🔷 Azure/aztfy
A tool to bring existing Azure resources under Terraform’s management.
https://github.com/Azure/aztfy
#azure
A tool to bring existing Azure resources under Terraform’s management.
https://github.com/Azure/aztfy
#azure
GitHub
GitHub - Azure/aztfy: A tool to bring existing Azure resources under Terraform's management
A tool to bring existing Azure resources under Terraform's management - GitHub - Azure/aztfy: A tool to bring existing Azure resources under Terraform's management
🔥2
🔶 AWS Startup Security Baseline
Guidance by AWS’ Jay Michael on a set of controls that create a minimum foundation for businesses to build securely on AWS without decreasing their agility.
https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/welcome.html
#aws
Guidance by AWS’ Jay Michael on a set of controls that create a minimum foundation for businesses to build securely on AWS without decreasing their agility.
https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/welcome.html
#aws
Amazon
AWS Startup Security Baseline - AWS Prescriptive Guidance
This guide provides a comprehensive set of controls for startups that want to establish a strong security foundation in the AWS Cloud.
👍5
🔶 When and where to use IAM permissions boundaries
AWS’s Umair Rehmat covers common use cases for permissions boundaries, some best practices to consider, and a few things to avoid.
https://aws.amazon.com/ru/blogs/security/when-and-where-to-use-iam-permissions-boundaries
#aws
AWS’s Umair Rehmat covers common use cases for permissions boundaries, some best practices to consider, and a few things to avoid.
https://aws.amazon.com/ru/blogs/security/when-and-where-to-use-iam-permissions-boundaries
#aws
🔥2
🔴 How to Think about Threat Detection in the Cloud
Google’s Anton Chuvakin and Tim Peacock share their views on a foundational framework for thinking about threat detection in public cloud computing.
https://medium.com/anton-on-security/how-to-think-about-threat-detection-in-the-cloud-1baff902afe5
#gcp
Google’s Anton Chuvakin and Tim Peacock share their views on a foundational framework for thinking about threat detection in public cloud computing.
https://medium.com/anton-on-security/how-to-think-about-threat-detection-in-the-cloud-1baff902afe5
#gcp
😱2👍1
🔷 Managed Identity Attack Paths, Part 1: Automation Accounts
A three part blog series exploring attack paths that emerge out of Managed Identity assignments in three Azure services.
https://posts.specterops.io/managed-identity-attack-paths-part-1-automation-accounts-82667d17187a
#azure
A three part blog series exploring attack paths that emerge out of Managed Identity assignments in three Azure services.
https://posts.specterops.io/managed-identity-attack-paths-part-1-automation-accounts-82667d17187a
#azure
Medium
Managed Identity Attack Paths, Part 1: Automation Accounts
In this three part blog series we will explore attack paths that emerge out of Managed Identity assignments in three Azure services.
👍1🔥1
🔴 Enumeration and lateral movement in GCP environments
A pentest write up describing how it was possible to compromise a hybrid GCP hosted infrastructure using native GCP tools.
https://infosecwriteups.com/enumeration-and-lateral-movement-in-gcp-environments-c3b82d342794
#gcp
A pentest write up describing how it was possible to compromise a hybrid GCP hosted infrastructure using native GCP tools.
https://infosecwriteups.com/enumeration-and-lateral-movement-in-gcp-environments-c3b82d342794
#gcp
Medium
Enumeration and lateral movement in GCP environments
This write up is about a pentest we did in which we managed to compromise a hybrid GCP hosted infrastructure using native GCP tools for…
😱2
🔶 Use CloudTrail to Pivot to AWS Accounts
How to utilize the AWS CloudTrail service to discover other AWS accounts that you could pivot to.
https://bishopfox.com/blog/cloudtrail-pivot-to-aws-accounts
#aws
How to utilize the AWS CloudTrail service to discover other AWS accounts that you could pivot to.
https://bishopfox.com/blog/cloudtrail-pivot-to-aws-accounts
#aws
Bishop Fox
Use CloudTrail to Pivot to AWS Accounts During Cloud Penetration Test
Look at a realistic cloud penetration test situation and see how to utilize the AWS CloudTrail service to discover AWS accounts that you could pivot to.
🔥2
🔶🔷🔴 cloud-middleware-dataset
This project contains cloud middleware (i.e. agents installed by cloud security providers) used across the major cloud service providers (Azure, AWS and GCP).
https://github.com/wiz-sec/cloud-middleware-dataset
#aws #azure #gcp
This project contains cloud middleware (i.e. agents installed by cloud security providers) used across the major cloud service providers (Azure, AWS and GCP).
https://github.com/wiz-sec/cloud-middleware-dataset
#aws #azure #gcp
GitHub
GitHub - wiz-sec-public/cloud-middleware-dataset
Contribute to wiz-sec-public/cloud-middleware-dataset development by creating an account on GitHub.
