Container_Attacks_2022.pdf
6.8 MB
#Analytics
#Cloud_Security
"Container Attacks Catalog: A detailed analysis of container attacks", 2022.
#Cloud_Security
"Container Attacks Catalog: A detailed analysis of container attacks", 2022.
#Threat_Research
#Cloud_Security
1. Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg
https://blog.exodusintel.com/2022/12/19/linux-kernel-exploiting-a-netfilter-use-after-free-in-kmalloc-cg
2. Elastic IP Hijacking - A New Attack Vector in AWS
https://www.mitiga.io/blog/elastic-ip-hijacking-a-new-attack-vector-in-aws
#Cloud_Security
1. Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg
https://blog.exodusintel.com/2022/12/19/linux-kernel-exploiting-a-netfilter-use-after-free-in-kmalloc-cg
2. Elastic IP Hijacking - A New Attack Vector in AWS
https://www.mitiga.io/blog/elastic-ip-hijacking-a-new-attack-vector-in-aws
Exodus Intelligence
Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg - Exodus Intelligence
By Sergi Martinez Overview It’s been a while since our last technical blogpost, so here’s one right on time for the Christmas holidays. We describe a method to exploit a use-after-free in the Linux kernel when objects are allocated in a specific slab cache…
#Cloud_Security
Detecting Cloud Account Takeover
https://www.splunk.com/en_us/blog/security/detecting-cloud-account-takeover-attacks-threat-research-release-october-2022.html
Detecting Cloud Account Takeover
https://www.splunk.com/en_us/blog/security/detecting-cloud-account-takeover-attacks-threat-research-release-october-2022.html
Splunk
Detecting Cloud Account Takeover Attacks: Threat Research Release, October 2022 | Splunk
The Splunk Threat Research Team shares a closer look at the telemetry available in Azure, AWS and GCP and the options teams have to ingest this data into Splunk.
#Cloud_Security
1. Parsing and manipulating JSON in Powershell
https://isc.sans.edu/diary/29380
2. Passwordless Persistence and Privilege Escalation in Azure
https://posts.specterops.io/passwordless-persistence-and-privilege-escalation-in-azure-98a01310be3f
1. Parsing and manipulating JSON in Powershell
https://isc.sans.edu/diary/29380
2. Passwordless Persistence and Privilege Escalation in Azure
https://posts.specterops.io/passwordless-persistence-and-privilege-escalation-in-azure-98a01310be3f
SANS Internet Storm Center
InfoSec Handlers Diary Blog - SANS Internet Storm Center
Internet Storm Center Diary 2023-07-01, Author: Russ McRee
Forwarded from Deadly malware xp
aws_sec_incident_resp.pdf
749.1 KB
#Cloud_Security
"AWS Security Incident Response Guide", 2022.
"AWS Security Incident Response Guide", 2022.
Forwarded from Deadly malware xp
#Cloud_Security
1. Azure AD Pass-Through Authentication Flaws
https://www.secureworks.com/research/azure-active-directory-pass-through-authentication-flaws
]-> PTAAgentDump tool: https://github.com/secureworks/PTAAgentDump
2. Red Teaming Microsoft Azure
https://improsec.com/tech-blog/read2own
1. Azure AD Pass-Through Authentication Flaws
https://www.secureworks.com/research/azure-active-directory-pass-through-authentication-flaws
]-> PTAAgentDump tool: https://github.com/secureworks/PTAAgentDump
2. Red Teaming Microsoft Azure
https://improsec.com/tech-blog/read2own
Secureworks
Azure Active Directory Pass-Through Authentication Flaws
In May 2022, Secureworks® Counter Threat Unit™ (CTU) researchers analyzed how the protocols used by Pass-Through Authentication could be exploited.
Forwarded from Deadly malware xp
#Cloud_Security
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass
https://securitylabs.datadoghq.com/articles/iamadmin-cloudtrail-bypass
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass
https://securitylabs.datadoghq.com/articles/iamadmin-cloudtrail-bypass
Datadoghq
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass
Public disclosure of a method to bypass CloudTrail for specific IAM actions.
#tools
#Cloud_Security
Gold Digger - tool used to help quickly discover sensitive information in files recursively
https://github.com/ustayready/golddigger
#Cloud_Security
Gold Digger - tool used to help quickly discover sensitive information in files recursively
https://github.com/ustayready/golddigger
#tools
#Cloud_Security
1. Kubernetes exploitation tool
https://github.com/Rolix44/Kubestroyer
2. Azure Attack Paths Management
https://sofblocks.github.io/azure-attack-paths
#Cloud_Security
1. Kubernetes exploitation tool
https://github.com/Rolix44/Kubestroyer
2. Azure Attack Paths Management
https://sofblocks.github.io/azure-attack-paths
Wireshark_forensics.pdf
24.8 MB
#Tech_book
#Cloud_Security
"Wireshark for Network Forensics: An Essential Guide for IT and Cloud Professionals", 2023.
#Cloud_Security
"Wireshark for Network Forensics: An Essential Guide for IT and Cloud Professionals", 2023.