🔶 AWS Security Groups Guide
Knowing how security groups & NACLs work together is extremely important for controlling network traffic to your instances & subnets.
https://sysdig.com/blog/aws-security-groups-guide
(Use VPN if you can’t open it)
#aws
Knowing how security groups & NACLs work together is extremely important for controlling network traffic to your instances & subnets.
https://sysdig.com/blog/aws-security-groups-guide
(Use VPN if you can’t open it)
#aws
🔥1
🔶 flosell/trailscraper
By Thoughtworks’s Florian Sellmayr: A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies.
https://github.com/flosell/trailscraper
#aws
By Thoughtworks’s Florian Sellmayr: A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies.
https://github.com/flosell/trailscraper
#aws
GitHub
GitHub - flosell/trailscraper: A command-line tool to get valuable information out of AWS CloudTrail
A command-line tool to get valuable information out of AWS CloudTrail - flosell/trailscraper
🔥1
🔴 Announcing Sensitive Actions to help keep accounts secure
Google introduced Sensitive Actions, a new way to understand user account behaviour. They are changes made in a Google Cloud environment that are security relevant, and therefore important to be aware of and evaluate.
https://cloud.google.com/blog/products/identity-security/announcing-sensitive-actions-to-help-keep-accounts-secure
#gcp
Google introduced Sensitive Actions, a new way to understand user account behaviour. They are changes made in a Google Cloud environment that are security relevant, and therefore important to be aware of and evaluate.
https://cloud.google.com/blog/products/identity-security/announcing-sensitive-actions-to-help-keep-accounts-secure
#gcp
🔥2
🔶 cloudandthings/terraform-aws-clickops-notifier
Get notified when users are taking actions in the AWS Console.
https://github.com/cloudandthings/terraform-aws-clickops-notifier
#aws
Get notified when users are taking actions in the AWS Console.
https://github.com/cloudandthings/terraform-aws-clickops-notifier
#aws
GitHub
GitHub - cloudandthings/terraform-aws-clickops-notifier: Get notified when actions are taken in the AWS Console.
Get notified when actions are taken in the AWS Console. - cloudandthings/terraform-aws-clickops-notifier
🔥2
🔶 Use IAM Access Analyzer policy generation to grant fine-grained permissions for your AWS CloudFormation service roles
IAM Access Analyzer policy generation creates fine-grained policies based on your AWS CloudTrail access activity—for example, the actions you use with ECS, Lambda and S3. AWS has expanded policy generation capabilities to support the identification of actions used from over 140 services, including CloudFormation, DynamoDB, and SQS.
https://aws.amazon.com/ru/blogs/security/use-iam-access-analyzer-policy-generation-to-grant-fine-grained-permissions-for-your-aws-cloudformation-service-roles
IAM Access Analyzer policy generation creates fine-grained policies based on your AWS CloudTrail access activity—for example, the actions you use with ECS, Lambda and S3. AWS has expanded policy generation capabilities to support the identification of actions used from over 140 services, including CloudFormation, DynamoDB, and SQS.
https://aws.amazon.com/ru/blogs/security/use-iam-access-analyzer-policy-generation-to-grant-fine-grained-permissions-for-your-aws-cloudformation-service-roles
🔥1
🔷 CosMiss: Azure Cosmos DB Vulnerability
The Orca Research team has discovered CosMiss, a vulnerability in Microsoft Azure Cosmos DB where authentication checks were missing from Cosmos DB Notebooks.
https://orca.security/resources/blog/cosmiss-vulnerability-azure-cosmos-db
#azure
The Orca Research team has discovered CosMiss, a vulnerability in Microsoft Azure Cosmos DB where authentication checks were missing from Cosmos DB Notebooks.
https://orca.security/resources/blog/cosmiss-vulnerability-azure-cosmos-db
#azure
🔥2
🔶🔴 Exploiting Static Site Generators: When Static Is Not Actually Static
The Assetnote security research team found vulnerabilities in static site generators (such as GatsbyJS and NextJS) and associated platforms (Netlify and GatsbyJS Cloud), which enabled SSRF.
