🔶 Preventing Accidental Internet-Exposure of AWS Resources
Many AWS customers have suffered breaches due to exposing resources to the Internet by accident. This three-part series walks through different ways to mitigate that risk.
https://kevinhock.github.io/2023/11/26/preventing-accidental-internet-exposure-of-aws-resources-part-1-vpc.html
#aws
Many AWS customers have suffered breaches due to exposing resources to the Internet by accident. This three-part series walks through different ways to mitigate that risk.
https://kevinhock.github.io/2023/11/26/preventing-accidental-internet-exposure-of-aws-resources-part-1-vpc.html
#aws
👍4❤1🔥1
🔴 Pwning Cloud Contexts, The Endgame
Slides from a Black Hat MEA 2023 talk discussing how a GitHub token led to the compromise of an entire GCP organization.
https://docs.google.com/presentation/d/1sVZohEgGKDkgwgVNzquNzSzKdLDMOFgAiiR78kcgBAw/edit#slide=id.g29a3b4d3924_0_137
#gcp
Slides from a Black Hat MEA 2023 talk discussing how a GitHub token led to the compromise of an entire GCP organization.
https://docs.google.com/presentation/d/1sVZohEgGKDkgwgVNzquNzSzKdLDMOFgAiiR78kcgBAw/edit#slide=id.g29a3b4d3924_0_137
#gcp
👍2🔥2❤1
🔶 Deep dive into the new Amazon EKS Pod Identity feature
Earlier this week, AWS released a new feature, EKS Pod Identity, that aims to simplify granting AWS access to pods running in an EKS cluster. This post deep-dives into how this feature works, some elements that make it unique, and why you might consider using it.
https://securitylabs.datadoghq.com/articles/eks-pod-identity-deep-dive/
#aws
Earlier this week, AWS released a new feature, EKS Pod Identity, that aims to simplify granting AWS access to pods running in an EKS cluster. This post deep-dives into how this feature works, some elements that make it unique, and why you might consider using it.
https://securitylabs.datadoghq.com/articles/eks-pod-identity-deep-dive/
#aws
👍7🔥2😱1
🔶 How fast is CloudTrail today? Investigating CloudTrail delays using Athena
Investigating how long CloudTrail takes to deliver events in 2023.
https://tracebit.com/blog/2023/11/how-fast-is-cloudtrail-today-investigating-cloudtrail-delays-using-athena/
#aws
Investigating how long CloudTrail takes to deliver events in 2023.
https://tracebit.com/blog/2023/11/how-fast-is-cloudtrail-today-investigating-cloudtrail-delays-using-athena/
#aws
👍3🔥1😱1
🔶 Avoid accidental exposure of authenticated Amazon API Gateway resources
The article advises securing Amazon API Gateway by setting default authorizers and applying resource policies for IAM authentication, to prevent accidental exposure and enhance security through defense in depth.
https://www.wolfe.id.au/2023/11/12/avoid-accidental-exposure-of-authenticated-amazon-api-gateway-resources/
#aws
The article advises securing Amazon API Gateway by setting default authorizers and applying resource policies for IAM authentication, to prevent accidental exposure and enhance security through defense in depth.
https://www.wolfe.id.au/2023/11/12/avoid-accidental-exposure-of-authenticated-amazon-api-gateway-resources/
#aws
👍3❤1🔥1
🔴 Exploring a Critical Risk in Google Workspace's Domain-Wide Delegation Feature
A security risk discovered in the Google Cloud Platform domain-wide delegation feature allows a user to generate an access token to Google Workspace, granting unauthorized access to data and other key tools.
https://unit42.paloaltonetworks.com/critical-risk-in-google-workspace-delegation-feature/
#gcp
A security risk discovered in the Google Cloud Platform domain-wide delegation feature allows a user to generate an access token to Google Workspace, granting unauthorized access to data and other key tools.
