🔴 Investigating the usage of GCP Service Accounts
Three GCP services to help you to investigate Google Cloud Service Account usage and mitigate against unintended consequences during key rotation.
https://cloud.google.com/blog/products/identity-security/three-services-to-investigate-gcp-service-account-usage
#gcp
Three GCP services to help you to investigate Google Cloud Service Account usage and mitigate against unintended consequences during key rotation.
https://cloud.google.com/blog/products/identity-security/three-services-to-investigate-gcp-service-account-usage
#gcp
Google Cloud Blog
Three services to investigate GCP Service Account usage | Google Cloud Blog
Three GCP services to help you to investigate Google Cloud Service Account usage and mitigate against unintended consequences during key rotation.
🔶 Modernize your Penetration Testing Architecture on AWS Fargate
How you can use modern cloud technologies to build a scalable penetration testing platform, with no infrastructure to manage.
https://aws.amazon.com/ru/blogs/architecture/modernize-your-penetration-testing-architecture-on-aws-fargate/
#aws
How you can use modern cloud technologies to build a scalable penetration testing platform, with no infrastructure to manage.
https://aws.amazon.com/ru/blogs/architecture/modernize-your-penetration-testing-architecture-on-aws-fargate/
#aws
Amazon
Modernize your Penetration Testing Architecture on AWS Fargate | Amazon Web Services
Organizations in all industries are innovating their application stack through modernization. Developers have found that modular architecture patterns, serverless operational models, and agile development processes provide great benefits. They offer faster…
🔴 Continuous Compliance Engineering GCP case studies
Three real GCP controls framework technical examples for regulated FSI Google Cloud customers to help maintain security and compliance postures.
https://cloud.google.com/blog/products/compliance/continuous-compliance-engineering-gcp-case-studies
#gcp
Three real GCP controls framework technical examples for regulated FSI Google Cloud customers to help maintain security and compliance postures.
https://cloud.google.com/blog/products/compliance/continuous-compliance-engineering-gcp-case-studies
#gcp
Google Cloud Blog
Continuous Compliance Engineering GCP case studies | Google Cloud Blog
Here are 3 real GCP controls framework technical examples for regulated FSI Google Cloud customers to help maintain security and compliance postures.
🔶 Using AWS security services to protect against, detect, and respond to the Log4j vulnerability
Post providing guidance to help customers who are responding to the recently disclosed log4j vulnerability.
https://aws.amazon.com/ru/blogs/security/using-aws-security-services-to-protect-against-detect-and-respond-to-the-log4j-vulnerability/
#aws
Post providing guidance to help customers who are responding to the recently disclosed log4j vulnerability.
https://aws.amazon.com/ru/blogs/security/using-aws-security-services-to-protect-against-detect-and-respond-to-the-log4j-vulnerability/
#aws
Amazon
Using AWS security services to protect against, detect, and respond to the Log4j vulnerability | Amazon Web Services
April 21, 2022: The blog post has been updated to include information on the updated version of the hotpatch. See this security advisory for more details. Overview In this post we will provide guidance to help customers who are responding to the recently…
🔶 Using CloudTrail to identify unexpected behaviors in individual workloads
A practical approach that you can use to detect anomalous behaviors within AWS workloads by using behavioral analysis techniques that can be used to augment existing threat detection solutions.
https://aws.amazon.com/ru/blogs/security/using-cloudtrail-to-identify-unexpected-behaviors-in-individual-workloads/
#aws
A practical approach that you can use to detect anomalous behaviors within AWS workloads by using behavioral analysis techniques that can be used to augment existing threat detection solutions.
https://aws.amazon.com/ru/blogs/security/using-cloudtrail-to-identify-unexpected-behaviors-in-individual-workloads/
#aws
Amazon
Using CloudTrail to identify unexpected behaviors in individual workloads | Amazon Web Services
In this post, we describe a practical approach that you can use to detect anomalous behaviors within Amazon Web Services (AWS) cloud workloads by using behavioral analysis techniques that can be used to augment existing threat detection solutions. Anomaly…
🙂 Dear friends,
Happy New Year 2022! 🎅
We wish you personal and career success. Stay with us. Next year we will continue to delight you with only high-quality content!
#HappyNewYear
Happy New Year 2022! 🎅
We wish you personal and career success. Stay with us. Next year we will continue to delight you with only high-quality content!
