🔴 Mitigating the top 10 security threats to GCP using the CIS Google Cloud Platform Foundation Benchmark
What the CIS Google Cloud Platform Foundation Benchmark offers against 10 of the most common GCP misconfigurations that NCC Group comes across during client assessments.
https://research.nccgroup.com/2022/04/20/mitigating-the-top-10-security-threats-to-gcp-using-the-cis-google-cloud-platform-foundation-benchmark%ef%bf%bc
#gcp
What the CIS Google Cloud Platform Foundation Benchmark offers against 10 of the most common GCP misconfigurations that NCC Group comes across during client assessments.
https://research.nccgroup.com/2022/04/20/mitigating-the-top-10-security-threats-to-gcp-using-the-cis-google-cloud-platform-foundation-benchmark%ef%bf%bc
#gcp
NCC Group Research
Mitigating the top 10 security threats to GCP using the CIS Google Cloud Platform Foundation Benchmark
As one of the proud contributors to the newest version of the CIS Google Cloud Platform Foundation Benchmark, I wanted to raise awareness about the new version release of this benchmark by the Center for Internet Security (CIS) and how it can help a company…
🔥2👍1
🔶 AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation
PaloAlto identified severe security issues within AWS Log4Shell hot patch solutions. This article provides a root cause analysis and overview of fixes and mitigations.
https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities
#aws
PaloAlto identified severe security issues within AWS Log4Shell hot patch solutions. This article provides a root cause analysis and overview of fixes and mitigations.
https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities
#aws
Unit 42
AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation
We identified severe security issues within AWS Log4Shell hot patch solutions. We provide a root cause analysis and overview of fixes and mitigations.
🔥2
🔴 Where's my stuff on GCP?
In 2018 GCP released a feature called Cloud Asset Inventory. It allows one to search for all your resources globally: "$ gcloud asset search-all-resources".
https://medium.com/google-cloud/wheres-my-stuff-on-gcp-4a58badda6cc
#gcp
In 2018 GCP released a feature called Cloud Asset Inventory. It allows one to search for all your resources globally: "$ gcloud asset search-all-resources".
https://medium.com/google-cloud/wheres-my-stuff-on-gcp-4a58badda6cc
#gcp
Medium
Where’s my stuff on GCP?
Since every resource created in the Cloud costs $, it is a common issue tracking down resources in your account. I recall working in AWS…
👍2
🔶 Implementing Cloud Governance as a Code using Cloud Custodian
Cloud Custodian enables us to define rules and remediation as one policy to facilitate a well-managed cloud infrastructure.
https://www.infracloud.io/blogs/cloud-governance-code-cloud-custodian
#aws
Cloud Custodian enables us to define rules and remediation as one policy to facilitate a well-managed cloud infrastructure.
https://www.infracloud.io/blogs/cloud-governance-code-cloud-custodian
#aws
InfraCloud
Implementing Cloud Governance as a Code using Cloud Custodian
Cloud Custodian enables us to write simple YAML policies for creating well-managed cloud infrastructure which is secure and cost optimized in real-time.
🔥2
🔷 "ExtraReplica" - a cross-account database vulnerability in Azure PostgreSQL
Wiz Research has discovered a chain of critical vulnerabilities in the widely used Azure Database for PostgreSQL Flexible Server. Dubbed ExtraReplica, this vulnerability allows unauthorized read access to other customers' PostgreSQL databases, bypassing tenant isolation.
https://www.wiz.io/blog/wiz-research-discovers-extrareplica-cross-account-database-vulnerability-in-azure-postgresql
#azure
Wiz Research has discovered a chain of critical vulnerabilities in the widely used Azure Database for PostgreSQL Flexible Server. Dubbed ExtraReplica, this vulnerability allows unauthorized read access to other customers' PostgreSQL databases, bypassing tenant isolation.
https://www.wiz.io/blog/wiz-research-discovers-extrareplica-cross-account-database-vulnerability-in-azure-postgresql
#azure
wiz.io
Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL | Wiz Blog
Wiz Research discovers a chain of critical vulnerabilities in the widely used Azure Database for PostgreSQL Flexible Server.
