🔶 Cloud Detection and Response Needs To Break Down Boundaries
The attack patterns of the modern day threat actor are changing as they are able to traverse across multiple environments in the cloud. CDR needs to keep up.
https://permiso.io/blog/cloud-detection-and-response-needs-to-break-down-boundaries
#aws
The attack patterns of the modern day threat actor are changing as they are able to traverse across multiple environments in the cloud. CDR needs to keep up.
https://permiso.io/blog/cloud-detection-and-response-needs-to-break-down-boundaries
#aws
👍4🔥1👏1
🔶 Lessons from Recent Social Engineering Attacks on Okta Super Admin Accounts
Post exploring the latest Okta security incidents and explaining how to fortify your IAM system against social engineering attacks.
https://acsense.com/blog/okta-super-admin-breach-steps-for-iam-resilience
#aws
Post exploring the latest Okta security incidents and explaining how to fortify your IAM system against social engineering attacks.
https://acsense.com/blog/okta-super-admin-breach-steps-for-iam-resilience
#aws
👍3🔥1👏1
🔶 aws-list-resources
Uses the AWS Cloud Control API to list resources that are present in a given AWS account and region(s).
https://github.com/welldone-cloud/aws-list-resources
#aws
Uses the AWS Cloud Control API to list resources that are present in a given AWS account and region(s).
https://github.com/welldone-cloud/aws-list-resources
#aws
👍2❤1🔥1😱1
🔷 Announcing Notation Azure Key Vault plugin v1.0 for signing container images
The Notary Project is being adopted by Azure Key Vault.
https://techcommunity.microsoft.com/t5/apps-on-azure-blog/announcing-notation-azure-key-vault-plugin-v1-0-for-signing/ba-p/3920895
#azure
The Notary Project is being adopted by Azure Key Vault.
https://techcommunity.microsoft.com/t5/apps-on-azure-blog/announcing-notation-azure-key-vault-plugin-v1-0-for-signing/ba-p/3920895
#azure
👍3❤1🔥1
🔷 The Azure Metadata Protection You Didn't Know Was There
Some Azure services have an additional, not widely known, protection mechanism against session token exfiltration.
https://ermetic.com/blog/azure/the-azure-metadata-protection-you-didnt-know-was-there/
#azure
Some Azure services have an additional, not widely known, protection mechanism against session token exfiltration.
https://ermetic.com/blog/azure/the-azure-metadata-protection-you-didnt-know-was-there/
#azure
👍4🔥1👏1
🔶 AWS Console Session Traceability: How Attackers Obfuscate Identity Through the AWS Console
Attackers can take advantage of a quirk of the default AWS configuration (without SourceIdentity configured) to potentially make detecting and attributing their actions more difficult.
https://www.gem.security/post/aws-console-session-traceability-how-attackers-obfuscate-identity-through-the-aws-console
#aws
Attackers can take advantage of a quirk of the default AWS configuration (without SourceIdentity configured) to potentially make detecting and attributing their actions more difficult.
https://www.gem.security/post/aws-console-session-traceability-how-attackers-obfuscate-identity-through-the-aws-console
#aws
👍4🔥1👏1
🔶 A security community success story of mitigating a misconfiguration
Learn about the process of preventing security issues by changing things outside of your environment by looking at how a misconfiguration was occurring when Github Actions were integrated with AWS IAM roles and the improvements made that have now made this misconfiguration much less likely.
https://www.wiz.io/blog/a-security-community-success-story-of-mitigating-a-misconfiguration
#aws
Learn about the process of preventing security issues by changing things outside of your environment by looking at how a misconfiguration was occurring when Github Actions were integrated with AWS IAM roles and the improvements made that have now made this misconfiguration much less likely.
https://www.wiz.io/blog/a-security-community-success-story-of-mitigating-a-misconfiguration
#aws
🔥4❤1👍1
🔶 How Attackers Can Misuse AWS CloudFront Access to 'Make It Rain' Cookies
Post exploring two different attack scenarios: Cookie Theft via CloudFront Function, and Data Exfiltration via Lambda Function Modification.