https://unit42.paloaltonetworks.com/critical-risk-in-google-workspace-delegation-feature/
#gcp
👍3🔥1😱1
🔷 Microsoft Incident Response lessons on preventing cloud identity compromise
Different scenarios involving misconfigured hybrid identity setups that could lead to compromise of Microsoft Entra ID.
https://www.microsoft.com/en-us/security/blog/2023/12/05/microsoft-incident-response-lessons-on-preventing-cloud-identity-compromise/
#azure
Different scenarios involving misconfigured hybrid identity setups that could lead to compromise of Microsoft Entra ID.
https://www.microsoft.com/en-us/security/blog/2023/12/05/microsoft-incident-response-lessons-on-preventing-cloud-identity-compromise/
#azure
👍3❤1🔥1
🔴 DevSecOps and CI/CD using Google Cloud Built-in Services
How to build a secure CI/CD pipeline using Google Cloud's built-in services using Cloud Build, Cloud Deploy, Artifact Registry, Binary Authorization and GKE.
https://cloud.google.com/blog/products/devops-sre/devsecops-and-cicd-using-google-cloud-built-in-services
#gcp
How to build a secure CI/CD pipeline using Google Cloud's built-in services using Cloud Build, Cloud Deploy, Artifact Registry, Binary Authorization and GKE.
https://cloud.google.com/blog/products/devops-sre/devsecops-and-cicd-using-google-cloud-built-in-services
#gcp
🔥4❤2👍1
🔶 Zonal autoshift - Automatically shift your traffic away from Availability Zones when we detect potential issues
A new capability of Route 53 Application Recovery Controller that you can enable to automatically and safely shift your workload's traffic away from an Availability Zone when AWS identifies a potential failure affecting that Availability Zone and shift it back once the failure is resolved.
https://aws.amazon.com/ru/blogs/aws/zonal-autoshift-automatically-shift-your-traffic-away-from-availability-zones-when-we-detect-potential-issues/
#aws
A new capability of Route 53 Application Recovery Controller that you can enable to automatically and safely shift your workload's traffic away from an Availability Zone when AWS identifies a potential failure affecting that Availability Zone and shift it back once the failure is resolved.
https://aws.amazon.com/ru/blogs/aws/zonal-autoshift-automatically-shift-your-traffic-away-from-availability-zones-when-we-detect-potential-issues/
#aws
👍3❤1🔥1
🔴 Unauthenticated Access to GCP Dataproc Can Lead to Data Leak
A lack of security controls of the underlying Open Source Software (OSS) managed solution allows an attacker with knowledge of the Dataproc IP address to access it without any authentication.
https://orca.security/resources/blog/unauthenticated-access-to-google-cloud-dataproc/
#gcp
A lack of security controls of the underlying Open Source Software (OSS) managed solution allows an attacker with knowledge of the Dataproc IP address to access it without any authentication.
https://orca.security/resources/blog/unauthenticated-access-to-google-cloud-dataproc/
#gcp
👍3❤1🔥1
🔶 Cloud services as exfiltration mechanisms
This article outlines how as an adversary you can use an AWS service to exfiltrate data.
https://airwalkreply.com/cloud-services-as-exfiltration-mechanisms
#aws
This article outlines how as an adversary you can use an AWS service to exfiltrate data.
https://airwalkreply.com/cloud-services-as-exfiltration-mechanisms
#aws
👍3❤1🔥1
🔶 AWS Security Services Best Practices
Best practices for configuring AWS security services. From the AWS team.
https://aws.github.io/aws-security-services-best-practices/
#aws
Best practices for configuring AWS security services. From the AWS team.
https://aws.github.io/aws-security-services-best-practices/
#aws
❤6🔥2👍1
🔶🔷🔴 Introducing CloudSecGPT: Your Go-To AI for Cloud Security Insights
CloudSecGPT is a custom-built generative AI model that specializes in cloud security.
https://blog.marcolancini.it/2023/blog-cloudsecgpt/
(Use VPN to open from Russia)
#aws #azure #gcp
CloudSecGPT is a custom-built generative AI model that specializes in cloud security.
