🔶AWS IAM Security Best Practices

A post going through a few top rules and best practices in AWS IAM.

https://blog.gitguardian.com/aws-iam-security-best-practices

#aws

🔷Office 365 Functionalities that can Ransom Files

Proofpoint has discovered a potentially dangerous piece of functionality in Office 365 that allows ransomware to encrypt files stored on SharePoint and OneDrive.

https://www.proofpoint.com/us/blog/cloud-security/proofpoint-discovers-potentially-dangerous-microsoft-office-365-functionality

#azure

🔶🔷🔴 Cloud Risk Encyclopedia

1200+ cloud security risks, 3 cloud platforms, 47 compliance frameworks, 18 risk categories, 4 risk levels.

https://orca.security/resources/cloud-risk-encyclopedia

#aws #azure #gcp

🔶Anatomy of an Attack: Exposed keys to Crypto Mining

Blog detailing the activity associated with a low sophistication crypto mining incident caused by exposed keys.

https://permiso.io/blog/s/anatomy-of-attack-exposed-keys-to-crypto-mining

#aws

🔷Establish security boundaries in your on-prem AD and Azure environment

A high-level explanation of how to implement security boundaries in an on-prem AD and Azure environment to protect your critical assets based on the principle of tiered administration, including how BloodHound can help you in the process.

https://posts.specterops.io/establish-security-boundaries-in-your-on-prem-ad-and-azure-environment-dcb44498cfc2

#azure

🔴 Google Cloud Security Overview

A bird's eye view of the Google Cloud Security Services, illustrated via sketchnotes.

https://cloud.google.com/blog/topics/developers-practitioners/google-cloud-security-overview

#gcp

🔷FabricScape: Escaping Service Fabric and Taking Over the Cluster

FabricScape (CVE-2022-30137) is a privilege escalation vulnerability in Microsoft's Service Fabric, which allowed cross tenant root access built out of unprivileged processes.

https://unit42.paloaltonetworks.com/fabricscape-cve-2022-30137

#azure

🔶CloudGoat Scenario: Avoiding AWS Security Detection and Response

This will walk through the CloudGoat AWS detection_evasion scenario, detailing how to avoid AWS security detection and response services, such as in Lambda.

https://rhinosecuritylabs.com/cloud-security/cloudgoat-detection_evasion-walkthrough

#aws

🔷Sky's the Limit: Stratus Red Team for Azure

A write-up on using Stratus Red Team for testing threat detection rules.

https://blog.detect.dev/posts/azure_for_stratus.html

#azure

🔶🔷🔴 The Open Cloud Vulnerability & Security Issue Database

An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues.

https://www.cloudvulndb.org

#aws #azure #gcp

🔷 Kubernetes Workload Identity with AKS

Post explaining how workload identity federation on AKS works, and how to set it up.

https://blog.baeke.info/2022/01/31/kubernetes-workload-identity-with-aks

#azure

🔶Building AWS Security Guardrails

Kinnaird McQuade joins Ashish Rajan on the Cloud Security Podcast to discussing building AWS security guardrails that prevent classes of bugs, scaling guardrails, the difference between preventative and detective security controls, and more.

https://www.youtube.com/watch?v=jW-LkpVvsLk

#aws

🔶turbot/steampipe-mod-aws-perimeter

An AWS perimeter checking tool that can be used to look for resources that are publicly accessible, shared with untrusted accounts, have insecure network configurations, and more, by Steampipe.

https://github.com/turbot/steampipe-mod-aws-perimeter

#aws

🔶Amazon Cognito - A Complete Beginner Guide

Great guide by Daniel at Be A Better Dev explaining the core concepts of Cognito from a beginner perspective. You’ll learn about User Pools, Identity Pools/Federated Identities, and how to tie them together.

https://beabetterdev.com/2022/06/26/amazon-cognito-a-complete-beginner-guide

#aws

🔶AWS Identity and Access Management introduces IAM Roles Anywhere for workloads outside of AWS

IAM Roles Anywhere allows your workloads such as servers, containers, and applications to use X.509 digital certificates to obtain temporary AWS credentials and use the same IAM roles and policies that you have configured for your AWS workloads to access AWS resources.

https://aws.amazon.com/ru/about-aws/whats-new/2022/07/aws-identity-access-management-iam-roles-anywhere-workloads-outside-aws

#aws

🔷 Cloud design patterns

Design patterns for building reliable, scalable, secure applications in the cloud by walking through examples based on Microsoft Azure.

https://docs.microsoft.com/en-us/azure/architecture/patterns

#azure

🔶Exploiting Authentication in AWS IAM Authenticator for Kubernetes

This blog post explains three vulnerabilities detected in the AWS IAM Authenticator where all of them were caused by the same code line.

https://blog.lightspin.io/exploiting-eks-authentication-vulnerability-in-aws-iam-authenticator

#aws

🔴 How to think about threat detection in the cloud

Detecting cybersecurity threats in the cloud is different from on-premises. Here's why.

https://cloud.google.com/blog/products/identity-security/how-to-think-about-threat-detection-in-the-cloud

#gcp

🔶aidansteele/openrolesanywhere

An open-source proof-of-concept client for AWS IAM Roles Anywhere by Aidan Steele. Unlike the official client, this project lets you use private keys stored in an SSH agent. This is more flexible - and more secure if you use something like Secretive which stores unexportable keys in the macOS Secure Enclave hardware.

https://github.com/aidansteele/openrolesanywhere

#aws

🔶Tracking the Effectiveness of Cloud Adoption

AWS’s Nurani Parasuraman discusses how best to track the effectiveness of a company’s cloud adoption.

https://aws.amazon.com/ru/blogs/enterprise-strategy/tracking-effectiveness-of-cloud-adoption

#aws

🔷 Azure’s Security Vulnerabilities Are Out of Control

Azure's multiple security vulnerabilities are highly concerning, for both customer data and the cloud's reputation. It's time we put public pressure on Azure.

https://www.lastweekinaws.com/blog/azures_vulnerabilities_are_quack

#azure