https://medium.com/@adan.alvarez/how-attackers-can-misuse-aws-cloudfront-access-to-make-it-rain-cookies-acf9ce87541c
(Use VPN to open from Russia)
#aws
Post exploring two different attack scenarios: Cookie Theft via CloudFront Function, and Data Exfiltration via Lambda Function Modification.
https://medium.com/@adan.alvarez/how-attackers-can-misuse-aws-cloudfront-access-to-make-it-rain-cookies-acf9ce87541c
(Use VPN to open from Russia)
#aws
👍3🔥1👏1
🔴 Light the way ahead: Platform Engineering, Golden Paths, and the power of self-service
What is a Golden Path? Who is a Golden Path for? When to build Golden Paths?
https://cloud.google.com/blog/products/application-development/golden-paths-for-engineering-execution-consistency/
#gcp
What is a Golden Path? Who is a Golden Path for? When to build Golden Paths?
https://cloud.google.com/blog/products/application-development/golden-paths-for-engineering-execution-consistency/
#gcp
👍3🔥1👏1
🔷 38TB of data accidentally exposed by Microsoft AI researchers
Wiz Research found a data exposure incident on Microsoft's AI GitHub repository, including over 30,000 internal Microsoft Teams messages - all caused by one misconfigured SAS token.
https://www.wiz.io/blog/38-terabytes-of-private-data-accidentally-exposed-by-microsoft-ai-researchers
#azure
Wiz Research found a data exposure incident on Microsoft's AI GitHub repository, including over 30,000 internal Microsoft Teams messages - all caused by one misconfigured SAS token.
https://www.wiz.io/blog/38-terabytes-of-private-data-accidentally-exposed-by-microsoft-ai-researchers
#azure
👍4😱2🔥1
🔷 Ransomware Strikes Azure Storage: Are You Ready?
Post discussing Azure Storage Accounts, pointing out forensic artifacts in Azure that can help investigate ransomware attacks, and offering methods for attack detection.
https://www.mitiga.io/blog/ransomware-strikes-azure-storage-are-you-ready
#azure
Post discussing Azure Storage Accounts, pointing out forensic artifacts in Azure that can help investigate ransomware attacks, and offering methods for attack detection.
https://www.mitiga.io/blog/ransomware-strikes-azure-storage-are-you-ready
#azure
👍3❤1🔥1
🔶🔷🔴 How to Rotate Leaked API Keys
A collection of API key rotation tutorials for AWS, GCP, GitHub , and more.
https://howtorotate.com/docs/introduction/getting-started/
#aws #azure #gcp
A collection of API key rotation tutorials for AWS, GCP, GitHub , and more.
https://howtorotate.com/docs/introduction/getting-started/
#aws #azure #gcp
👍3🔥1😱1
🔴 Maintaining persistence via Shared sessions on Cloud Workstations
When an owner initiates a session and performs actions like gcloud auth login, the session state persists, shared across multiple users accessing the workstation through the same URL. This means that any user with access to the workstation can view and interact with the session artifacts created by the owner.
https://saransh-rana.gitbook.io/aboutme/maintaining-persistence-via-shared-sessions-on-cloud-workstations
#gcp
When an owner initiates a session and performs actions like gcloud auth login, the session state persists, shared across multiple users accessing the workstation through the same URL. This means that any user with access to the workstation can view and interact with the session artifacts created by the owner.
https://saransh-rana.gitbook.io/aboutme/maintaining-persistence-via-shared-sessions-on-cloud-workstations
#gcp
👍3❤1🔥1
🔶 AWS's Hidden Threat: AMBERSQUID Cloud-Native Cryptojacking Operation
The Sysdig Threat Research Team (TRT) has uncovered a novel cloud-native cryptojacking operation which they've named AMBERSQUID. This operation leverages AWS services not commonly used by attackers, such as AWS Amplify, AWS Fargate, and Amazon SageMaker.
https://sysdig.com/blog/ambersquid/
(Use VPN to open from Russia)
#aws
The Sysdig Threat Research Team (TRT) has uncovered a novel cloud-native cryptojacking operation which they've named AMBERSQUID. This operation leverages AWS services not commonly used by attackers, such as AWS Amplify, AWS Fargate, and Amazon SageMaker.
https://sysdig.com/blog/ambersquid/
(Use VPN to open from Russia)
#aws
👍3❤1🔥1
🔶 Remote analysis on cloud object-storage
The journey of making the volatility3 framework compatible with S3 object-storage to perform memory analysis over the network.
