🔷Automating Insecurity In Azure
Slides of the homonym talk at cloudvillage_dc (on Twitter).
https://notpayloads.blob.core.windows.net/slides/DC-AzureAutomationAccounts.pdf
#azure
Slides of the homonym talk at cloudvillage_dc (on Twitter).
https://notpayloads.blob.core.windows.net/slides/DC-AzureAutomationAccounts.pdf
#azure
👍3
🔴 GCP: Monitor IAM role assignments via Log Alerts in GCP
How to create Log alerts in GCP to track specific IAM role assignments.
https://medium.com/google-cloud/audit-iam-role-assignments-in-gcp-through-log-alerts-3bcdf3d7a504
#gcp
How to create Log alerts in GCP to track specific IAM role assignments.
https://medium.com/google-cloud/audit-iam-role-assignments-in-gcp-through-log-alerts-3bcdf3d7a504
#gcp
Medium
GCP: Monitor IAM role assignments via Log Alerts in GCP
GCP IAM enables Organization and Project administrators to manage role based access to users on specific resources. Typically enterprises…
👏2
🔶Three Guardrails for AWS Lambda
Three guardrails you can put in place around that Lambda code: code signing, function versions and aliases, and Amazon CodeGuru Reviewer.
https://blog.symops.com/2022/08/17/lambda-guardrails
#aws
Three guardrails you can put in place around that Lambda code: code signing, function versions and aliases, and Amazon CodeGuru Reviewer.
https://blog.symops.com/2022/08/17/lambda-guardrails
#aws
The Sym Blog
Three Guardrails for AWS Lambda
While most articles about Lambda security focus on the actual Lambda code, it’s worth looking at the guardrails you can put in place around that code. In this article, I’ll go over three practices that should be considered table stakes.
👍2🔥1
🔶How to setup geofencing and IP allow-list for Cognito user pool
AWS announced a new feature this week that lets you enable WAF protection for Cognito user pools. And one of the things you can do with this is to implement geo-fencing and IP allow/deny lists.
https://theburningmonk.com/2022/08/how-to-setup-geofencing-and-ip-allow-list-for-cognito-user-pool
#aws
AWS announced a new feature this week that lets you enable WAF protection for Cognito user pools. And one of the things you can do with this is to implement geo-fencing and IP allow/deny lists.
https://theburningmonk.com/2022/08/how-to-setup-geofencing-and-ip-allow-list-for-cognito-user-pool
#aws
theburningmonk.com
How to setup geofencing and IP allow-list for Cognito user pool
Learn to build production-ready serverless applications on AWS
🔥1
Специальный выпуск Monthly Cloud News, посвященный информационной безопасности в облаке
В беседе Антона Черноусова с Алексеем Миртовым и Евгением Сидоровым окунемся в вопросы терзающие безопасников и разработчиков, ведущих проекты в облаке.
Темы августовского выпуска:
🔹 IT-сотрудники хотят в облака
🔹 Лучше ли безопаснику в облаке?
🔹 Обсудим топ-рисков ИБ в облаках
🔹 Утечки статических Сredentials
🔹 DevSecOps как симбиоз полезных практик для разработки
🔹 Audit Trails и все все все...
🔹 Повышение культуры разработки через обучение ИБ
Регистрируйтесь!
#advertising
В беседе Антона Черноусова с Алексеем Миртовым и Евгением Сидоровым окунемся в вопросы терзающие безопасников и разработчиков, ведущих проекты в облаке.
Темы августовского выпуска:
🔹 IT-сотрудники хотят в облака
🔹 Лучше ли безопаснику в облаке?
🔹 Обсудим топ-рисков ИБ в облаках
🔹 Утечки статических Сredentials
🔹 DevSecOps как симбиоз полезных практик для разработки
🔹 Audit Trails и все все все...
🔹 Повышение культуры разработки через обучение ИБ
Регистрируйтесь!
#advertising
🔥5👍1
🔶How to detect suspicious activity in your AWS account by using private decoy resources
AWS’s Maitreya Ranganath and Mark Keating describe how you can create low-cost private decoy AWS resources in your AWS accounts and configure them to generate alerts when they are accessed.
https://aws.amazon.com/ru/blogs/security/how-to-detect-suspicious-activity-in-your-aws-account-by-using-private-decoy-resources
#aws
AWS’s Maitreya Ranganath and Mark Keating describe how you can create low-cost private decoy AWS resources in your AWS accounts and configure them to generate alerts when they are accessed.
https://aws.amazon.com/ru/blogs/security/how-to-detect-suspicious-activity-in-your-aws-account-by-using-private-decoy-resources
#aws
🔥2
🔷Hunt for compromised Azure subscriptions using Microsoft Defender for Cloud Apps
How Microsoft Defender for Cloud Apps data can help hunt and mitigate the risk of compromised subscriptions.
https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/hunt-for-compromised-azure-subscriptions-using-microsoft/ba-p/3607121
#azure
How Microsoft Defender for Cloud Apps data can help hunt and mitigate the risk of compromised subscriptions.
https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/hunt-for-compromised-azure-subscriptions-using-microsoft/ba-p/3607121
#azure
TECHCOMMUNITY.MICROSOFT.COM
Hunt for compromised Azure subscriptions using Microsoft Defender for Cloud Apps
In our present threat landscape, attackers are constantly trying to compromise organizations, each with their own set of motives. They may want to compromise...
