🔶 Quick Tip: Minimizing Terraformed SCPs
How to tackle character limits in SCPs.
https://ramimac.me/terraform-minimized-scps
#aws
How to tackle character limits in SCPs.
https://ramimac.me/terraform-minimized-scps
#aws
👍3❤1🔥1
🔷 Securing AD CS: Microsoft Defender for Identity's Sensor Unveiled
Active Directory Certificate Services (AD CS) is commonly used in Active Directory environments to manage Public Key Infrastructure (PKI) and it plays a critical role in instrumenting digital certificates.
https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/securing-ad-cs-microsoft-defender-for-identity-s-sensor-unveiled/ba-p/3980265
#azure
Active Directory Certificate Services (AD CS) is commonly used in Active Directory environments to manage Public Key Infrastructure (PKI) and it plays a critical role in instrumenting digital certificates.
https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/securing-ad-cs-microsoft-defender-for-identity-s-sensor-unveiled/ba-p/3980265
#azure
👍3🔥2👏1
🔶 Governance at scale: Enforce permissions and compliance by using policy as code
How to automate Config and Control Tower checks.
https://aws.amazon.com/ru/blogs/security/governance-at-scale-enforce-permissions-and-compliance-by-using-policy-as-code/
#aws
How to automate Config and Control Tower checks.
https://aws.amazon.com/ru/blogs/security/governance-at-scale-enforce-permissions-and-compliance-by-using-policy-as-code/
#aws
🔥4👍1👏1
🔴 Migrate from service account keys
An article that describes the process for migrating from service account keys to more secure authentication methods.
https://cloud.google.com/iam/docs/migrate-from-service-account-keys
#gcp
An article that describes the process for migrating from service account keys to more secure authentication methods.
https://cloud.google.com/iam/docs/migrate-from-service-account-keys
#gcp
👍3❤1🔥1
🔴 Introducing Cloud SQL IAM group authentication
New IAM groups authentication in Cloud SQL simplifies granting/revoking access to database objects at scale.
https://cloud.google.com/blog/products/databases/introducing-cloud-sql-iam-group-authentication/
#gcp
New IAM groups authentication in Cloud SQL simplifies granting/revoking access to database objects at scale.
https://cloud.google.com/blog/products/databases/introducing-cloud-sql-iam-group-authentication/
#gcp
👍3❤1🔥1
🔶 AWSAttacks
This repo contains IOC, malware and malware analysis associated with AWS cloud. You can also refer to this blog post.
https://github.com/unknownhad/AWSAttacks
#aws
This repo contains IOC, malware and malware analysis associated with AWS cloud. You can also refer to this blog post.
https://github.com/unknownhad/AWSAttacks
#aws
👍4🔥2❤1
🙂 Dear friends,
Happy New Year 2024! 🎅
This year has been good. The next one will be even better. We wish everyone personal and career success. Stay with us, we will delight you only with high-quality content.
#HappyNewYear
Happy New Year 2024! 🎅
This year has been good. The next one will be even better. We wish everyone personal and career success. Stay with us, we will delight you only with high-quality content.
#HappyNewYear
❤4👍4🔥1
🔴 Why did 1 GitHub Repo leak 5,000 Live GCP Keys?
More GCP Keys leaked on GitHub in 2022 than any other key type. Why? Turns out one repository played a major role.
https://trufflesecurity.com/blog/why-did-1-github-repo-leak-5000-live-gcp-keys/
#gcp
More GCP Keys leaked on GitHub in 2022 than any other key type. Why? Turns out one repository played a major role.
https://trufflesecurity.com/blog/why-did-1-github-repo-leak-5000-live-gcp-keys/
#gcp
👍4❤1🔥1
🔶 Deep dive into the new Amazon EKS Cluster Access Management features
Post deep diving into the newly released Amazon EKS cluster access management features, as well as discussing threat detection opportunities based on the newly available CloudTrail events associated with this feature.
