๐ถ Discovering a weakness leading to a partial bypass of the login rate limiting in the AWS Console
Post discussing a weakness in the AWS Console authentication flow that allowed an attacker to partially bypass the login rate limit.
https://securitylabs.datadoghq.com/articles/aws-console-rate-limit-bypass
#aws
Post discussing a weakness in the AWS Console authentication flow that allowed an attacker to partially bypass the login rate limit.
https://securitylabs.datadoghq.com/articles/aws-console-rate-limit-bypass
#aws
๐ฅ2
๐ท Know Your App Services Before Your Enemy Does
A look at Azure App Services, security advice, and how to use Azure Resource Graph Explorer and other tools to implement these recommendations.
https://miraisecurity.com/blog/know-your-app-services-before-your-enemy-does
#azure
A look at Azure App Services, security advice, and how to use Azure Resource Graph Explorer and other tools to implement these recommendations.
https://miraisecurity.com/blog/know-your-app-services-before-your-enemy-does
#azure
๐ฅ3
๐ท threatmodel-for-azure-storage
A library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based approach.
https://github.com/trustoncloud/threatmodel-for-azure-storage
#azure
A library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based approach.
https://github.com/trustoncloud/threatmodel-for-azure-storage
#azure
๐ฅ4
๐ถ Updated ebook: Protecting your AWS environment from ransomware
By AWSโs Megan OโNeil and Merritt Baer: The new ebook includes the top 10 best practices for ransomware protection and covers new services and features that have been released since the original published date in April 2020.
https://aws.amazon.com/ru/blogs/security/updated-ebook-protecting-your-aws-environment-from-ransomware
#aws
By AWSโs Megan OโNeil and Merritt Baer: The new ebook includes the top 10 best practices for ransomware protection and covers new services and features that have been released since the original published date in April 2020.
https://aws.amazon.com/ru/blogs/security/updated-ebook-protecting-your-aws-environment-from-ransomware
#aws
๐ฅ1
๐ท Azure B2C: Crypto Misuse and Account Compromise
Microsoft's Azure Active Directory B2C service contained a cryptographic flaw which allowed an attacker to craft an OAuth refresh token with the contents for any user account. An attacker could redeem this refresh token for a session token, thereby gaining access to a victim account as if the attacker had logged in through a legitimate login flow.
https://www.praetorian.com/blog/azure-b2c-crypto-misuse-and-account-compromise
#azure
Microsoft's Azure Active Directory B2C service contained a cryptographic flaw which allowed an attacker to craft an OAuth refresh token with the contents for any user account. An attacker could redeem this refresh token for a session token, thereby gaining access to a victim account as if the attacker had logged in through a legitimate login flow.
https://www.praetorian.com/blog/azure-b2c-crypto-misuse-and-account-compromise
#azure
๐ฅ1
๐ถ How Using Deprecated Policies Creates Overprivileged Permissions
AmazonEC2RoleforSSM, a deprecated version of the now recommended AmazonSSMManagedInstaceCore. This post breaks down why AWS likely deprecated the original policy and how organizations leave themselves vulnerable by continuing to use these deprecated policies.
https://permiso.io/blog/s/deprecated-aws-policy-amazonec2roleforSSM
#aws
AmazonEC2RoleforSSM, a deprecated version of the now recommended AmazonSSMManagedInstaceCore. This post breaks down why AWS likely deprecated the original policy and how organizations leave themselves vulnerable by continuing to use these deprecated policies.
https://permiso.io/blog/s/deprecated-aws-policy-amazonec2roleforSSM
#aws
๐ฅ1
๐ท Azure AD Kerberos Tickets: Pivoting to the Cloud
If you've ever been doing an Internal Penetration test where you've reached Domain Admin status and you have a cloud presence, your entire Azure cloud can still be compromised.
https://www.trustedsec.com/blog/azure-ad-kerberos-tickets-pivoting-to-the-cloud
#azure
If you've ever been doing an Internal Penetration test where you've reached Domain Admin status and you have a cloud presence, your entire Azure cloud can still be compromised.
https://www.trustedsec.com/blog/azure-ad-kerberos-tickets-pivoting-to-the-cloud
#azure
๐ฅ1
๐ถ 6 Keys to Securing User Uploads to Amazon S3
How to architect AWS applications to securely enable user uploaded content, using pre-signed post URLs.
https://scalesec.com/blog/6-keys-to-securing-user-uploads-to-amazon-s3
#aws
How to architect AWS applications to securely enable user uploaded content, using pre-signed post URLs.
https://scalesec.com/blog/6-keys-to-securing-user-uploads-to-amazon-s3
#aws
๐ฅ1
๐ท Canarytokens welcomes Azure Login Certificate Token
Canarytokens.org introduced the Azure Login Certificate Token (aka the Azure Token). You can sprinkle Azure tokens throughout your environment and receive high fidelity notifications whenever they're used.
https://blog.thinkst.com/2023/02/canarytokens-org-welcomes-azure-login-certificate-token.html
#azure
Canarytokens.org introduced the Azure Login Certificate Token (aka the Azure Token). You can sprinkle Azure tokens throughout your environment and receive high fidelity notifications whenever they're used.
https://blog.thinkst.com/2023/02/canarytokens-org-welcomes-azure-login-certificate-token.html
#azure
๐2
๐ถ A role for all your EC2 instances
You can now pass an IAM role to every EC2 instance in your account + region.
https://awsteele.com/blog/2023/02/20/a-role-for-all-your-ec2-instances.html
#aws
You can now pass an IAM role to every EC2 instance in your account + region.