https://blog.marcolancini.it/2023/blog-cloudsecgpt/
(Use VPN to open from Russia)
#aws #azure #gcp
🔥3❤1👍1
🔶 Quick Tip: Minimizing Terraformed SCPs
How to tackle character limits in SCPs.
https://ramimac.me/terraform-minimized-scps
#aws
How to tackle character limits in SCPs.
https://ramimac.me/terraform-minimized-scps
#aws
👍3❤1🔥1
🔷 Securing AD CS: Microsoft Defender for Identity's Sensor Unveiled
Active Directory Certificate Services (AD CS) is commonly used in Active Directory environments to manage Public Key Infrastructure (PKI) and it plays a critical role in instrumenting digital certificates.
https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/securing-ad-cs-microsoft-defender-for-identity-s-sensor-unveiled/ba-p/3980265
#azure
Active Directory Certificate Services (AD CS) is commonly used in Active Directory environments to manage Public Key Infrastructure (PKI) and it plays a critical role in instrumenting digital certificates.
https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/securing-ad-cs-microsoft-defender-for-identity-s-sensor-unveiled/ba-p/3980265
#azure
👍3🔥2👏1
🔶 Governance at scale: Enforce permissions and compliance by using policy as code
How to automate Config and Control Tower checks.
https://aws.amazon.com/ru/blogs/security/governance-at-scale-enforce-permissions-and-compliance-by-using-policy-as-code/
#aws
How to automate Config and Control Tower checks.
https://aws.amazon.com/ru/blogs/security/governance-at-scale-enforce-permissions-and-compliance-by-using-policy-as-code/
#aws
🔥4👍1👏1
🔴 Migrate from service account keys
An article that describes the process for migrating from service account keys to more secure authentication methods.
https://cloud.google.com/iam/docs/migrate-from-service-account-keys
#gcp
An article that describes the process for migrating from service account keys to more secure authentication methods.
https://cloud.google.com/iam/docs/migrate-from-service-account-keys
#gcp
👍3❤1🔥1
🔴 Introducing Cloud SQL IAM group authentication
New IAM groups authentication in Cloud SQL simplifies granting/revoking access to database objects at scale.
https://cloud.google.com/blog/products/databases/introducing-cloud-sql-iam-group-authentication/
#gcp
New IAM groups authentication in Cloud SQL simplifies granting/revoking access to database objects at scale.
https://cloud.google.com/blog/products/databases/introducing-cloud-sql-iam-group-authentication/
#gcp
👍3❤1🔥1
🔶 AWSAttacks
This repo contains IOC, malware and malware analysis associated with AWS cloud. You can also refer to this blog post.
https://github.com/unknownhad/AWSAttacks
#aws
This repo contains IOC, malware and malware analysis associated with AWS cloud. You can also refer to this blog post.
https://github.com/unknownhad/AWSAttacks
#aws
👍4🔥2❤1
🙂 Dear friends,
Happy New Year 2024! 🎅
This year has been good. The next one will be even better. We wish everyone personal and career success. Stay with us, we will delight you only with high-quality content.
#HappyNewYear
Happy New Year 2024! 🎅
This year has been good. The next one will be even better. We wish everyone personal and career success. Stay with us, we will delight you only with high-quality content.
#HappyNewYear
❤4👍4🔥1
🔴 Why did 1 GitHub Repo leak 5,000 Live GCP Keys?
More GCP Keys leaked on GitHub in 2022 than any other key type. Why? Turns out one repository played a major role.
https://trufflesecurity.com/blog/why-did-1-github-repo-leak-5000-live-gcp-keys/
#gcp
More GCP Keys leaked on GitHub in 2022 than any other key type. Why? Turns out one repository played a major role.
https://trufflesecurity.com/blog/why-did-1-github-repo-leak-5000-live-gcp-keys/
#gcp
👍4❤1🔥1