https://www.forensicxlab.com/posts/vols3/
#aws
The journey of making the volatility3 framework compatible with S3 object-storage to perform memory analysis over the network.
https://www.forensicxlab.com/posts/vols3/
#aws
👍4❤1🔥1
🔶 Enable external pipeline deployments to AWS Cloud by using IAM Roles Anywhere
Post walking through the steps on how to obtain AWS temporary credentials for your external CI/CD pipelines by using IAM Roles Anywhere and an on-premises hosted server running Azure DevOps Services.
https://aws.amazon.com/ru/blogs/security/enable-external-pipeline-deployments-to-aws-cloud-by-using-iam-roles-anywhere/
#aws
Post walking through the steps on how to obtain AWS temporary credentials for your external CI/CD pipelines by using IAM Roles Anywhere and an on-premises hosted server running Azure DevOps Services.
https://aws.amazon.com/ru/blogs/security/enable-external-pipeline-deployments-to-aws-cloud-by-using-iam-roles-anywhere/
#aws
👍5❤1🔥1
🔶 Automate Lambda code signing with Amazon CodeCatalyst and AWS Signer
How to use Amazon CodeCatalyst with AWS Signer to fully manage the code signing process to ensure the trust and integrity of code assets.
https://aws.amazon.com/ru/blogs/devops/automate-lambda-code-signing-with-amazon-codecatalyst-and-aws-signer/
#aws
How to use Amazon CodeCatalyst with AWS Signer to fully manage the code signing process to ensure the trust and integrity of code assets.
https://aws.amazon.com/ru/blogs/devops/automate-lambda-code-signing-with-amazon-codecatalyst-and-aws-signer/
#aws
👍4🔥1😱1
🔶 Deploy AWS WAF faster with Security Automations
You can now deploy AWS WAF managed rules as part of the Security Automations for AWS WAF solution.
https://aws.amazon.com/ru/blogs/security/deploy-aws-managed-rules-using-security-automations-for-aws-waf/
#aws
You can now deploy AWS WAF managed rules as part of the Security Automations for AWS WAF solution.
https://aws.amazon.com/ru/blogs/security/deploy-aws-managed-rules-using-security-automations-for-aws-waf/
#aws
👍5❤1🔥1😱1
🔶 terraform-aws-api-gateway
Terraform module to create Route53 resource on AWS for create api gateway with its basic elements.
https://github.com/clouddrove/terraform-aws-api-gateway
#aws
Terraform module to create Route53 resource on AWS for create api gateway with its basic elements.
https://github.com/clouddrove/terraform-aws-api-gateway
#aws
👍2❤1🔥1
🔷 Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement
Microsoft's analysis of an attempt to steal the cloud identity in a SQL Server instance for lateral movement highlights the importance of securing cloud identities and implementing least privilege practices when deploying cloud-based and on-premises solutions.
https://www.microsoft.com/en-us/security/blog/2023/10/03/defending-new-vectors-threat-actors-attempt-sql-server-to-cloud-lateral-movement/
#azure
Microsoft's analysis of an attempt to steal the cloud identity in a SQL Server instance for lateral movement highlights the importance of securing cloud identities and implementing least privilege practices when deploying cloud-based and on-premises solutions.
https://www.microsoft.com/en-us/security/blog/2023/10/03/defending-new-vectors-threat-actors-attempt-sql-server-to-cloud-lateral-movement/
#azure
👍3❤1🔥1
🔶 Introduction to AWS Attribute-Based Access Control
The article provides an introduction to Attribute-Based Access Control (ABAC) in AWS. It explains how ABAC differs from traditional Role-Based Access Control (RBAC) and how to use tags to implement ABAC.
https://research.nccgroup.com/2023/10/02/introduction-to-aws-attribute-based-access-control/
#aws
The article provides an introduction to Attribute-Based Access Control (ABAC) in AWS. It explains how ABAC differs from traditional Role-Based Access Control (RBAC) and how to use tags to implement ABAC.
https://research.nccgroup.com/2023/10/02/introduction-to-aws-attribute-based-access-control/
#aws
👍3🔥2❤1