article explores OAuth phishing and token-based abuse in Microsoft Entra ID. Through emulation and analysis of tokens, scope, and device behavior during sign-in activity, it surfaces high-fidelity signals defenders can use to detect and hunt for OAuth misuse.
https://www.elastic.co/security-labs/entra-id-oauth-phishing-detection
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥2❤1👍1
🔶 JA3 and JA4 Fingerprints in AWS WAF and Beyond
This article discusses JA3 and JA4 fingerprints, including how they can be useful across cloud services, and how to use them with AWS WAF.
https://engineering.doit.com/ja3-ja4-fingerprints-aws-waf-e2d18dca198a
(Use VPN to open from Russia)
#aws
This article discusses JA3 and JA4 fingerprints, including how they can be useful across cloud services, and how to use them with AWS WAF.
https://engineering.doit.com/ja3-ja4-fingerprints-aws-waf-e2d18dca198a
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶 Sign in with your eID: Using AWS IAM Roles Anywhere with a SmartCard Reader
A fun experiment: the Belgian eID, which includes an authentication certificate, can be utilized to authenticate users without requiring extensive certificate management.
https://cloudar.be/awsblog/sign-in-with-your-eid-using-aws-iam-roles-anywhere-with-a-smartcard-reader/
#aws
A fun experiment: the Belgian eID, which includes an authentication certificate, can be utilized to authenticate users without requiring extensive certificate management.
https://cloudar.be/awsblog/sign-in-with-your-eid-using-aws-iam-roles-anywhere-with-a-smartcard-reader/
#aws
❤2👍1🔥1
🔶 The Future of Threat Emulation: Building AI Agents that Hunt Like Cloud Adversaries
Exploring the breakthrough potential and emerging risks of AI agents that can autonomously discover and exploit complex AWS attack chains.
https://www.offensai.com/blog/the-future-of-threat-emulation-building-ai-agents-that-hunt-like-cloud-adversaries
#aws
Exploring the breakthrough potential and emerging risks of AI agents that can autonomously discover and exploit complex AWS attack chains.
https://www.offensai.com/blog/the-future-of-threat-emulation-building-ai-agents-that-hunt-like-cloud-adversaries
#aws
❤1👍1🔥1
🔶🔴 gcp-oidc-aws
A Terraform module that creates a GCP Workload Identity Federation to allow AWS workloads to authenticate to GCP via a GCP Service Account, without storing service account keys.
https://github.com/marco-lancini/utils/tree/main/terraform/gcp-oidc-aws
#aws #gcp
A Terraform module that creates a GCP Workload Identity Federation to allow AWS workloads to authenticate to GCP via a GCP Service Account, without storing service account keys.
https://github.com/marco-lancini/utils/tree/main/terraform/gcp-oidc-aws
#aws #gcp
❤2👍2🔥1
How to use a browser SSO cookie to request Entra ID OAuth tokens and enumerate a target tenant. This technique is useful when a device is not joined to an Entra ID tenant.
https://specterops.io/blog/2025/06/27/requesting-entra-id-tokens-with-entra-id-sso-cookies/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
Orca uncovers a privilege escalation risk in Azure Machine Learning pipelines that could allow attackers to run code and access sensitive data.
https://orca.security/resources/blog/azure-machine-learning-privilege-escalation/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
A leaked credential allowed anyone unauthorized access to all Microsoft tenants of organizations that use Synology's «Active Backup for Microsoft 365» (ABM).
https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/
(Use VPN to open from Russia)
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
Several Azure built-in roles are misconfigured to be over-privileged - they grant more permissions than intended by Azure.
https://www.token.security/blog/azures-role-roulette-how-over-privileged-roles-and-api-vulnerabilities-expose-enterprise-networks
(Use VPN to open from Russia)
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👍1🔥1
The blog discusses techniques for extracting sensitive information from the Azure Load Testing service, which supports Managed Identities for accessing Key Vault entries.
https://www.netspi.com/blog/technical-blog/cloud-pentesting/extracting-sensitive-information-azure-load-testing/
(Use VPN to open from Russia)
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👍1🔥1
This post explores the setup and configuration of Cilium and Tetragon in Azure Kubernetes Service and integrating & monitoring with Microsoft Sentinel.
https://akingscote.co.uk/posts/aks-cilium-tetragon-ebpf/
(Use VPN to open from Russia)
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👍2🔥1
Microsoft announced the expansion of the Zero Trust workshop to cover the additional technical pillars of Zero Trust, assisting customers on strategies that may contribute to securing their network, infrastructure, and connecting all these elements with security operations (SecOps).
https://www.microsoft.com/en-us/security/blog/2025/07/09/microsoft-expands-zero-trust-workshop-to-cover-network-secops-and-more/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔶 Threat Technique Catalog for AWS
The Threat Technique Catalog for AWS describes techniques used by threat actors to take advantage of security misconfigurations or compromised credentials on the customer side ("Security in the Cloud") of the shared responsibility model.
https://aws-samples.github.io/threat-technique-catalog-for-aws/
#aws
The Threat Technique Catalog for AWS describes techniques used by threat actors to take advantage of security misconfigurations or compromised credentials on the customer side ("Security in the Cloud") of the shared responsibility model.
https://aws-samples.github.io/threat-technique-catalog-for-aws/
#aws
❤2👍1🔥1