https://blog.assetnote.io/2022/10/28/exploiting-static-site-generators
#aws #gcp
The Assetnote security research team found vulnerabilities in static site generators (such as GatsbyJS and NextJS) and associated platforms (Netlify and GatsbyJS Cloud), which enabled SSRF.
https://blog.assetnote.io/2022/10/28/exploiting-static-site-generators
#aws #gcp
🔥2
🔶 Internet Egress Filtering of Services at Lyft
How the Security team of Lyft achieved egress network traffic filtering for all their services.
https://eng.lyft.com/internet-egress-filtering-of-services-at-lyft-72e99e29a4d9?gi=983e70aa4ceb
#aws
How the Security team of Lyft achieved egress network traffic filtering for all their services.
https://eng.lyft.com/internet-egress-filtering-of-services-at-lyft-72e99e29a4d9?gi=983e70aa4ceb
#aws
🔥2
🔶 Vault DR with AWS Lambda for Sub-Minute Recovery
How YNAP used AWS Lambda functions to reduce the disaster recovery time for HashiCorp Vault to mere seconds.
https://www.hashicorp.com/resources/vault-dr-with-aws-lambda-for-sub-minute-recovery
#aws
How YNAP used AWS Lambda functions to reduce the disaster recovery time for HashiCorp Vault to mere seconds.
https://www.hashicorp.com/resources/vault-dr-with-aws-lambda-for-sub-minute-recovery
#aws
HashiCorp
Vault DR with AWS Lambda for Sub-Minute Recovery
Hear how YNAP used AWS Lambda functions to reduce the disaster recovery time for HashiCorp Vault to mere seconds.
👍2🔥1
🔶 AWS security assessment: what scanners are missing and how threat modeling may help you?
SoftServe’s Pawel Rzepa discusses what scanners are missing and why he think tools cannot fully replace a human assessor in performing an effective AWS security assessment. Key points: scanners lack context, more findings don’t mean a better result, scanners may have security check gaps, skipped data flows and relations. Address these gaps via threat modeling.
https://towardsaws.com/aws-security-assessment-what-scanners-are-missing-and-how-threat-modeling-may-help-you-6a76c1c843f3
#aws
SoftServe’s Pawel Rzepa discusses what scanners are missing and why he think tools cannot fully replace a human assessor in performing an effective AWS security assessment. Key points: scanners lack context, more findings don’t mean a better result, scanners may have security check gaps, skipped data flows and relations. Address these gaps via threat modeling.
https://towardsaws.com/aws-security-assessment-what-scanners-are-missing-and-how-threat-modeling-may-help-you-6a76c1c843f3
#aws
👍3
🔷 Bypassing Azure AD home tenant MFA and CA
Because of the Azure AD authentication platform architecture, users can bypass home tenant MFA and CA policies when logging in directly to resource tenants.
https://aadinternals.com/post/ests
#azure
Because of the Azure AD authentication platform architecture, users can bypass home tenant MFA and CA policies when logging in directly to resource tenants.
https://aadinternals.com/post/ests
#azure
🔥2
🔶 An AWS account just for getting into other AWS accounts
This is the AWS account that makes having lots of AWS accounts efficient and safe. It's the most important account in your organization.
https://src-bin.com/an-aws-account-just-for-getting-into-other-aws-accounts
#aws
This is the AWS account that makes having lots of AWS accounts efficient and safe. It's the most important account in your organization.
https://src-bin.com/an-aws-account-just-for-getting-into-other-aws-accounts
#aws
🔥2
🔶 FivexL's Reaction to the AWS Security Baseline for Startups
FivexL shares its outlook on AWS Security Guidelines for startups. Find out how to improve your AWS security efficiently.
https://fivexl.io/blog/fivexl-reaction
#aws
FivexL shares its outlook on AWS Security Guidelines for startups. Find out how to improve your AWS security efficiently.
https://fivexl.io/blog/fivexl-reaction
#aws
👍2
🔶 AWS Network Firewall Workshop
A workshop teaching how to deploy Network Firewall using infrastructure as code.
https://catalog.us-east-1.prod.workshops.aws/workshops/58df66b5-ffd5-42dc-9e2c-d5a8ebe360d8/en-US
#aws
A workshop teaching how to deploy Network Firewall using infrastructure as code.
