This media is not supported in your browser
VIEW IN TELEGRAM
🔴 Strengthen GCE and GKE security with new dashboards powered by Security Command Center
The GCE Security Risk Overview page now shows top security findings, vulnerability findings over time, and common vulnerabilities and exploits (CVEs) on your virtual machines.
https://cloud.google.com/blog/products/identity-security/new-gce-and-gke-dashboards-strengthen-security-posture/
#gcp
The GCE Security Risk Overview page now shows top security findings, vulnerability findings over time, and common vulnerabilities and exploits (CVEs) on your virtual machines.
https://cloud.google.com/blog/products/identity-security/new-gce-and-gke-dashboards-strengthen-security-posture/
#gcp
❤1👍1🔥1
🔶 How to accelerate security finding reviews using automated business context validation in AWS Security Hub
A structured workflow where security teams define acceptable compensating controls, developers implement them, and an automated system validates their effectiveness.
https://aws.amazon.com/ru/blogs/security/how-to-accelerate-security-finding-reviews-using-automated-business-context-validation-in-aws-security-hub/
(Use VPN to open from Russia)
#aws
A structured workflow where security teams define acceptable compensating controls, developers implement them, and an automated system validates their effectiveness.
https://aws.amazon.com/ru/blogs/security/how-to-accelerate-security-finding-reviews-using-automated-business-context-validation-in-aws-security-hub/
(Use VPN to open from Russia)
#aws
❤2👍1🔥1
🔶 Build secure network architectures for generative AI applications using AWS services
Post which reviews the secure network design principles that provide a robust foundation for deploying generative AI applications on AWS while maintaining strong security controls.
https://aws.amazon.com/ru/blogs/security/build-secure-network-architectures-for-generative-ai-applications-using-aws-services/
(Use VPN to open from Russia)
#aws
Post which reviews the secure network design principles that provide a robust foundation for deploying generative AI applications on AWS while maintaining strong security controls.
https://aws.amazon.com/ru/blogs/security/build-secure-network-architectures-for-generative-ai-applications-using-aws-services/
(Use VPN to open from Russia)
#aws
❤2👍1🔥1
🔶 How to develop an AWS Security Hub POC
This article guides you through planning and implementing an AWS Security Hub proof of concept, covering value assessment, success criteria definition, configuration, deployment, and validation steps.
https://aws.amazon.com/ru/blogs/security/how-to-develop-an-aws-security-hub-poc/
(Use VPN to open from Russia)
#aws
This article guides you through planning and implementing an AWS Security Hub proof of concept, covering value assessment, success criteria definition, configuration, deployment, and validation steps.
https://aws.amazon.com/ru/blogs/security/how-to-develop-an-aws-security-hub-poc/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶 Billing View now supports cost management data from multiple organizations
AWS announced the general availability of new capabilities within AWS Billing and Cost Management that enable customers to manage their AWS spend across multiple organizations through a single AWS account.
https://aws.amazon.com/ru/about-aws/whats-new/2025/09/billing-view-cost-management-multiple-organizations/
(Use VPN to open from Russia)
#aws
AWS announced the general availability of new capabilities within AWS Billing and Cost Management that enable customers to manage their AWS spend across multiple organizations through a single AWS account.
https://aws.amazon.com/ru/about-aws/whats-new/2025/09/billing-view-cost-management-multiple-organizations/
(Use VPN to open from Russia)
#aws
👍2❤1🔥1
🔶🔷🔴 tokenex
A Go library that securely exchanges identity tokens for temporary cloud credentials, with built-in support for AWS, GCP, Azure, OCI, Kubernetes, and OAuth2. You can also refer to the companion blog post.
https://github.com/riptideslabs/tokenex
#aws #azure #gcp
A Go library that securely exchanges identity tokens for temporary cloud credentials, with built-in support for AWS, GCP, Azure, OCI, Kubernetes, and OAuth2. You can also refer to the companion blog post.
https://github.com/riptideslabs/tokenex
#aws #azure #gcp
❤1👍1🔥1
🔷🔴 OmniProx
IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare.