👍2
🔴 An Easy Misconfiguration to Make: Hidden Dangers in the Cloud Control Plane
The biggest risk in cloud development is not recognizing the differences between cloud and traditional definitions of common architecture terms.
https://www.mitiga.io/blog/misconfiguration-hidden-dangers-cloud-control-plane
#gcp
The biggest risk in cloud development is not recognizing the differences between cloud and traditional definitions of common architecture terms.
https://www.mitiga.io/blog/misconfiguration-hidden-dangers-cloud-control-plane
#gcp
www.mitiga.io
Hidden Dangers in the Cloud Control Plane | Mitiga
The cloud control plane can be difficult to understand. In this article we examine attack scenarios and how to harden your GCP environment. Learn more.
🔥2
🔶🔷🔴 The cloud gray zone: secret agents installed by cloud service providers
Wiz Research details how cloud middleware use across cloud service providers can expose customers' virtual machines to new attack vectors.
https://www.wiz.io/blog/the-cloud-gray-zone-secret-agents-installed-by-cloud-service-providers
#aws #azure #gcp
Wiz Research details how cloud middleware use across cloud service providers can expose customers' virtual machines to new attack vectors.
https://www.wiz.io/blog/the-cloud-gray-zone-secret-agents-installed-by-cloud-service-providers
#aws #azure #gcp
wiz.io
The cloud gray zone—secret agents installed by cloud service providers | Wiz Blog
Wiz Research builds upon previous “OMIGOD” findings with a presentation at RSA Conference 2022; details how cloud middleware use across cloud service providers can expose customers' virtual machines to new attack vectors
🔥1
🔷 SynLapse - Technical Details for Critical Azure Synapse Vulnerability
This blog describes the technical details of SynLapse, a critical Synapse Analytics vulnerability in Microsoft Azure which allowed attackers to bypass tenant separation.
https://orca.security/resources/blog/synlapse-critical-azure-synapse-analytics-service-vulnerability
#azure
This blog describes the technical details of SynLapse, a critical Synapse Analytics vulnerability in Microsoft Azure which allowed attackers to bypass tenant separation.
https://orca.security/resources/blog/synlapse-critical-azure-synapse-analytics-service-vulnerability
#azure
Orca Security
SynLapse: Azure Synapse Vulnerability | Orca Research Pod
SynLapse was a vulnerability in the Azure Synapse Analytics service discovered by one of Orca Security’s vulnerability researchers, Tzah Pahima.
🔥1
🔴 Incident report: Spotting an attacker in GCP
A walk through of how an attacker gained access to a customer's GCP environment, Expel's investigative process, and some key takeaways for securing your organization.
https://expel.com/blog/incident-report-spotting-an-attacker-in-gcp
#gcp
A walk through of how an attacker gained access to a customer's GCP environment, Expel's investigative process, and some key takeaways for securing your organization.
https://expel.com/blog/incident-report-spotting-an-attacker-in-gcp
#gcp
Expel
GCP Incident report: Spotting an attacker in Google Cloud
Our guide details a GCP incident, from initial attacker access to resolution. Learn our key takeaways for securing your cloud environment.
👍2
🔶 Unwanted Permissions that may impact security when using the ReadOnlyAccess policy in AWS
With this analysis, Tempest researchers identified at least 41 actions that can lead to improper data access.
https://sidechannel.blog/en/unwanted-permissions-that-may-impact-security-when-using-the-readonlyaccess-policy-in-aws
#aws
With this analysis, Tempest researchers identified at least 41 actions that can lead to improper data access.
https://sidechannel.blog/en/unwanted-permissions-that-may-impact-security-when-using-the-readonlyaccess-policy-in-aws
#aws
www.sidechannel.blog
Unwanted Permissions that may impact security when using the ReadOnlyAccess policy in AWS | SideChannel – Tempest
With this initial analysis, Tempest researchers identified at least 41 actions that can lead to improper data access
🔥1
🔶AWS IAM Security Best Practices
A post going through a few top rules and best practices in AWS IAM.
https://blog.gitguardian.com/aws-iam-security-best-practices
#aws
A post going through a few top rules and best practices in AWS IAM.
https://blog.gitguardian.com/aws-iam-security-best-practices
#aws
GitGuardian Blog - Code Security for the DevOps generation
AWS IAM Security Best Practices
Identity and access management is a pillar of security. With the advent of the cloud, it got a lot more complicated. Here is a recap of the best practices to put in place to secure AWS IAM.