#HappyNewYear
🔷 NotLegit: Azure App Service vulnerability exposed hundreds of source code repositories
Another vulnerability discovered by the Wiz Research Team, where the Azure App Service exposed hundreds of source code repositories.
https://blog.wiz.io/azure-app-service-source-code-leak/
#azure
Another vulnerability discovered by the Wiz Research Team, where the Azure App Service exposed hundreds of source code repositories.
https://blog.wiz.io/azure-app-service-source-code-leak/
#azure
wiz.io
NotLegit: Azure App Service vulnerability exposed hundreds of source code repositories | Wiz Blog
Read about the NotLegit vulnerability discovered by the Wiz Research Team, where the Azure App Service exposed hundreds of source code repositories.
🔴 Cloud-Native Ransomware Protection in GCP
The five pillars of the NIST CSF help create a layered security approach to the fight against ransomware.
https://scalesec.com/blog/cloud-native-ransomware-protection-gcp/
#gcp
The five pillars of the NIST CSF help create a layered security approach to the fight against ransomware.
https://scalesec.com/blog/cloud-native-ransomware-protection-gcp/
#gcp
Scalesec
Cloud-Native Ransomware Protection in GCP | ScaleSec
GCP Cloud-Native way to fend off ransomware.
🔶 Get Email Notification On AWS IAM User Creation
Example CloudWatch rule and Lambda function to send an email via SES whenever an IAM user is created.
https://www.iampulse.com/t/get-email-notification-on-aws-iam-user-creation
#aws
Example CloudWatch rule and Lambda function to send an email via SES whenever an IAM user is created.
https://www.iampulse.com/t/get-email-notification-on-aws-iam-user-creation
#aws
🔷 Azure AD & IAM (Part II) ' Leveraging Managed Identities For Privilege Escalation
How to escalate privileges in Azure from low-privileged users to managed-identities.
https://orca.security/resources/blog/azure-ad-iam-part-ii-leveraging-managed-identities-for-privilege-escalation/
#azure
How to escalate privileges in Azure from low-privileged users to managed-identities.
https://orca.security/resources/blog/azure-ad-iam-part-ii-leveraging-managed-identities-for-privilege-escalation/
#azure
Orca Security
Azure AD & IAM (Part II) - Managed Identities - Orca Security
In the second part of the Orca blog post series about Azure AD and IAM, we share our research on leveraging managed identities for privilege escalation.
🔴 Impersonate the Cloud: Running your app locally as if you were on Google Cloud
Some ways to securely run an app locally with the exact same context as on Google Cloud.
https://www.iampulse.com/t/impersonate-the-cloud-running-your-app-locally-as-if-you-were-on-google-cloud
#gcp
Some ways to securely run an app locally with the exact same context as on Google Cloud.
https://www.iampulse.com/t/impersonate-the-cloud-running-your-app-locally-as-if-you-were-on-google-cloud
#gcp
🔶 2 Critical Cloud Vulnerabilities to Convince You to Move to the Cloud
The Orca Security Research Team wrote about 2 critical zero-day vulnerabilities affecting AWS: Superglue and BreakingFormation. These vulnerabilities could've allowed unauthorized access to customer data and/or sensitive code and data within AWS.
https://orca.security/resources/blog/two-critical-cloud-vulnerabilities/
#aws
The Orca Security Research Team wrote about 2 critical zero-day vulnerabilities affecting AWS: Superglue and BreakingFormation. These vulnerabilities could've allowed unauthorized access to customer data and/or sensitive code and data within AWS.
https://orca.security/resources/blog/two-critical-cloud-vulnerabilities/
#aws
Orca Security
Superglue: AWS Glue Vulnerability | Orca Research Pod
Orca's Team discovered a vulnerability in AWS Glue, named Superglue, that could allow an actor to create resources and access data of AWS Glue customers.
🔷 Persistence with Azure Policy Guest Configuration
Use Azure Policy Guest Configuration to gain persistence in your target environment and how to detect such an attack as a defender.
https://cloudbrothers.info/en/azure-persistence-azure-policy-guest-configuration/
#azure
Use Azure Policy Guest Configuration to gain persistence in your target environment and how to detect such an attack as a defender.
https://cloudbrothers.info/en/azure-persistence-azure-policy-guest-configuration/
#azure
🔶 Recover your AWS account via Customer Support
A Twitter thread on how to get AWS Customer Support to remove MFA from your root account.
https://twitter.com/jrhunt/status/1478935811336798211?s=12
#aws
A Twitter thread on how to get AWS Customer Support to remove MFA from your root account.
https://twitter.com/jrhunt/status/1478935811336798211?s=12
#aws
Twitter
Randall Hunt
This is a funny story/thread about getting the MFA removed from my root AWS account from 2008. I no longer had access to the phone number on the account but I still had a working IAM user and still had access to the email. You can recover by getting some…
🔶 Implementing a Vulnerable AWS DevOps Environment as a CloudGoat Scenario
A vulnerable "modern AWS DevOps environment" with an API, simulated user activity, and a continuous deployment pipeline.