https://github.com/ZephrFish/OmniProx
#azure #gcp
IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare.
https://github.com/ZephrFish/OmniProx
#azure #gcp
❤2👍2🔥1
🔶 Crimson Collective: A New Threat Group Observed Operating in the Cloud
Rapid7 has observed increased activity of a new threat group attacking AWS cloudenvironments, Crimson Collective, who recently claimed to have stolen private repositories from Red Hat's GitLab.
https://www.rapid7.com/blog/post/tr-crimson-collective-a-new-threat-group-observed-operating-in-the-cloud/
#aws
Rapid7 has observed increased activity of a new threat group attacking AWS cloudenvironments, Crimson Collective, who recently claimed to have stolen private repositories from Red Hat's GitLab.
https://www.rapid7.com/blog/post/tr-crimson-collective-a-new-threat-group-observed-operating-in-the-cloud/
#aws
❤1👍1🔥1
🔶 Do you feel in control? Analysis of AWS CloudControl API as an attack tool
Abusing AWS CloudControl API to stealthily enumerate resources, persist in accounts, and evade detection.
https://www.exaforce.com/blogs/feel-in-control-analysis-of-aws-cloudcontrol-api
#aws
Abusing AWS CloudControl API to stealthily enumerate resources, persist in accounts, and evade detection.
https://www.exaforce.com/blogs/feel-in-control-analysis-of-aws-cloudcontrol-api
#aws
🔥2❤1👍1
🔴 Announcing quantum-safe Key Encapsulation Mechanisms in Cloud KMS
GCP now supports post-quantum Key Encapsulation Mechanisms in Cloud KMS, in preview, enabling customers to begin migrating to a post-quantum world.
https://cloud.google.com/blog/products/identity-security/announcing-quantum-safe-key-encapsulation-mechanisms-in-cloud-kms/
#gcp
GCP now supports post-quantum Key Encapsulation Mechanisms in Cloud KMS, in preview, enabling customers to begin migrating to a post-quantum world.
https://cloud.google.com/blog/products/identity-security/announcing-quantum-safe-key-encapsulation-mechanisms-in-cloud-kms/
#gcp
❤2👍1🔥1
🔶 AWS IAM Identity Center now supports customer-managed KMS keys for encryption at rest
Gain control over encryption and comply with regulations using customer-managed keys for AWS IAM Identity Center's user data and passwords.
https://aws.amazon.com/ru/blogs/aws/aws-iam-identity-center-now-supports-customer-managed-kms-keys-for-encryption-at-rest/
(Use VPN to open from Russia)
#aws
Gain control over encryption and comply with regulations using customer-managed keys for AWS IAM Identity Center's user data and passwords.
https://aws.amazon.com/ru/blogs/aws/aws-iam-identity-center-now-supports-customer-managed-kms-keys-for-encryption-at-rest/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶 New AWS whitepaper: Security Overview of Amazon EKS Auto Mode
The whitepaper covers the core security principles of Amazon EKS Auto Mode, highlighting its unique approach to managing Kubernetes clusters.
https://aws.amazon.com/ru/blogs/security/new-aws-whitepaper-security-overview-of-amazon-eks-auto-mode/
(Use VPN to open from Russia)
#aws
The whitepaper covers the core security principles of Amazon EKS Auto Mode, highlighting its unique approach to managing Kubernetes clusters.
https://aws.amazon.com/ru/blogs/security/new-aws-whitepaper-security-overview-of-amazon-eks-auto-mode/
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
🔶 Rubygems.org AWS Root Access Event – September 2025
This post details a September 2025 security incident where a former RubyGems.org maintainer retained AWS root access after removal. Ruby Central discovered unauthorized access, reset credentials, and found no evidence of data compromise.
https://rubycentral.org/news/rubygems-org-aws-root-access-event-september-2025/
#aws
This post details a September 2025 security incident where a former RubyGems.org maintainer retained AWS root access after removal. Ruby Central discovered unauthorized access, reset credentials, and found no evidence of data compromise.
