🔶Anatomy of an Attack: Exposed keys to Crypto Mining
Blog detailing the activity associated with a low sophistication crypto mining incident caused by exposed keys.
https://permiso.io/blog/s/anatomy-of-attack-exposed-keys-to-crypto-mining
#aws
Blog detailing the activity associated with a low sophistication crypto mining incident caused by exposed keys.
https://permiso.io/blog/s/anatomy-of-attack-exposed-keys-to-crypto-mining
#aws
permiso.io
Permiso | Blog | Anatomy of an Attack: Exposed keys to Crypto Mining
At Permiso, we find that the majority of incidents we discover or respond to, start with exposed access keys. Attackers leverage these keys to gain access, then setup a mechanism to establish persistence, perform reconnaissance, and complete their mission.
🔥2
🔷Establish security boundaries in your on-prem AD and Azure environment
A high-level explanation of how to implement security boundaries in an on-prem AD and Azure environment to protect your critical assets based on the principle of tiered administration, including how BloodHound can help you in the process.
https://posts.specterops.io/establish-security-boundaries-in-your-on-prem-ad-and-azure-environment-dcb44498cfc2
#azure
A high-level explanation of how to implement security boundaries in an on-prem AD and Azure environment to protect your critical assets based on the principle of tiered administration, including how BloodHound can help you in the process.
https://posts.specterops.io/establish-security-boundaries-in-your-on-prem-ad-and-azure-environment-dcb44498cfc2
#azure
Medium
Establish security boundaries in your on-prem AD and Azure environment
Preventing escalation from initial access in your Active Directory (AD) environment to Domain Admins can feel impossible, especially after…
👍1
🔴 Google Cloud Security Overview
A bird's eye view of the Google Cloud Security Services, illustrated via sketchnotes.
https://cloud.google.com/blog/topics/developers-practitioners/google-cloud-security-overview
#gcp
A bird's eye view of the Google Cloud Security Services, illustrated via sketchnotes.
https://cloud.google.com/blog/topics/developers-practitioners/google-cloud-security-overview
#gcp
🔥2
🔷FabricScape: Escaping Service Fabric and Taking Over the Cluster
FabricScape (CVE-2022-30137) is a privilege escalation vulnerability in Microsoft's Service Fabric, which allowed cross tenant root access built out of unprivileged processes.
https://unit42.paloaltonetworks.com/fabricscape-cve-2022-30137
#azure
FabricScape (CVE-2022-30137) is a privilege escalation vulnerability in Microsoft's Service Fabric, which allowed cross tenant root access built out of unprivileged processes.
https://unit42.paloaltonetworks.com/fabricscape-cve-2022-30137
#azure
Unit 42
FabricScape: Escaping Service Fabric and Taking Over the Cluster
FabricScape (CVE-2022-30137) is a privilege escalation vulnerability of important severity in Microsoft's Service Fabric, commonly used with Azure.
🔥1
🔶CloudGoat Scenario: Avoiding AWS Security Detection and Response
This will walk through the CloudGoat AWS detection_evasion scenario, detailing how to avoid AWS security detection and response services, such as in Lambda.
https://rhinosecuritylabs.com/cloud-security/cloudgoat-detection_evasion-walkthrough
#aws
This will walk through the CloudGoat AWS detection_evasion scenario, detailing how to avoid AWS security detection and response services, such as in Lambda.
https://rhinosecuritylabs.com/cloud-security/cloudgoat-detection_evasion-walkthrough
#aws
Rhino Security Labs
CloudGoat Scenario: Avoiding AWS Security Detection and Response
This will walk through the CloudGoat AWS detection_evasion scenario, detailing how to avoid AWS security detection and response services, such as in Lambda
🔥1
🔷Sky's the Limit: Stratus Red Team for Azure
A write-up on using Stratus Red Team for testing threat detection rules.
https://blog.detect.dev/posts/azure_for_stratus.html
#azure
A write-up on using Stratus Red Team for testing threat detection rules.