🔥1
🔴 Controls to restrict access to individually approved APIs
How to restrict access to individually approved Google APIs using the Organization Policy Service and other network controls.
https://cloud.google.com/architecture/network-controls-limit-access-individually-approved-apis
#gcp
How to restrict access to individually approved Google APIs using the Organization Policy Service and other network controls.
https://cloud.google.com/architecture/network-controls-limit-access-individually-approved-apis
#gcp
Google Cloud
Controls to restrict access to individually approved APIs | Cloud Architecture Center | Google Cloud
👍1
🔶 AWS WAF Fraud Control - Account takeover prevention for Amazon CloudFront
AWS WAF Fraud Control - Account Takeover Prevention protects your application's login page against credential stuffing attacks, brute force attempts, and other anomalous login activities.
https://aws.amazon.com/ru/about-aws/whats-new/2022/08/aws-waf-fraud-control-account-takeover-prevention-cloudfront
#aws
AWS WAF Fraud Control - Account Takeover Prevention protects your application's login page against credential stuffing attacks, brute force attempts, and other anomalous login activities.
https://aws.amazon.com/ru/about-aws/whats-new/2022/08/aws-waf-fraud-control-account-takeover-prevention-cloudfront
#aws
Amazon
AWS WAF Fraud Control - Account takeover prevention for Amazon CloudFront
🔥1
🔴 Announcing Virtual Machine Threat Detection now generally available to Cloud customers
Google announced that Virtual Machine Threat Detection (VMTD) in Security Command Center is now generally available for all Google Cloud customers.
https://cloud.google.com/blog/products/identity-security/introducing-virtual-machine-threat-detection-to-block-critical-threats
#gcp
Google announced that Virtual Machine Threat Detection (VMTD) in Security Command Center is now generally available for all Google Cloud customers.
https://cloud.google.com/blog/products/identity-security/introducing-virtual-machine-threat-detection-to-block-critical-threats
#gcp
Google Cloud Blog
Introducing Virtual Machine Threat Detection to block critical threats | Google Cloud Blog
Google Cloud makes the world’s first public cloud agentless virtual machine threat detection available to all Security Command Center Premium customers.
🔥2
🔷 Securing Azure middleware agents with new auto-patching capabilities
It turns out when you require your customers to manually patch critical vulnerabilities in software you installed for them that they often don’t know they have, update rates are low. Nice work from Wiz in pushing for auto-patching functionality.
https://www.wiz.io/blog/auto-patching-for-omi
#azure
It turns out when you require your customers to manually patch critical vulnerabilities in software you installed for them that they often don’t know they have, update rates are low. Nice work from Wiz in pushing for auto-patching functionality.
https://www.wiz.io/blog/auto-patching-for-omi
#azure
wiz.io
Securing Azure middleware agents with new auto-patching capabilities | Wiz Blog
Wiz finds Azure customers remain unpatched from cloud middleware vulnerability and collaborates with Microsoft to introduce an auto-patching solution against cloud middleware security issues and make the cloud safer
🔥1
CloudSec Wine
🔷 Automating Azure Abuse Research A step-by-step process for automating Azure abuse research, with examples for Azure Virtual Machines and their Managed Identities. https://posts.specterops.io/automating-azure-abuse-research-part-1-30b0eca33418 #azure
🔷 Automating Azure Abuse Research - Part 2
Second part of a series, this time focusing on how to use the BloodHound Attack Research Kit (BARK) to perform so-called "continuous abuse primitive validation".
https://posts.specterops.io/automating-azure-abuse-research-part-2-3e5bbe7a20c0
#azure
Second part of a series, this time focusing on how to use the BloodHound Attack Research Kit (BARK) to perform so-called "continuous abuse primitive validation".
https://posts.specterops.io/automating-azure-abuse-research-part-2-3e5bbe7a20c0
#azure
Medium
Automating Azure Abuse Research — Part 2
In Part 1 of this series, we looked at how to port functionality from the Azure GUI to PowerShell. Specifically, we looked at how to…
🔥2
🔶 AWS IAM Interview Questions
Some AWS IAM interview questions to help understand how much an engineer might know about AWS IAM, and how to apply it.