🔥3
🔶 CloudGoat goes Serverless: A walkthrough of Vulnerable Lambda Functions
This post walks through exploiting serverless environments and AWS Lambda functions via the CloudGoat vulnerable_lambda scenario.
https://rhinosecuritylabs.com/cloud-security/cloudgoat-vulnerable-lambda-functions
#aws
This post walks through exploiting serverless environments and AWS Lambda functions via the CloudGoat vulnerable_lambda scenario.
https://rhinosecuritylabs.com/cloud-security/cloudgoat-vulnerable-lambda-functions
#aws
Rhino Security Labs
CloudGoat goes Serverless: A walkthrough of Vulnerable Lambda Functions
This post walks through exploiting serverless environments and AWS Lambda functions via the CloudGoat vulnerable_lambda scenario.
👍5👏2
🔶 Cloud-Native Ransomware – How attacks on availability leverage cloud services
Paper which outlines the paths a malicious actor might take to affect the availability of data by using the tools provided by Cloud Service Providers, as well as providing architectural patterns to make securing these systems easier and methods for detecting cloud-native ransomware.
https://content.vectra.ai/rs/748-MCE-447/images/WhitePaper_Cloud_Native_Ransomware.pdf
#aws
Paper which outlines the paths a malicious actor might take to affect the availability of data by using the tools provided by Cloud Service Providers, as well as providing architectural patterns to make securing these systems easier and methods for detecting cloud-native ransomware.
https://content.vectra.ai/rs/748-MCE-447/images/WhitePaper_Cloud_Native_Ransomware.pdf
#aws
🔥1
🔶 A decade of innovating with AWS Marketplace
An interesting history and overview of AWS Marketplace, which aims to make it easy to buy and deploy software from vendors into your AWS environment, like Snowflake, Databricks, Palo Alto Networks, and more.
https://aws.amazon.com/ru/blogs/awsmarketplace/decade-innovating-aws-marketplace
#aws
An interesting history and overview of AWS Marketplace, which aims to make it easy to buy and deploy software from vendors into your AWS environment, like Snowflake, Databricks, Palo Alto Networks, and more.
https://aws.amazon.com/ru/blogs/awsmarketplace/decade-innovating-aws-marketplace
#aws
Amazon
A decade of innovating with AWS Marketplace | Amazon Web Services
Ten years ago today, we launched AWS Marketplace to give builders a simple ecommerce experience to find, buy, and deploy software that runs on AWS. With just a few clicks, builders could find machine images pre-built with multiple operating systems, web servers…
👍1
🔶 How to control access to AWS resources based on AWS account, OU, or organization
New IAM condition keys to make it simpler to control access across org boundaries: aws:ResourceOrgID, aws:ResourceOrgPaths, and aws:ResourceAccount.
https://aws.amazon.com/blogs/security/how-to-control-access-to-aws-resources-based-on-aws-account-ou-or-organization
#aws
New IAM condition keys to make it simpler to control access across org boundaries: aws:ResourceOrgID, aws:ResourceOrgPaths, and aws:ResourceAccount.
https://aws.amazon.com/blogs/security/how-to-control-access-to-aws-resources-based-on-aws-account-ou-or-organization
#aws
Amazon
How to control access to AWS resources based on AWS account, OU, or organization | Amazon Web Services
AWS Identity and Access Management (IAM) recently launched new condition keys to make it simpler to control access to your resources along your Amazon Web Services (AWS) organizational boundaries. AWS recommends that you set up multiple accounts as your workloads…
👍2
🔷 Gaining Unlimited access to graph AuditLogs endpoint using complex filters with non-privileged user account
Another Azure vulnerability, this time allowing an unprivileged user to modify graph search filters so that user could access logs which would normally require admin roles.
https://securecloud.blog/2022/04/21/microsoft-cloud-security-research-public-disclosure-gaining-unlimited-access-to-graph-auditlogs-endpoint-using-complex-filters-with-non-privileged-user-account
#azure
Another Azure vulnerability, this time allowing an unprivileged user to modify graph search filters so that user could access logs which would normally require admin roles.
