🔶 The Future of Threat Emulation: Building AI Agents that Hunt Like Cloud Adversaries
Exploring the breakthrough potential and emerging risks of AI agents that can autonomously discover and exploit complex AWS attack chains.
https://www.offensai.com/blog/the-future-of-threat-emulation-building-ai-agents-that-hunt-like-cloud-adversaries
#aws
Exploring the breakthrough potential and emerging risks of AI agents that can autonomously discover and exploit complex AWS attack chains.
https://www.offensai.com/blog/the-future-of-threat-emulation-building-ai-agents-that-hunt-like-cloud-adversaries
#aws
❤1👍1🔥1
🔶🔴 gcp-oidc-aws
A Terraform module that creates a GCP Workload Identity Federation to allow AWS workloads to authenticate to GCP via a GCP Service Account, without storing service account keys.
https://github.com/marco-lancini/utils/tree/main/terraform/gcp-oidc-aws
#aws #gcp
A Terraform module that creates a GCP Workload Identity Federation to allow AWS workloads to authenticate to GCP via a GCP Service Account, without storing service account keys.
https://github.com/marco-lancini/utils/tree/main/terraform/gcp-oidc-aws
#aws #gcp
❤2👍2🔥1
How to use a browser SSO cookie to request Entra ID OAuth tokens and enumerate a target tenant. This technique is useful when a device is not joined to an Entra ID tenant.
https://specterops.io/blog/2025/06/27/requesting-entra-id-tokens-with-entra-id-sso-cookies/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
Orca uncovers a privilege escalation risk in Azure Machine Learning pipelines that could allow attackers to run code and access sensitive data.
https://orca.security/resources/blog/azure-machine-learning-privilege-escalation/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
A leaked credential allowed anyone unauthorized access to all Microsoft tenants of organizations that use Synology's «Active Backup for Microsoft 365» (ABM).
https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/
(Use VPN to open from Russia)
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
Several Azure built-in roles are misconfigured to be over-privileged - they grant more permissions than intended by Azure.
https://www.token.security/blog/azures-role-roulette-how-over-privileged-roles-and-api-vulnerabilities-expose-enterprise-networks
(Use VPN to open from Russia)
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👍1🔥1
The blog discusses techniques for extracting sensitive information from the Azure Load Testing service, which supports Managed Identities for accessing Key Vault entries.
https://www.netspi.com/blog/technical-blog/cloud-pentesting/extracting-sensitive-information-azure-load-testing/
(Use VPN to open from Russia)
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👍1🔥1
This post explores the setup and configuration of Cilium and Tetragon in Azure Kubernetes Service and integrating & monitoring with Microsoft Sentinel.
https://akingscote.co.uk/posts/aks-cilium-tetragon-ebpf/
(Use VPN to open from Russia)
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👍2🔥1
Microsoft announced the expansion of the Zero Trust workshop to cover the additional technical pillars of Zero Trust, assisting customers on strategies that may contribute to securing their network, infrastructure, and connecting all these elements with security operations (SecOps).
https://www.microsoft.com/en-us/security/blog/2025/07/09/microsoft-expands-zero-trust-workshop-to-cover-network-secops-and-more/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔶 Threat Technique Catalog for AWS
The Threat Technique Catalog for AWS describes techniques used by threat actors to take advantage of security misconfigurations or compromised credentials on the customer side ("Security in the Cloud") of the shared responsibility model.
https://aws-samples.github.io/threat-technique-catalog-for-aws/
#aws
The Threat Technique Catalog for AWS describes techniques used by threat actors to take advantage of security misconfigurations or compromised credentials on the customer side ("Security in the Cloud") of the shared responsibility model.
https://aws-samples.github.io/threat-technique-catalog-for-aws/
#aws
❤2👍1🔥1
🔶 sample-visualizing-access-rights-for-identity-on-aws
This is a sample solution that demonstrates how to use AWS IAM Identity Center with Neptune to visualize and map relationships between identities and resources.