https://rubycentral.org/news/rubygems-org-aws-root-access-event-september-2025/
#aws
❤1👍1🔥1
Password scrambling guidance to deploy passwordless and phishing-resistant authentication for organizations that use Microsoft Entra ID.
https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-plan-password-scramble-phishing-resistant-passwordless-authentication
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👍1🔥1🤔1
🔶 AWS Transfer Family SFTP connectors now support VPC-based connectivity
AWS Transfer Family SFTP connectors now support VPC-based connectivity, allowing secure file transfers between Amazon S3 and remote SFTP servers through your existing VPC infrastructure without exposing endpoints to the internet.
https://aws.amazon.com/ru/blogs/aws/aws-transfer-family-sftp-connectors-now-support-vpc-based-connectivity/
#aws
AWS Transfer Family SFTP connectors now support VPC-based connectivity, allowing secure file transfers between Amazon S3 and remote SFTP servers through your existing VPC infrastructure without exposing endpoints to the internet.
https://aws.amazon.com/ru/blogs/aws/aws-transfer-family-sftp-connectors-now-support-vpc-based-connectivity/
#aws
❤2👍1🔥1
🔶 Introducing Amazon EBS Volume Clones: Create instant copies of your EBS volumes
AWS launched Amazon EBS Volume Clones, a new capability that allows users to create instant point-in-time copies of EBS volumes within the same Availability Zone with a single API call, eliminating the previous multi-step process of taking snapshots and creating volumes from them.
https://aws.amazon.com/ru/blogs/aws/introducing-amazon-ebs-volume-clones-create-instant-copies-of-your-ebs-volumes/
#aws
AWS launched Amazon EBS Volume Clones, a new capability that allows users to create instant point-in-time copies of EBS volumes within the same Availability Zone with a single API call, eliminating the previous multi-step process of taking snapshots and creating volumes from them.
https://aws.amazon.com/ru/blogs/aws/introducing-amazon-ebs-volume-clones-create-instant-copies-of-your-ebs-volumes/
#aws
❤3👍2🔥1
🔶 Amazon EC2 instance attestation
Learn how to use NitroTPM for attestation to verify the integrity of your EC2 instances.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm-attestation.html
(Use VPN to open from Russia)
#aws
Learn how to use NitroTPM for attestation to verify the integrity of your EC2 instances.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm-attestation.html
(Use VPN to open from Russia)
#aws
❤1👍1🔥1
Copilot Studio links look benign, but they can host content to redirect users to arbitrary URLs. In this post, Datadog documents a method by which a Copilot Studio agent's login settings can redirect a user to any URL, including an OAuth consent attack.
https://securitylabs.datadoghq.com/articles/cophish-using-microsoft-copilot-studio-as-a-wrapper/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👍1🔥1
Cisco Talos has observed increased activity by malicious actors leveraging Direct Send as part of phishing campaigns. Here's how to strengthen your defenses.
https://blog.talosintelligence.com/reducing-abuse-of-microsoft-365-exchange-onlines-direct-send/
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔶 ECS on EC2: Covering Gaps in IMDS Hardening
The article discusses securing ECS on EC2 by blocking IMDS access. IMDSv2 with hop limit 1 only blocks access in bridge mode but not in awsvpc or host modes. Different networking modes require specific configurations to protect against privilege escalation attacks like ECScape.
https://www.latacora.com/blog/2025/10/02/ecs-on-ec2-covering-gaps-in-imds-hardening/
(Use VPN to open from Russia)
#aws
The article discusses securing ECS on EC2 by blocking IMDS access. IMDSv2 with hop limit 1 only blocks access in bridge mode but not in awsvpc or host modes. Different networking modes require specific configurations to protect against privilege escalation attacks like ECScape.
https://www.latacora.com/blog/2025/10/02/ecs-on-ec2-covering-gaps-in-imds-hardening/
(Use VPN to open from Russia)
#aws
❤2👍1🔥1