https://awsteele.com/blog/2023/02/20/a-role-for-all-your-ec2-instances.html
#aws
๐ฅ1
๐ถ My CI/CD pipeline is my release captain
How Amazon continuously release changes to production by practicing trunk-based development, by using CI/CD pipelines to manage deployment artifacts and coordinate releases across multiple production environments, and by practicing proactive and automatic rollbacks.
https://aws.amazon.com/ru/builders-library/cicd-pipeline
#aws
How Amazon continuously release changes to production by practicing trunk-based development, by using CI/CD pipelines to manage deployment artifacts and coordinate releases across multiple production environments, and by practicing proactive and automatic rollbacks.
https://aws.amazon.com/ru/builders-library/cicd-pipeline
#aws
๐ฅ4
๐ด Securing Cloud Run Deployments with Least Privilege Access
How to protect your Cloud Run deployments by implementing least privilege access for Cloud Run services and service consumers.
https://cloud.google.com/blog/products/identity-security/securing-cloud-run-deployments-with-least-privilege-access
#gcp
How to protect your Cloud Run deployments by implementing least privilege access for Cloud Run services and service consumers.
https://cloud.google.com/blog/products/identity-security/securing-cloud-run-deployments-with-least-privilege-access
#gcp
๐1
๐ถ automated-ci-pipeline-creation
Creation of Continuous Integration pipelines dynamically using an AWS Step Function based approach to create standardised pipelines for an organisation.
https://github.com/aws-samples/automated-ci-pipeline-creation
#aws
Creation of Continuous Integration pipelines dynamically using an AWS Step Function based approach to create standardised pipelines for an organisation.
https://github.com/aws-samples/automated-ci-pipeline-creation
#aws
๐ฅ2
๐ด How Attackers Can Exploit GCP's Multicloud Workload Solution
A deep dive into the inner workings of GCP Workload Identity Federation, taking a look at risks and how to avoid misconfigurations.
https://ermetic.com/blog/gcp/how-attackers-can-exploit-gcps-multicloud-workload-solution
#gcp
A deep dive into the inner workings of GCP Workload Identity Federation, taking a look at risks and how to avoid misconfigurations.
https://ermetic.com/blog/gcp/how-attackers-can-exploit-gcps-multicloud-workload-solution
#gcp
๐ฅ3
๐ถ๐ด Five Things You Need to Know About Malware on Storage Buckets
An overview of malware in cloud storage buckets and mitigation best practices.
https://orca.security/resources/blog/the-risks-of-malware-in-storage-buckets
#aws #gcp
An overview of malware in cloud storage buckets and mitigation best practices.
https://orca.security/resources/blog/the-risks-of-malware-in-storage-buckets
#aws #gcp
๐ฅ1
๐ถ AWS EC2 IMDS - What You Need to Know
A technical review of IMDSv2.
https://ermetic.com/blog/aws/aws-ec2-imds-what-you-need-to-know
#aws
A technical review of IMDSv2.
https://ermetic.com/blog/aws/aws-ec2-imds-what-you-need-to-know
#aws
๐ฅ1
๐ถ staticwebsite-cli
This CLI tool makes it easy to deploy a static website to AWS. It builds and hosts the website, sets up a CDN and DNS, and provisions an SSL certificate.
https://github.com/awslabs/staticwebsite-cli
#aws
This CLI tool makes it easy to deploy a static website to AWS. It builds and hosts the website, sets up a CDN and DNS, and provisions an SSL certificate.
https://github.com/awslabs/staticwebsite-cli
#aws
๐ฅ2
๐ท Preview support for Kata VM Isolated Containers on AKS for Pod Sandboxing
Azure Kubernetes Service (AKS) now supports pod sandboxing in preview in all Azure regions on a subset of Azure VM Sizes that support Nested Virtualization.
https://techcommunity.microsoft.com/t5/apps-on-azure-blog/preview-support-for-kata-vm-isolated-containers-on-aks-for-pod/ba-p/3751557
#azure
Azure Kubernetes Service (AKS) now supports pod sandboxing in preview in all Azure regions on a subset of Azure VM Sizes that support Nested Virtualization.
https://techcommunity.microsoft.com/t5/apps-on-azure-blog/preview-support-for-kata-vm-isolated-containers-on-aks-for-pod/ba-p/3751557
#azure
๐ฅ1
๐ด Google Cloud Platform Exfiltration: A Threat Hunting Guide
Some security gaps that every organization using GCP should be aware of in order to protect itself from data exfiltration.
https://www.mitiga.io/blog/google-cloud-platform-exfiltration-a-threat-hunting-guide
#gcp
Some security gaps that every organization using GCP should be aware of in order to protect itself from data exfiltration.
https://www.mitiga.io/blog/google-cloud-platform-exfiltration-a-threat-hunting-guide
#gcp
๐1๐ฅ1
๐ท Pivoting with Azure Automation Account Connections
How Automation Accounts handle authenticating as other accounts within a runbook, and how to abuse those authentication connections to pivot to other Azure resources.
https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-automation-account-connections
#azure
How Automation Accounts handle authenticating as other accounts within a runbook, and how to abuse those authentication connections to pivot to other Azure resources.
https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-automation-account-connections
#azure
๐ฅ1
๐ถ Understanding the Integration Between KMS and Secrets Manager on AWS
Post covering the integration between KMS and Secrets Manager on AWS, to better understand how they work.
https://blog.lightspin.io/understanding-the-integration-between-kms-and-secrets-manager-on-aws
#aws
Post covering the integration between KMS and Secrets Manager on AWS, to better understand how they work.
https://blog.lightspin.io/understanding-the-integration-between-kms-and-secrets-manager-on-aws
#aws
๐ฅ1