https://securecloud.blog/2022/04/21/microsoft-cloud-security-research-public-disclosure-gaining-unlimited-access-to-graph-auditlogs-endpoint-using-complex-filters-with-non-privileged-user-account
#azure
SecureCloudBlog
Microsoft Cloud Security Research – Public Disclosure – Gaining Unlimited access to graph AuditLogs endpoint using complex filters…
Background Not so long a go I was investigating various Azure related portals, and one of them caught my attention. While that portal did not yield any obvious vectors for exploitation, it raised m…
👍1
🔶 Old Services, New Tricks: Cloud Metadata Abuse by UNC2903
Mandiant identified exploitation of public-facing web applications by threat actors (UNC2903) to harvest credentials using Amazon's Instance Metadata Service (IMDS).
https://www.mandiant.com/resources/cloud-metadata-abuse-unc2903
#aws
Mandiant identified exploitation of public-facing web applications by threat actors (UNC2903) to harvest credentials using Amazon's Instance Metadata Service (IMDS).
https://www.mandiant.com/resources/cloud-metadata-abuse-unc2903
#aws
🔥2
🔶 Bottlerocket Security Guidance
Recommendations, details, and examples to help you create a configuration that meets your security and compliance requirements.
https://github.com/bottlerocket-os/bottlerocket/blob/develop/SECURITY_GUIDANCE.md
#aws
Recommendations, details, and examples to help you create a configuration that meets your security and compliance requirements.
https://github.com/bottlerocket-os/bottlerocket/blob/develop/SECURITY_GUIDANCE.md
#aws
GitHub
bottlerocket/SECURITY_GUIDANCE.md at develop · bottlerocket-os/bottlerocket
An operating system designed for hosting containers - bottlerocket-os/bottlerocket
🔥1
🔷 Intelligent application protection from edge to cloud with Azure Web Application Firewall
Microsoft has been evolving Azure Web Application Firewall (Azure WAF), a cloud-native, self-managed security service to protect your applications and APIs running in Azure or anywhere else, from the network edge to the cloud.
https://azure.microsoft.com/en-gb/blog/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall
#azure
Microsoft has been evolving Azure Web Application Firewall (Azure WAF), a cloud-native, self-managed security service to protect your applications and APIs running in Azure or anywhere else, from the network edge to the cloud.
https://azure.microsoft.com/en-gb/blog/intelligent-application-protection-from-edge-to-cloud-with-azure-web-application-firewall
#azure
👍4
🔶 Tools That Use AWS Logs to Help with Least Privilege
Great overview by Sym’s Adam Buggia on resources and tools for creating least privilege IAM policies. He discusses deriving AWS policies from CloudTrail Data vs designing policies using Client Side Monitoring (and their respective trade-offs), and how to generate policies for a Terraform Project using Localstack.
https://blog.symops.com/2022/05/06/least-privilege-policies-from-aws-logs
#aws
Great overview by Sym’s Adam Buggia on resources and tools for creating least privilege IAM policies. He discusses deriving AWS policies from CloudTrail Data vs designing policies using Client Side Monitoring (and their respective trade-offs), and how to generate policies for a Terraform Project using Localstack.
https://blog.symops.com/2022/05/06/least-privilege-policies-from-aws-logs
#aws
The Sym Blog
Tools That Use AWS Logs to Help with Least Privilege
One of the things we do at Sym is help customers replace risky permanent access with just-in-time, approval-based access. Sometimes this is part of a customer’s broader initiative to scope down policies across the board to achieve least privilege access.…
🔥3👍1
🔴 How many of your GCP buckets are publicly accessible? It might be more than you think...
A thorough examination of Google Cloud Platform's (GCP) storage service, how to access buckets, and how to make sure your buckets are configured as intended.
https://blog.lightspin.io/gcp-buckets-publicly-accessible
#gcp
A thorough examination of Google Cloud Platform's (GCP) storage service, how to access buckets, and how to make sure your buckets are configured as intended.
https://blog.lightspin.io/gcp-buckets-publicly-accessible
#gcp
blog.lightspin.io
How many of your GCP buckets are publicly accessible? It might be more than you think...
Take a look at Lightspin's examination of GCP's storage service, how to access buckets, and how to make sure your buckets are configured as intended.
