CloudSec Wine

🔷 An Azure Tale of VPN, Conditional Access and MFA Bypass A walkthrough review of the implementation of an on-prem VPN server that used Azure AD as the idP and enforced MFA via conditional access policies. https://simondotsh.com/infosec/2023/08/15/azure-tale-vpn-ca-mfa-bypass.html #azure

🔶 SSRF Tricks - Thread Some tricks «rhynorater» picked up over the past 5 years of web app testing. https://x.com/rhynorater/status/1689400476452679682?s=52&t=J3j_Bp59pI4rfliKITPeZQ (Use VPN to open from Russia) #aws

🔶 AWS Security Monitoring in 2023: Untangle the chaos This post provides recommendations for implementing an effective security monitoring strategy in AWS. https://marbot.io/blog/2023-08-04-aws-security-monitoring-in-2023.html #aws

🔶 Hacking Github AWS integrations again Another post looking at the perils of unproperly scoping access provided by OIDC. https://dagrz.com/writing/aws-security/hacking-github-aws-oidc #aws

🔷 Knocking on the Front Door (client side desync attack on Azure CDN) A write-up on a Browser-Powered Desync bug discovered in the Azure CDN service known as Front Door. https://blog.jeti.pw/posts/knocking-on-the-front-door #azure

🔷 Unauthorized Access to Cross-Tenant Applications in Microsoft Power Platform A researcher at Tenable has discovered an issue that enables limited, unauthorized access to cross-tenant applications and sensitive data (including but not limited to authentication secrets). https://www.tenable.com/security/research/tra-2023-25 (Use VPN to open from Russia) #azure

🔶 Configure fine-grained access to your resources shared using AWS Resource Access Manager You can use AWS Resource Access Manager (AWS RAM) to securely, simply, and consistently share supported resource types within your organization or organizational units (OUs) and across AWS accounts. https://aws.amazon.com/ru/blogs/security/configure-fine-grained-access-to-your-resources-shared-using-aws-resource-access-manager/ #aws

🔶 Perform continuous vulnerability scanning of AWS Lambda functions with Amazon Inspector Activate Amazon Inspector within one or more AWS accounts, and be notified when a vulnerability is detected in an AWS Lambda function. https://aws.amazon.com/ru/blogs/security/perform-continuous-vulnerability-scanning-of-aws-lambda-functions-with-amazon-inspector/ #aws

🔴 Signing URLs in GCP: Convenience vs. Security Why the "iam.serviceAccounts.signBlob" permission can cause trouble in your GCP environment. https://lsgeurope.com/post/signing-urls-in-gcp-convenience-vs-security #gcp

🔶 More on Abusing the Amazon Web Services SSM Agent as a Remote Access Trojan This blog lays out a new potential post-exploitation technique: Abusing AWS Systems Manager (SSM) agent so that it functions as a Remote Access Trojan (RAT) on both Linux and Windows machines, while using an attacker AWS account as a Command and Control (C&C). https://www.mitiga.io/blog/abusing-the-amazon-web-services-ssm-agent-as-a-remote-access-trojan #aws

🔷 Microsoft Entra Workload ID - Introduction and Delegated Permissions Post providing an overview about some aspects and features which are important in delegating management of Workload ID in Microsoft Entra: Who can see and create apps? Why you should avoid assigning owners to service principals or application objects? https://www.cloud-architekt.net/entra-workload-id-introduction-and-delegation #azure

🔶 Automated First-Response in AWS using Sigma and Athena Can Sigma rules provide first-response capabilities in a post-compromised AWS environment? https://invictus-ir.medium.com/automated-first-response-in-aws-using-sigma-and-athena-615940bedc56 #aws

🔶AWS Networking Concepts A mind map to link together all the different networking-related concepts from AWS. https://miparnisariblog.wordpress.com/2023/03/29/aws-networking-concepts/ #aws

DevOops is one of the largest conferences on engineering solutions and DevOps culture in Russia In September, DevOops 2023 will last 4 whole days: 2 days online and 2 days offline.  Speakers will discuss K8s security, Cloud, SRE, DevOps culture and new approaches to secure development. Examples of the talks: → Ivan Buymov and Alexey Sharapov — “One-Cloud vs K8s: Take Off-the-Shelf or Write the Cloud Yourself?” → Anton Chernousov — “Demystifying Serverless: Transforming Development Processes and Culture” → Alexey Kazin — “Toxic Repositories. What Is Happening to Open Source Now?” → Vasilii Kulazhenkov — “Implement DevSecOps within Kubernetes” There are two types of tickets for DevOops 2023: ➡️ For companies: for those who buy tickets for their employees. ➡️ For individuals: for those who participate on their own. The promotional code cloudsec will give a 10% discount on these tickets. Explore the schedule and choose your tickets for DevOops 2023. #advertising

🔶🔷🔴 Hijacking Cloud CI/CD Systems for Fun and Profit This research details a new technique that can be used by threat actors for supply chain attacks on open-source repositories using GCP, Azure and AWS. https://divyanshu-mehta.gitbook.io/researchs/hijacking-cloud-ci-cd-systems-for-fun-and-profit #aws #azure #gcp

🔶 Swiping right on the AWS WAF CAPTCHA challenge Post walking through a methodology for beating the AWS WAF CAPTCHA challenges programmatically. https://onecloudplease.com/blog/swiping-right-on-the-aws-waf-captcha-challenge #aws

🔶 No keys attached: Exploring GitHub-to-AWS keyless authentication flaws While popular, GitHub-to-AWS keyless authentication mechanisms can be insecurely configured. https://securitylabs.datadoghq.com/articles/exploring-github-to-aws-keyless-authentication-flaws/ #aws

🔶 Refuting AWS Chain Attack - Digging Deeper into EKS Zero Day claims An analysis of the findings published by a security researcher last month, claiming to have uncovered zero days in thousands of EKS cluster. https://kloudle.com/blog/refuting-aws-chain-attack-digging-deeper-into-eks-zero-days-claim/ #aws

🔶 How to get rid of AWS access keys - Part 3: Replacing the authentication Post discussing alternative solutions to using access keys. https://www.wiz.io/blog/how-to-get-rid-of-aws-access-keys-part-3 #aws

🔶 Orca Security's journey to a petabyte-scale data lake with Apache Iceberg and AWS Analytics Orca Security shares their experience in building a petabyte-scale data lake using Apache Iceberg and AWS services. https://aws.amazon.com/ru/blogs/big-data/orca-securitys-journey-to-a-petabyte-scale-data-lake-with-apache-iceberg-and-aws-analytics/ #aws