ar
Feedback
CloudSec Wine

CloudSec Wine

الذهاب إلى القناة على Telegram

All about cloud security Contacts: @AMark0f @dvyakimov About DevSecOps: @sec_devops

إظهار المزيد
2 235
المشتركون
-124 ساعات
لا توجد بيانات7 أيام
+1030 أيام
أرشيف المشاركات
🔶 Unwanted Permissions that may impact security when using the ReadOnlyAccess policy in AWS With this analysis, Tempest researchers identified at least 41 actions that can lead to improper data access. https://sidechannel.blog/en/unwanted-permissions-that-may-impact-security-when-using-the-readonlyaccess-policy-in-aws #aws

🔴 Incident report: Spotting an attacker in GCP A walk through of how an attacker gained access to a customer's GCP environment, Expel's investigative process, and some key takeaways for securing your organization. https://expel.com/blog/incident-report-spotting-an-attacker-in-gcp #gcp

🔷 SynLapse - Technical Details for Critical Azure Synapse Vulnerability This blog describes the technical details of SynLapse, a critical Synapse Analytics vulnerability in Microsoft Azure which allowed attackers to bypass tenant separation. https://orca.security/resources/blog/synlapse-critical-azure-synapse-analytics-service-vulnerability #azure

🔶🔷🔴 The cloud gray zone: secret agents installed by cloud service providers Wiz Research details how cloud middleware use across cloud service providers can expose customers' virtual machines to new attack vectors. https://www.wiz.io/blog/the-cloud-gray-zone-secret-agents-installed-by-cloud-service-providers #aws #azure #gcp

🔴 An Easy Misconfiguration to Make: Hidden Dangers in the Cloud Control Plane The biggest risk in cloud development is not recognizing the differences between cloud and traditional definitions of common architecture terms. https://www.mitiga.io/blog/misconfiguration-hidden-dangers-cloud-control-plane #gcp

🔶🔷🔴 cloud-middleware-dataset This project contains cloud middleware (i.e. agents installed by cloud security providers) used across the major cloud service providers (Azure, AWS and GCP). https://github.com/wiz-sec/cloud-middleware-dataset #aws #azure #gcp

🔶 Use CloudTrail to Pivot to AWS Accounts How to utilize the AWS CloudTrail service to discover other AWS accounts that you could pivot to. https://bishopfox.com/blog/cloudtrail-pivot-to-aws-accounts #aws

🔴 Enumeration and lateral movement in GCP environments A pentest write up describing how it was possible to compromise a hybrid GCP hosted infrastructure using native GCP tools. https://infosecwriteups.com/enumeration-and-lateral-movement-in-gcp-environments-c3b82d342794 #gcp

🔷 Managed Identity Attack Paths, Part 1: Automation Accounts A three part blog series exploring attack paths that emerge out of Managed Identity assignments in three Azure services. https://posts.specterops.io/managed-identity-attack-paths-part-1-automation-accounts-82667d17187a #azure

🔴 How to Think about Threat Detection in the Cloud Google’s Anton Chuvakin and Tim Peacock share their views on a foundational framework for thinking about threat detection in public cloud computing. https://medium.com/anton-on-security/how-to-think-about-threat-detection-in-the-cloud-1baff902afe5 #gcp

🔶 When and where to use IAM permissions boundaries AWS’s Umair Rehmat covers common use cases for permissions boundaries, so
🔶 When and where to use IAM permissions boundaries AWS’s Umair Rehmat covers common use cases for permissions boundaries, some best practices to consider, and a few things to avoid. https://aws.amazon.com/ru/blogs/security/when-and-where-to-use-iam-permissions-boundaries #aws

🔶 AWS Startup Security Baseline Guidance by AWS’ Jay Michael on a set of controls that create a minimum foundation for businesses to build securely on AWS without decreasing their agility. https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/welcome.html #aws

🔷 Azure/aztfy A tool to bring existing Azure resources under Terraform’s management. https://github.com/Azure/aztfy #azure

🔶🔷🔴 Securing Cloud Services against Squatting Attacks Post discussing the root causes of cloud squatting from an IT practitioner's perspective, and demonstrates the steps companies can take to harden their infrastructure. https://pauley.me/post/2022/secure-cloud-decomissioning #aws #azure #gcp

🔶🔷🔴 google/cloud-forensics-utils A Python library to carry out DFIR analysis on the cloud. Currently supports GCP, Azure, and AWS. https://github.com/google/cloud-forensics-utils #aws #azure #gcp

🔶 A Review of the AWS Security Model AWS have released their own security maturity model, but does it stack up against what we're seeing in real-world attacks and in the approaches being suggested by the rest of the AWS security community? https://www.nojones.net/posts/a-review-of-the-aws-security-maturity-model #aws

🔷 Automating Azure Abuse Research A step-by-step process for automating Azure abuse research, with examples for Azure Virtual Machines and their Managed Identities. https://posts.specterops.io/automating-azure-abuse-research-part-1-30b0eca33418 #azure

🔶🔷🔴 A Look Into Public Clouds From the Ransomware Actor's Perspective Article exploring how ransomware threat actors might operate in cloud environments, and what approaches they might use to attack and impact resources in public clouds. https://unit42.paloaltonetworks.com/ransomware-in-public-clouds #aws #azure #gcp

🔶🔴 Implementing Secure Code in the Cloud Learn how to implement security in the cloud at the application layer. https://scalesec.com/blog/implementing-secure-code-in-the-cloud #aws #gcp

🔶 Zero Maintenance AWS Canary Tokens That Scale By utilizing temporary credentials (credentials returned as the result of the AssumeRole operation) as honeytokens, we can deploy a honeytoken approach that scales with our environment, utilize existing detection mechanisms (CloudTrail alerting), and remove the need to run a set of infrastructure dedicated to managing IAM Users. https://medium.com/@williambengtson/zero-maintenance-aws-canary-tokens-that-scale-b470c6f60da #aws