https://blog.detect.dev/posts/azure_for_stratus.html
#azure
🔥1
🔶🔷🔴 The Open Cloud Vulnerability & Security Issue Database
An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues.
https://www.cloudvulndb.org
#aws #azure #gcp
An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues.
https://www.cloudvulndb.org
#aws #azure #gcp
The Open Cloud Vulnerability and Security Issue Database
Cloud Vulnerabilities and Security Issues Database
Cloud vulnerabilities database - an open project to list all known cloud vulnerabilities and Cloud Service Provider security issues
👍2👏1
🔷 Kubernetes Workload Identity with AKS
Post explaining how workload identity federation on AKS works, and how to set it up.
https://blog.baeke.info/2022/01/31/kubernetes-workload-identity-with-aks
#azure
Post explaining how workload identity federation on AKS works, and how to set it up.
https://blog.baeke.info/2022/01/31/kubernetes-workload-identity-with-aks
#azure
👍1
🔶Building AWS Security Guardrails
Kinnaird McQuade joins Ashish Rajan on the Cloud Security Podcast to discussing building AWS security guardrails that prevent classes of bugs, scaling guardrails, the difference between preventative and detective security controls, and more.
https://www.youtube.com/watch?v=jW-LkpVvsLk
#aws
Kinnaird McQuade joins Ashish Rajan on the Cloud Security Podcast to discussing building AWS security guardrails that prevent classes of bugs, scaling guardrails, the difference between preventative and detective security controls, and more.
https://www.youtube.com/watch?v=jW-LkpVvsLk
#aws
YouTube
Building AWS Security Guardrails
Kinnaird McQuade from Square has been in the Cloud Security space helping organizations scale security in cloud.
Questions:
00:00 Introduction
03:33 Kinnaird's Professional Background
04:44 What are Guardrails in AWS?*
06:51 Do we only rely on CSP Provided…
Questions:
00:00 Introduction
03:33 Kinnaird's Professional Background
04:44 What are Guardrails in AWS?*
06:51 Do we only rely on CSP Provided…
🔥1
🔶turbot/steampipe-mod-aws-perimeter
An AWS perimeter checking tool that can be used to look for resources that are publicly accessible, shared with untrusted accounts, have insecure network configurations, and more, by Steampipe.
https://github.com/turbot/steampipe-mod-aws-perimeter
#aws
An AWS perimeter checking tool that can be used to look for resources that are publicly accessible, shared with untrusted accounts, have insecure network configurations, and more, by Steampipe.
https://github.com/turbot/steampipe-mod-aws-perimeter
#aws
GitHub
GitHub - turbot/steampipe-mod-aws-perimeter: Is your AWS perimeter secure? Use Steampipe to check your AWS accounts for public…
Is your AWS perimeter secure? Use Steampipe to check your AWS accounts for public resources, resources shared with untrusted accounts, insecure network configurations and more. - GitHub - turbot/st...
👍3
🔶Amazon Cognito - A Complete Beginner Guide
Great guide by Daniel at Be A Better Dev explaining the core concepts of Cognito from a beginner perspective. You’ll learn about User Pools, Identity Pools/Federated Identities, and how to tie them together.
https://beabetterdev.com/2022/06/26/amazon-cognito-a-complete-beginner-guide
#aws
Great guide by Daniel at Be A Better Dev explaining the core concepts of Cognito from a beginner perspective. You’ll learn about User Pools, Identity Pools/Federated Identities, and how to tie them together.
https://beabetterdev.com/2022/06/26/amazon-cognito-a-complete-beginner-guide
#aws
Be a Better Dev
Amazon Cognito - A Complete Beginner Guide
Learn about the fundamentals of Amazon Cognito including User Pools and Identity Pools from a complete beginner perspective.