https://blog.christophetd.fr/implementing-a-vulnerable-aws-devops-environment-as-a-cloudgoat-scenario/
#aws
A vulnerable "modern AWS DevOps environment" with an API, simulated user activity, and a continuous deployment pipeline.
https://blog.christophetd.fr/implementing-a-vulnerable-aws-devops-environment-as-a-cloudgoat-scenario/
#aws
Christophe Tafani-Dereeper
Implementing a Vulnerable AWS DevOps Environment as a CloudGoat Scenario - Christophe Tafani-Dereeper
I’m a huge fan of disposable security labs, both for offensive and defensive purposes (see: Automating the provisioning of Active Directory labs in Azure). After writing Cloud Security Breaches and Vulnerabilities: 2021 in Review, I wanted to build a “purposely…
🔴 Geofencing a Globally Load Balanced service on GCP using Cloud Armor
How to use Cloud Armor to geofence a website/service running on GCP using Cloud Run, Google Cloud Storage (GCS) and the Global HTTP(S) Load Balancer.
https://medium.com/google-cloud/geofencing-a-globally-load-balanced-service-on-gcp-using-cloud-armor-44099480fd00
#gcp
How to use Cloud Armor to geofence a website/service running on GCP using Cloud Run, Google Cloud Storage (GCS) and the Global HTTP(S) Load Balancer.
https://medium.com/google-cloud/geofencing-a-globally-load-balanced-service-on-gcp-using-cloud-armor-44099480fd00
#gcp
🔶 Vulnerable AWS Lambda function - Initial access in cloud attacks
How a vulnerable AWS Lambda function could be used by attackers, and some best practices to mitigate these attacks.
https://sysdig.com/blog/exploit-mitigate-aws-lambdas-mitre/
#aws
How a vulnerable AWS Lambda function could be used by attackers, and some best practices to mitigate these attacks.
https://sysdig.com/blog/exploit-mitigate-aws-lambdas-mitre/
#aws
Sysdig
Lambda Threat – Best Practices for Lambda Security | Sysdig
The security research team explains the attack scenario with a vulnerable AWS Lambda function could be a threat used by attackers.
🔴 Creating your first GCP Organization
A walk-through for anyone who hasn't yet created their first Google Identity domain for experimentation in GCP.
https://www.chrisfarris.com/post/gcp-create-domain/
#gcp
A walk-through for anyone who hasn't yet created their first Google Identity domain for experimentation in GCP.
https://www.chrisfarris.com/post/gcp-create-domain/
#gcp
https://www.chrisfarris.com/
Creating your first GCP Organization - Chris Farris
A walk-through for anyone who hasn't yet created their first Google Identity domain for experimentation in GCP.
🔶 GitHub Actions - Update on OIDC based deployments to AWS
If you use OIDC to deploy from Github Action to AWS, update the trusted thumbprint!
https://github.blog/changelog/2022-01-13-github-actions-update-on-oidc-based-deployments-to-aws/
#aws
If you use OIDC to deploy from Github Action to AWS, update the trusted thumbprint!
https://github.blog/changelog/2022-01-13-github-actions-update-on-oidc-based-deployments-to-aws/
#aws
🔶 Top 10 security best practices for securing backups in AWS
This post will guide you through a curated list of the top ten security best practices to secure your backup data and operations in AWS.
https://aws.amazon.com/ru/blogs/security/top-10-security-best-practices-for-securing-backups-in-aws/
#aws
This post will guide you through a curated list of the top ten security best practices to secure your backup data and operations in AWS.
https://aws.amazon.com/ru/blogs/security/top-10-security-best-practices-for-securing-backups-in-aws/
#aws
Amazon
Top 10 security best practices for securing backups in AWS | Amazon Web Services
Security is a shared responsibility between AWS and the customer. Customers have asked for ways to secure their backups in AWS. This post will guide you through a curated list of the top ten security best practices to secure your backup data and operations…
🔶 How I Discovered Thousands of Open Databases on AWS
A writeup describing the journey on finding and reporting databases with sensitive data about Fortune-500 companies, hospitals, crypto platforms, startups, and more.
https://infosecwriteups.com/how-i-discovered-thousands-of-open-databases-on-aws-764729aa7f32
#aws
A writeup describing the journey on finding and reporting databases with sensitive data about Fortune-500 companies, hospitals, crypto platforms, startups, and more.
https://infosecwriteups.com/how-i-discovered-thousands-of-open-databases-on-aws-764729aa7f32
#aws
Medium
How I Discovered Thousands of Open Databases on AWS
My journey on finding and reporting databases with sensitive data about Fortune-500 companies, Hospitals, Crypto platforms, Startups during…