👍2
🔷 Azure Synapse Security Advisory - Orca Security
Orca Security issued a security advisory to address hazards in the use of the Microsoft Azure Synapse service. It is believef the tenant separation in this service is insufficiently robust to protect secrets against other tenants.
https://orca.security/resources/blog/azure-synapse-analytics-security-advisory
#azure
Orca Security issued a security advisory to address hazards in the use of the Microsoft Azure Synapse service. It is believef the tenant separation in this service is insufficiently robust to protect secrets against other tenants.
https://orca.security/resources/blog/azure-synapse-analytics-security-advisory
#azure
Orca Security
Azure Synapse Security Advisory | Orca Research Pod
Learn about how the Orca Research Pod discovered an Azure Synapse Security Advisory, now called Synlapse, in the use of the Microsoft Azure Synapse service.
🔥2
🔶 Security reference architecture for a serverless application
A walkthrough of security controls for a serverless architecture via a demo application.
https://anunay-bhatt.medium.com/security-reference-architecture-for-a-serverless-application-2fcd25b1d5e2
#aws
A walkthrough of security controls for a serverless architecture via a demo application.
https://anunay-bhatt.medium.com/security-reference-architecture-for-a-serverless-application-2fcd25b1d5e2
#aws
Medium
Security reference architecture for a serverless application
A walkthrough of security controls in a serverless architecture via a demo application
👍1🔥1
🔶 Securing AWS Lambda function URLs
Learn about the security risks of misconfigured Lambda function URLs and how to properly secure them.
https://www.wiz.io/blog/securing-aws-lambda-function-urls
#aws
Learn about the security risks of misconfigured Lambda function URLs and how to properly secure them.
https://www.wiz.io/blog/securing-aws-lambda-function-urls
#aws
wiz.io
Securing AWS Lambda function URLs | Wiz Blog
Learn about the security risks of misconfigured Lambda function URLs and how to properly secure them.
🔥2
🔶 GitHub Actions signing Lambda code
A walkthrough on how to sign AWS Lambda function code built with GitHub Actions.
https://alsmola.medium.com/github-actions-signing-lambda-code-5b7444299b
#aws
A walkthrough on how to sign AWS Lambda function code built with GitHub Actions.
https://alsmola.medium.com/github-actions-signing-lambda-code-5b7444299b
#aws
Medium
GitHub Actions signing Lambda code
Code signatures help prevent unauthorized code execution. They bridge trust between build and execution environments. This post shows you…
🔥2
🔶 Learning from AWS Customer Security Incidents [2022]
Slides of a post discussing the public catalog of AWS Customer Security Incidents, covering over twenty different public breaches. It walks through the technical details of these attacks, establish the common root causes, look at lessons learned, and establish how you can proactively secure your environment against these real world risks.
https://speakerdeck.com/ramimac/learning-from-aws-customer-security-incidents-2022
#aws
Slides of a post discussing the public catalog of AWS Customer Security Incidents, covering over twenty different public breaches. It walks through the technical details of these attacks, establish the common root causes, look at lessons learned, and establish how you can proactively secure your environment against these real world risks.
https://speakerdeck.com/ramimac/learning-from-aws-customer-security-incidents-2022
#aws
GitHub
GitHub - ramimac/aws-customer-security-incidents: A repository of breaches of AWS customers
A repository of breaches of AWS customers. Contribute to ramimac/aws-customer-security-incidents development by creating an account on GitHub.
👍2
🔴 Trampoline Pods: Node to Admin PrivEsc Built Into Popular K8s Platforms
Researchers from Palo Alto Networks presented research findings on “trampoline pods”—pods with an elevated set of privileges required to do their job, but that could conceivably be used as a jumping off point to gain escalated privileges. You can also read GKE's response.
https://static.sched.com/hosted_files/kccnceu2022/35/Trampoline%20Pods_%20Node%20to%20Admin%20PrivEsc%20Built%20Into%20Popular%20K8s%20Platforms.pptx.pdf
https://security.googleblog.com/2022/05/privileged-pod-escalations-in.html
#gcp
Researchers from Palo Alto Networks presented research findings on “trampoline pods”—pods with an elevated set of privileges required to do their job, but that could conceivably be used as a jumping off point to gain escalated privileges. You can also read GKE's response.
https://static.sched.com/hosted_files/kccnceu2022/35/Trampoline%20Pods_%20Node%20to%20Admin%20PrivEsc%20Built%20Into%20Popular%20K8s%20Platforms.pptx.pdf
https://security.googleblog.com/2022/05/privileged-pod-escalations-in.html
#gcp
🔥2