https://www.k9security.io/docs/aws-iam-interview-questions
#aws
Some AWS IAM interview questions to help understand how much an engineer might know about AWS IAM, and how to apply it.
https://www.k9security.io/docs/aws-iam-interview-questions
#aws
👍3
🔷 SMTP Matching Abuse in Azure AD
How SMTP matching can be abused to obtain privileged access via eligible role assignments, and how to prevent it.
https://www.semperis.com/blog/smtp-matching-abuse-in-azure-ad
#azure
How SMTP matching can be abused to obtain privileged access via eligible role assignments, and how to prevent it.
https://www.semperis.com/blog/smtp-matching-abuse-in-azure-ad
#azure
Semperis
SMTP Matching Abuse in Azure AD - Semperis
Attackers can use SMTP matching to hijack Azure AD. Read our recent post "SMTP Matching Abuse in Azure AD" to learn more.
🔥1
🔶 Incident Response in AWS
Post intended to help those already familiar with the principles of Incident Response to understand what to do when the incident involves the AWS Control Plane.
https://www.chrisfarris.com/post/aws-ir
#aws
Post intended to help those already familiar with the principles of Incident Response to understand what to do when the incident involves the AWS Control Plane.
https://www.chrisfarris.com/post/aws-ir
#aws
🔥1
🔶 CJ Moses might be the CISO of AWS, but service leaders own their own security
Interesting interview with AWS’s CJ Moses covering topics including:
1️⃣ What are your duties as CISO?
2️⃣ What is AWS’ security strategy?
3️⃣ What’s the biggest threat to cloud security right now and how do you stay ahead of all these bad actors?
4️⃣ What are the biggest security mistakes that you see enterprise customers repeating?
https://www.protocol.com/enterprise/cj-moses-aws-ciso
#aws
Interesting interview with AWS’s CJ Moses covering topics including:
1️⃣ What are your duties as CISO?
2️⃣ What is AWS’ security strategy?
3️⃣ What’s the biggest threat to cloud security right now and how do you stay ahead of all these bad actors?
4️⃣ What are the biggest security mistakes that you see enterprise customers repeating?
https://www.protocol.com/enterprise/cj-moses-aws-ciso
#aws
Protocol
CJ Moses might be the CISO of AWS, but service leaders own their own security
Moses, a former FBI tech leader and one-time AWS customer, thinks Amazon’s culture of ownership helps him secure AWS because executives are taught that they are directly responsible for the security of their services.
🔥2👍1
🔶 Attacking Firecracker: AWS' microVM Monitor Written in Rust
Firecracker is a microVM manager in Rust that powers AWS services like Lambda and Fargate. Here's how a red team team attacked a vulnerability in Firecracker.
https://www.graplsecurity.com/post/attacking-firecracker
#aws
Firecracker is a microVM manager in Rust that powers AWS services like Lambda and Fargate. Here's how a red team team attacked a vulnerability in Firecracker.
https://www.graplsecurity.com/post/attacking-firecracker
#aws
🔥2
🔶 A Federated Approach To Providing User Privacy Rights
How Lyft approaches managing user privacy in order to seamlessly handle compliance, data export, and deletion.
https://eng.lyft.com/a-federated-approach-to-providing-user-privacy-rights-3d9ab73441d9
#aws
How Lyft approaches managing user privacy in order to seamlessly handle compliance, data export, and deletion.
https://eng.lyft.com/a-federated-approach-to-providing-user-privacy-rights-3d9ab73441d9
#aws
🔥1
🔶 The Complete Guide to AWS KMS
An intro guide to AWS Key Management Service (AWS KMS), its different key types, and access (IAM) best practices.
https://blog.lightspin.io/the-complete-guide-to-aws-kms
#aws
An intro guide to AWS Key Management Service (AWS KMS), its different key types, and access (IAM) best practices.
https://blog.lightspin.io/the-complete-guide-to-aws-kms
#aws
👏2
🔴 Understanding basic networking in GKE - Networking basics
Post exploring the networking components of GKE and the various options that exist.
https://cloud.google.com/blog/topics/developers-practitioners/understanding-basic-networking-gke-networking-basics
#gcp
Post exploring the networking components of GKE and the various options that exist.
https://cloud.google.com/blog/topics/developers-practitioners/understanding-basic-networking-gke-networking-basics
#gcp
Google Cloud Blog
Understanding basic networking in GKE - Networking basics | Google Cloud Blog
👍2🔥1
🔶 awslabs/aws-security-assessment-solution
An AWS tool to help you create a point in time assessment of your AWS account using Prowler and Scout as well as optional AWS developed ransomware checks.
https://github.com/awslabs/aws-security-assessment-solution
#aws
An AWS tool to help you create a point in time assessment of your AWS account using Prowler and Scout as well as optional AWS developed ransomware checks.
https://github.com/awslabs/aws-security-assessment-solution
#aws
🔥3