🔥2👍1
🔷Office 365 Functionalities that can Ransom Files
Proofpoint has discovered a potentially dangerous piece of functionality in Office 365 that allows ransomware to encrypt files stored on SharePoint and OneDrive.
https://www.proofpoint.com/us/blog/cloud-security/proofpoint-discovers-potentially-dangerous-microsoft-office-365-functionality
#azure
Proofpoint has discovered a potentially dangerous piece of functionality in Office 365 that allows ransomware to encrypt files stored on SharePoint and OneDrive.
https://www.proofpoint.com/us/blog/cloud-security/proofpoint-discovers-potentially-dangerous-microsoft-office-365-functionality
#azure
Proofpoint
Office 365 Allows Ransomware in OneDrive & SharePoint | Proofpoint US
Learn more about a potentially harmful Office 365 functionality that allows ransomware to encrypt files stored on SharePoint and OneDrive. Read more with Proofpoint.
👍1😱1
🔶🔷🔴 Cloud Risk Encyclopedia
1200+ cloud security risks, 3 cloud platforms, 47 compliance frameworks, 18 risk categories, 4 risk levels.
https://orca.security/resources/cloud-risk-encyclopedia
#aws #azure #gcp
1200+ cloud security risks, 3 cloud platforms, 47 compliance frameworks, 18 risk categories, 4 risk levels.
https://orca.security/resources/cloud-risk-encyclopedia
#aws #azure #gcp
Orca Security
Blog | Orca Security
The Orca Cloud Security Platform delivers the world's most comprehensive coverage and visibility of risks across the cloud. Read our most recent blog posts!
🔥3👍1
🔶Anatomy of an Attack: Exposed keys to Crypto Mining
Blog detailing the activity associated with a low sophistication crypto mining incident caused by exposed keys.
https://permiso.io/blog/s/anatomy-of-attack-exposed-keys-to-crypto-mining
#aws
Blog detailing the activity associated with a low sophistication crypto mining incident caused by exposed keys.
https://permiso.io/blog/s/anatomy-of-attack-exposed-keys-to-crypto-mining
#aws
permiso.io
Permiso | Blog | Anatomy of an Attack: Exposed keys to Crypto Mining
At Permiso, we find that the majority of incidents we discover or respond to, start with exposed access keys. Attackers leverage these keys to gain access, then setup a mechanism to establish persistence, perform reconnaissance, and complete their mission.
🔥2
🔷Establish security boundaries in your on-prem AD and Azure environment
A high-level explanation of how to implement security boundaries in an on-prem AD and Azure environment to protect your critical assets based on the principle of tiered administration, including how BloodHound can help you in the process.
https://posts.specterops.io/establish-security-boundaries-in-your-on-prem-ad-and-azure-environment-dcb44498cfc2
#azure
A high-level explanation of how to implement security boundaries in an on-prem AD and Azure environment to protect your critical assets based on the principle of tiered administration, including how BloodHound can help you in the process.
https://posts.specterops.io/establish-security-boundaries-in-your-on-prem-ad-and-azure-environment-dcb44498cfc2
#azure
Medium
Establish security boundaries in your on-prem AD and Azure environment
Preventing escalation from initial access in your Active Directory (AD) environment to Domain Admins can feel impossible, especially after…
👍1
🔴 Google Cloud Security Overview
A bird's eye view of the Google Cloud Security Services, illustrated via sketchnotes.
https://cloud.google.com/blog/topics/developers-practitioners/google-cloud-security-overview
#gcp
A bird's eye view of the Google Cloud Security Services, illustrated via sketchnotes.
https://cloud.google.com/blog/topics/developers-practitioners/google-cloud-security-overview
#gcp
🔥2
🔷FabricScape: Escaping Service Fabric and Taking Over the Cluster
FabricScape (CVE-2022-30137) is a privilege escalation vulnerability in Microsoft's Service Fabric, which allowed cross tenant root access built out of unprivileged processes.
https://unit42.paloaltonetworks.com/fabricscape-cve-2022-30137
#azure
FabricScape (CVE-2022-30137) is a privilege escalation vulnerability in Microsoft's Service Fabric, which allowed cross tenant root access built out of unprivileged processes.
https://unit42.paloaltonetworks.com/fabricscape-cve-2022-30137
#azure
Unit 42
FabricScape: Escaping Service Fabric and Taking Over the Cluster
FabricScape (CVE-2022-30137) is a privilege escalation vulnerability of important severity in Microsoft's Service Fabric, commonly used with Azure.
🔥1
🔶CloudGoat Scenario: Avoiding AWS Security Detection and Response
This will walk through the CloudGoat AWS detection_evasion scenario, detailing how to avoid AWS security detection and response services, such as in Lambda.
https://rhinosecuritylabs.com/cloud-security/cloudgoat-detection_evasion-walkthrough
#aws
This will walk through the CloudGoat AWS detection_evasion scenario, detailing how to avoid AWS security detection and response services, such as in Lambda.
https://rhinosecuritylabs.com/cloud-security/cloudgoat-detection_evasion-walkthrough
#aws
Rhino Security Labs
CloudGoat Scenario: Avoiding AWS Security Detection and Response
This will walk through the CloudGoat AWS detection_evasion scenario, detailing how to avoid AWS security detection and response services, such as in Lambda
🔥1