https://securitylabs.datadoghq.com/articles/eks-cluster-access-management-deep-dive/
#aws
Post deep diving into the newly released Amazon EKS cluster access management features, as well as discussing threat detection opportunities based on the newly available CloudTrail events associated with this feature.
https://securitylabs.datadoghq.com/articles/eks-cluster-access-management-deep-dive/
#aws
👍5🔥2❤1
🔴 Exploiting Monitoring and Service Mesh Configurations in GKE to Gain Unauthorized Access
The article exposes a privilege escalation vulnerability in Google Kubernetes Engine, involving misuse of FluentBit and Anthos Service Mesh, allowing attackers to gain full cluster control.
https://unit42.paloaltonetworks.com/google-kubernetes-engine-privilege-escalation-fluentbit-anthos/
#gcp
The article exposes a privilege escalation vulnerability in Google Kubernetes Engine, involving misuse of FluentBit and Anthos Service Mesh, allowing attackers to gain full cluster control.
https://unit42.paloaltonetworks.com/google-kubernetes-engine-privilege-escalation-fluentbit-anthos/
#gcp
👍5❤3🔥2
🔶 Setting secure AWS defaults and avoiding misconfigurations
Wiz cloud security researcher, Scott Piper, suggests measures organizations can adopt to ensure secure defaults on AWS and improve their security posture.
https://www.wiz.io/blog/how-to-set-secure-defaults-on-aws
#aws
Wiz cloud security researcher, Scott Piper, suggests measures organizations can adopt to ensure secure defaults on AWS and improve their security posture.
https://www.wiz.io/blog/how-to-set-secure-defaults-on-aws
#aws
👍5❤1🔥1
🔶 Best Practices to help secure your container image build pipeline by using AWS Signer
AWS Signer is a fully managed code-signing service to help ensure the trust and integrity of your code. It helps you verify that the code comes from a trusted source and that an unauthorized party has not accessed it.
https://aws.amazon.com/ru/blogs/security/best-practices-to-help-secure-your-container-image-build-pipeline-by-using-aws-signer/
#aws
AWS Signer is a fully managed code-signing service to help ensure the trust and integrity of your code. It helps you verify that the code comes from a trusted source and that an unauthorized party has not accessed it.
https://aws.amazon.com/ru/blogs/security/best-practices-to-help-secure-your-container-image-build-pipeline-by-using-aws-signer/
#aws
👍4❤1🔥1
🔶 Deep dive into AWS CloudShell
AWS CloudShell got a new capability in January 2024: running Docker containers.
https://awsteele.com/blog/2024/01/11/deep-dive-into-aws-cloudshell.html
#aws
AWS CloudShell got a new capability in January 2024: running Docker containers.
https://awsteele.com/blog/2024/01/11/deep-dive-into-aws-cloudshell.html
#aws
🔥5❤1👍1
🔷 Hunting M365 Invaders: Blue Team's Guide to Initial Access Vectors
Discover insights from the Splunk Threat Research Team on Microsoft 365 threat detection, focusing on data source analysis and effective methods for hunting initial access threats.
https://www.splunk.com/en_us/blog/security/hunting-m365-invaders-blue-team-s-guide-to-initial-access-vectors.html
(Use VPN to open from Russia)
#azure
Discover insights from the Splunk Threat Research Team on Microsoft 365 threat detection, focusing on data source analysis and effective methods for hunting initial access threats.
https://www.splunk.com/en_us/blog/security/hunting-m365-invaders-blue-team-s-guide-to-initial-access-vectors.html
(Use VPN to open from Russia)
#azure
❤2👍1🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
🔶 Fuzzing and Bypassing the AWS WAF
The Sysdig Threat Research Team discovered techniques that allowed the AWS WAF to be bypassed using a specialized DOM event.
https://sysdig.com/blog/fuzzing-and-bypassing-the-aws-waf/
(Use VPN to open from Russia)
#aws
The Sysdig Threat Research Team discovered techniques that allowed the AWS WAF to be bypassed using a specialized DOM event.