https://catalog.us-east-1.prod.workshops.aws/workshops/58df66b5-ffd5-42dc-9e2c-d5a8ebe360d8/en-US
#aws
🔥1
🔶 onemorepereira/aws-sso-reporter
A tool that uses the AWS SSO API to list all users, accounts, permission sets etc. and dumps it into a CSV file for additional parsing or viewing.
https://github.com/onemorepereira/aws-sso-reporter
#aws
A tool that uses the AWS SSO API to list all users, accounts, permission sets etc. and dumps it into a CSV file for additional parsing or viewing.
https://github.com/onemorepereira/aws-sso-reporter
#aws
👍1
🔷 Token tactics: How to prevent, detect, and respond to cloud token theft
As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft for this purpose.
https://www.microsoft.com/en-us/security/blog/2022/11/16/token-tactics-how-to-prevent-detect-and-respond-to-cloud-token-theft
#azure
As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft for this purpose.
https://www.microsoft.com/en-us/security/blog/2022/11/16/token-tactics-how-to-prevent-detect-and-respond-to-cloud-token-theft
#azure
🔥2
🔶 Infosys leaked FullAdminAccess AWS keys on PyPi for over a year
They appear to issue AWS keys to developers that are not rotated for several years and store these keys in git. They also don't have a clear place to report security issues like this.
https://tomforb.es/infosys-leaked-fulladminaccess-aws-keys-on-pypi-for-over-a-year
#aws
They appear to issue AWS keys to developers that are not rotated for several years and store these keys in git. They also don't have a clear place to report security issues like this.
https://tomforb.es/infosys-leaked-fulladminaccess-aws-keys-on-pypi-for-over-a-year
#aws
👏2
🔷 Abusing tcp tunneling in Azure Bastion
How Azure Bastion Native Client support works, and how an adversary could abuse this feature to perform attacks against Azure VMs over private IP addresses, without having direct network connectivity to the VM.
https://codyburkard.com/blog/bastionabuse
#azure
How Azure Bastion Native Client support works, and how an adversary could abuse this feature to perform attacks against Azure VMs over private IP addresses, without having direct network connectivity to the VM.
https://codyburkard.com/blog/bastionabuse
#azure
🔥2
🔶 The Many Ways to Access RDS
An overview of RDS access management capabilities along with examples using Terraform.
https://blog.symops.com/2022/11/17/rds-access
#aws
An overview of RDS access management capabilities along with examples using Terraform.
https://blog.symops.com/2022/11/17/rds-access
#aws
🔥2
🔷 Layers Of Cloud Azure And The Mis Storage Of Secrets
Ever wondered how storing secrets in the cloud can go wrong? This talk by Katie Knowles at BSides Toronto 2022 looks at common ways passwords should be stored.
https://youtu.be/SmxEvVg6Fe8
#azure
Ever wondered how storing secrets in the cloud can go wrong? This talk by Katie Knowles at BSides Toronto 2022 looks at common ways passwords should be stored.
https://youtu.be/SmxEvVg6Fe8
#azure
YouTube
Layers Of Cloud Azure And The Mis Storage Of Secrets by Katie Knowles at BSides Toronto 2022
Presented on October 8 2022.
Where are secrets stored in Azure? Is it even safe to put secrets in the cloud to begin with? There's so many services in Azure that this isn't easy to answer. We'll start by taking a look at common ways passwords should be stored…
Where are secrets stored in Azure? Is it even safe to put secrets in the cloud to begin with? There's so many services in Azure that this isn't easy to answer. We'll start by taking a look at common ways passwords should be stored…
🔥1
🔶 A Confused Deputy Vulnerability in AWS AppSync
A cross-tenant vulnerability in AWS AppSync, which allowed an attacker to access data in victims' accounts.
https://securitylabs.datadoghq.com/articles/appsync-vulnerability-disclosure
#aws
A cross-tenant vulnerability in AWS AppSync, which allowed an attacker to access data in victims' accounts.
https://securitylabs.datadoghq.com/articles/appsync-vulnerability-disclosure
#aws
🔥1