🔥2
🔶AWS Identity and Access Management introduces IAM Roles Anywhere for workloads outside of AWS
IAM Roles Anywhere allows your workloads such as servers, containers, and applications to use X.509 digital certificates to obtain temporary AWS credentials and use the same IAM roles and policies that you have configured for your AWS workloads to access AWS resources.
https://aws.amazon.com/ru/about-aws/whats-new/2022/07/aws-identity-access-management-iam-roles-anywhere-workloads-outside-aws
#aws
IAM Roles Anywhere allows your workloads such as servers, containers, and applications to use X.509 digital certificates to obtain temporary AWS credentials and use the same IAM roles and policies that you have configured for your AWS workloads to access AWS resources.
https://aws.amazon.com/ru/about-aws/whats-new/2022/07/aws-identity-access-management-iam-roles-anywhere-workloads-outside-aws
#aws
Amazon
AWS Identity and Access Management introduces IAM Roles Anywhere for workloads outside of AWS
👍1
🔷 Cloud design patterns
Design patterns for building reliable, scalable, secure applications in the cloud by walking through examples based on Microsoft Azure.
https://docs.microsoft.com/en-us/azure/architecture/patterns
#azure
Design patterns for building reliable, scalable, secure applications in the cloud by walking through examples based on Microsoft Azure.
https://docs.microsoft.com/en-us/azure/architecture/patterns
#azure
Docs
Cloud Design Patterns - Azure Architecture Center
Learn about design patterns for building reliable, scalable, and more secure applications in the cloud with examples based on Microsoft Azure.
😱1
🔶Exploiting Authentication in AWS IAM Authenticator for Kubernetes
This blog post explains three vulnerabilities detected in the AWS IAM Authenticator where all of them were caused by the same code line.
https://blog.lightspin.io/exploiting-eks-authentication-vulnerability-in-aws-iam-authenticator
#aws
This blog post explains three vulnerabilities detected in the AWS IAM Authenticator where all of them were caused by the same code line.
https://blog.lightspin.io/exploiting-eks-authentication-vulnerability-in-aws-iam-authenticator
#aws
🔥2
🔴 How to think about threat detection in the cloud
Detecting cybersecurity threats in the cloud is different from on-premises. Here's why.
https://cloud.google.com/blog/products/identity-security/how-to-think-about-threat-detection-in-the-cloud
#gcp
Detecting cybersecurity threats in the cloud is different from on-premises. Here's why.
https://cloud.google.com/blog/products/identity-security/how-to-think-about-threat-detection-in-the-cloud
#gcp
Google Cloud Blog
How to think about threat detection in the cloud | Google Cloud Blog
Detecting cybersecurity threats in the cloud is different from on-premises. Here’s why.
🔥2
🔶aidansteele/openrolesanywhere
An open-source proof-of-concept client for AWS IAM Roles Anywhere by Aidan Steele. Unlike the official client, this project lets you use private keys stored in an SSH agent. This is more flexible - and more secure if you use something like Secretive which stores unexportable keys in the macOS Secure Enclave hardware.
https://github.com/aidansteele/openrolesanywhere
#aws
An open-source proof-of-concept client for AWS IAM Roles Anywhere by Aidan Steele. Unlike the official client, this project lets you use private keys stored in an SSH agent. This is more flexible - and more secure if you use something like Secretive which stores unexportable keys in the macOS Secure Enclave hardware.
https://github.com/aidansteele/openrolesanywhere
#aws
GitHub
GitHub - aidansteele/openrolesanywhere: Open-source proof-of-concept client for AWS IAM Roles Anywhere
Open-source proof-of-concept client for AWS IAM Roles Anywhere - GitHub - aidansteele/openrolesanywhere: Open-source proof-of-concept client for AWS IAM Roles Anywhere
👍1
🔶Tracking the Effectiveness of Cloud Adoption
AWS’s Nurani Parasuraman discusses how best to track the effectiveness of a company’s cloud adoption.
https://aws.amazon.com/ru/blogs/enterprise-strategy/tracking-effectiveness-of-cloud-adoption
#aws
AWS’s Nurani Parasuraman discusses how best to track the effectiveness of a company’s cloud adoption.