https://sysdig.com/blog/fuzzing-and-bypassing-the-aws-waf/
(Use VPN to open from Russia)
#aws
👍5😱2🔥1
🔷 Automating Managed Identity Token Extraction in Azure Container Registries
The «Tasks» functionality can be abused by attackers to generate tokens for any Managed Identities that are attached to the ACR.
https://www.netspi.com/blog/technical/cloud-penetration-testing/automating-managed-identity-token-extraction-in-azure-container-registries/
#azure
The «Tasks» functionality can be abused by attackers to generate tokens for any Managed Identities that are attached to the ACR.
https://www.netspi.com/blog/technical/cloud-penetration-testing/automating-managed-identity-token-extraction-in-azure-container-registries/
#azure
👍2❤1🔥1
🔶 Automate Cedar policy validation with AWS developer tools
How to use developer tools on AWS to implement a build pipeline that validates the Cedar policy files against a schema and runs a suite of tests to isolate the Cedar policy logic.
https://aws.amazon.com/ru/blogs/security/automate-cedar-policy-validation-with-aws-developer-tools/
#aws
How to use developer tools on AWS to implement a build pipeline that validates the Cedar policy files against a schema and runs a suite of tests to isolate the Cedar policy logic.
https://aws.amazon.com/ru/blogs/security/automate-cedar-policy-validation-with-aws-developer-tools/
#aws
👍4❤1🔥1
🔶 Tales from the cloud trenches: Amazon ECS is the new EC2 for crypto mining
Two attacks in an AWS environment that led to crypto mining and data exfiltration.
https://securitylabs.datadoghq.com/articles/tales-from-the-cloud-trenches-ecs-crypto-mining/
#aws
Two attacks in an AWS environment that led to crypto mining and data exfiltration.
https://securitylabs.datadoghq.com/articles/tales-from-the-cloud-trenches-ecs-crypto-mining/
#aws
👍4❤1🔥1
🔶 AWS Account Security Onboarding Mind Map
A succinct and structured mind map that could act like a checklist when onboarding new AWS Accounts to an existing AWS Organization.
https://www.linkedin.com/pulse/aws-account-security-onboarding-mind-map-artem-marusov-zrpre/
(Use VPN to open from Russia)
#aws
A succinct and structured mind map that could act like a checklist when onboarding new AWS Accounts to an existing AWS Organization.
https://www.linkedin.com/pulse/aws-account-security-onboarding-mind-map-artem-marusov-zrpre/
(Use VPN to open from Russia)
#aws
🔥5👍2❤1
🔶 AWS IAM Roles Anywhere with MacOS Keychain
Create a test Certificate Authority, configure AWS IAM Roles Anywhere and test access to AWS authenticating with a certificate in MacOS Keychain.
https://medium.com/@paulschwarzenberger/aws-iam-roles-anywhere-with-macos-keychain-17764b5fb848
(Use VPN to open from Russia)
#aws
Create a test Certificate Authority, configure AWS IAM Roles Anywhere and test access to AWS authenticating with a certificate in MacOS Keychain.
https://medium.com/@paulschwarzenberger/aws-iam-roles-anywhere-with-macos-keychain-17764b5fb848
(Use VPN to open from Russia)
#aws
👍3❤1🔥1
🔷 Azure Logs: Breaking Through the Cloud Cover
Azure Monitor Activity Logs can be difficult to interpret. This blog offers insights into these logs where you'll find an invaluable reference tool and guide designed to demystify Azure's logging complexities.
https://permiso.io/blog/azure-logs-breaking-through-the-cloud-cover
#azure
Azure Monitor Activity Logs can be difficult to interpret. This blog offers insights into these logs where you'll find an invaluable reference tool and guide designed to demystify Azure's logging complexities.
https://permiso.io/blog/azure-logs-breaking-through-the-cloud-cover
#azure
👍3❤1🔥1