https://github.com/aws-samples/sample-visualizing-access-rights-for-identity-on-aws
#aws
This is a sample solution that demonstrates how to use AWS IAM Identity Center with Neptune to visualize and map relationships between identities and resources.
https://github.com/aws-samples/sample-visualizing-access-rights-for-identity-on-aws
#aws
❤2👍1🔥1
🔶 iam-shrink
Make AWS IAM policies smaller by adding wildcards to actions.
https://github.com/cloud-copilot/iam-shrink
(Use VPN to open from Russia)
#aws
Make AWS IAM policies smaller by adding wildcards to actions.
https://github.com/cloud-copilot/iam-shrink
(Use VPN to open from Russia)
#aws
❤2👍1🔥1
🔶 Making file encryption fast and secure for teams with advanced key management
Dropbox has developed an advanced key management solution to enhance team-based file encryption, addressing the needs of customers with sensitive data, such as those in finance or healthcare.
https://dropbox.tech/security/file-encryption-teams-advanced-key-management
#aws
Dropbox has developed an advanced key management solution to enhance team-based file encryption, addressing the needs of customers with sensitive data, such as those in finance or healthcare.
https://dropbox.tech/security/file-encryption-teams-advanced-key-management
#aws
❤1👍1🔥1
🔶 Enforcing Least Privilege in AWS IAM with Access Analyzer and Last Access Data
A practical guide on enforcing least privilege in AWS IAM by using IAM Access Analyzer and service Last Accessed data. Includes real workflows, auditing strategies, and automation tips.
https://thehiddenport.dev/posts/aws-enforcing-least-privilege/
#aws
A practical guide on enforcing least privilege in AWS IAM by using IAM Access Analyzer and service Last Accessed data. Includes real workflows, auditing strategies, and automation tips.
https://thehiddenport.dev/posts/aws-enforcing-least-privilege/
#aws
❤1👍1🔥1
🔶 API Keys for Bedrock: A Brief Security Overview
This new authentication method for Amazon Bedrock introduces some helpful options, but also brings challenges.
https://medium.com/@adan.alvarez/api-keys-for-bedrock-a-brief-security-overview-2133ed9a2b3f
(Use VPN to open from Russia)
#aws
This new authentication method for Amazon Bedrock introduces some helpful options, but also brings challenges.
https://medium.com/@adan.alvarez/api-keys-for-bedrock-a-brief-security-overview-2133ed9a2b3f
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
Backdooring Microsoft's applications is far from over. A vulnerable, built-in SP that could have allowed escalation from Application Administrator to any hybrid tenant user, including Global Admin, was discovered.
https://securitylabs.datadoghq.com/articles/i-spy-escalating-to-entra-id-global-admin/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔶 Abusing Default Machine Joining to Domain Permissions to Attack AWS Managed Active Directory
Post discussing several critical AWS Managed Active Directory security vulnerabilities enabling RBCD attacks via ms-ds-MachineAccountQuota.
https://permiso.io/blog/abusing-default-machine-joining-to-domain-permissions-to-attack-aws-managed-active-directory
#aws
Post discussing several critical AWS Managed Active Directory security vulnerabilities enabling RBCD attacks via ms-ds-MachineAccountQuota.
https://permiso.io/blog/abusing-default-machine-joining-to-domain-permissions-to-attack-aws-managed-active-directory
#aws
❤2👍1🔥1
🔴 Searching for Secrets in Public GCP Images
Truffle Security scanned 8,400+ public GCP images and did not find a single exposed secret.
https://trufflesecurity.com/blog/guest-post-gcp-cloudquarry-searching-for-secrets-in-public-gcp-images
(Use VPN to open from Russia)
#gcp
Truffle Security scanned 8,400+ public GCP images and did not find a single exposed secret.
https://trufflesecurity.com/blog/guest-post-gcp-cloudquarry-searching-for-secrets-in-public-gcp-images
(Use VPN to open from Russia)
#gcp
❤1👍1🔥1