https://aws.amazon.com/ru/blogs/enterprise-strategy/tracking-effectiveness-of-cloud-adoption
#aws
Amazon
Tracking the Effectiveness of Cloud Adoption | Amazon Web Services
We often recommend that enterprises have a clear idea of what they hope to accomplish by moving to the cloud. They can then set up success measures that will both guide them and allow them to measure their progress. In this blog post, Nurani Parasuraman discusses…
🔥1
🔷 Azure’s Security Vulnerabilities Are Out of Control
Azure's multiple security vulnerabilities are highly concerning, for both customer data and the cloud's reputation. It's time we put public pressure on Azure.
https://www.lastweekinaws.com/blog/azures_vulnerabilities_are_quack
#azure
Azure's multiple security vulnerabilities are highly concerning, for both customer data and the cloud's reputation. It's time we put public pressure on Azure.
https://www.lastweekinaws.com/blog/azures_vulnerabilities_are_quack
#azure
Last Week in AWS
Azure’s Security Vulnerabilities Are Out of Control
Azure's multiple security vulnerabilities are highly concerning, for both customer data and the cloud's reputation. It's time we put public pressure on Azure.
😱1
🔶 Abusing the Replicator: Silently Exfiltrating Data with the AWS S3 Replication Service
A comprehensive backup strategy is a cornerstone of any DR plan. But how would you distinguish between legitimate backup activity and malicious data exfiltration?
https://www.vectra.ai/blogpost/abusing-the-replicator-silently-exfiltrating-data-with-the-aws-s3-replication-service
#aws
A comprehensive backup strategy is a cornerstone of any DR plan. But how would you distinguish between legitimate backup activity and malicious data exfiltration?
https://www.vectra.ai/blogpost/abusing-the-replicator-silently-exfiltrating-data-with-the-aws-s3-replication-service
#aws
www.vectra.ai
Abusing the Replicator: Silently Exfiltrating Data with the AWS S3 Replication Service by Kat Traxler
A comprehensive backup strategy is a cornerstone of any DR plan. But how would you distinguish between legitimate backup activity and malicious data exfiltration?
🔥1
🔴 How to overcome 5 common SecOps challenges
Here are 5 common issues that many SecOps teams struggle with, and how to fix them.
https://cloud.google.com/blog/products/identity-security/how-to-overcome-5-common-secops-challenges
#gcp
Here are 5 common issues that many SecOps teams struggle with, and how to fix them.
https://cloud.google.com/blog/products/identity-security/how-to-overcome-5-common-secops-challenges
#gcp
Google Cloud Blog
How to overcome 5 common SecOps challenges | Google Cloud Blog
Here are 5 common issues that many SecOps teams struggle with—and how to fix them.
🔥1
(in Russian)
Встречайте наше первое небольшое, но полноценное мероприятие по облачной безопасности в гибридном формате в уютном (но пока еще тайном) месте в центре летней Москвы.
Ждем с нетерпением инженеров по безопасности, директоров по ИБ, специалистов по DevSecOps, security инженеров и всех, кто интересуется этой тематикой.
На офлайн-мероприятие приглашаем участников нашего чата по безопасности, которые зарегистрируются в форме ниже. Мероприятие бесплатное.
Для тех, кто не сможет посетить нас очно, мы организуем трансляцию мероприятия.
Подробнее о мероприятии →
Творческое объединение WIP, Яузский бул., 11, стр. 1
#advertising
Встречайте наше первое небольшое, но полноценное мероприятие по облачной безопасности в гибридном формате в уютном (но пока еще тайном) месте в центре летней Москвы.
Ждем с нетерпением инженеров по безопасности, директоров по ИБ, специалистов по DevSecOps, security инженеров и всех, кто интересуется этой тематикой.
На офлайн-мероприятие приглашаем участников нашего чата по безопасности, которые зарегистрируются в форме ниже. Мероприятие бесплатное.
Для тех, кто не сможет посетить нас очно, мы организуем трансляцию мероприятия.
Подробнее о мероприятии →
Творческое объединение WIP, Яузский бул., 11, стр. 1
#advertising
👍8👎8