ru
Feedback
CloudSec Wine

CloudSec Wine

Открыть в Telegram

All about cloud security Contacts: @AMark0f @dvyakimov About DevSecOps: @sec_devops

Больше
2 238
Подписчики
Нет данных24 часа
+117 дней
+1430 день
Архив постов
🔷 Public preview: Confidential containers on Azure Kubernetes Service (AKS) AKS now lets you run individual pods in their ow
🔷 Public preview: Confidential containers on Azure Kubernetes Service (AKS) AKS now lets you run individual pods in their own trusted execution environment (TEE). https://techcommunity.microsoft.com/t5/apps-on-azure-blog/public-preview-confidential-containers-on-aks/ba-p/3980871 #azure

🔶 Lambda Extensions: Exploring Misuse Scenarios and Stratus Red Team Module Development Post analyzing a well-known attack v
🔶 Lambda Extensions: Exploring Misuse Scenarios and Stratus Red Team Module Development Post analyzing a well-known attack vector and then showing how to build a module for Stratus Red Team, a self-contained binary we can use to detonate offensive attack techniques against a live cloud environment easily. https://awstip.com/lambda-extensions-exploring-misuse-scenarios-and-stratus-red-team-module-development-b63c5a73491a (Use VPN to open from Russia) #aws

🔶🔷🔴 State of Cloud Security Datadog analyzed data from thousands of organizations to understand the latest trends in cloud
🔶🔷🔴 State of Cloud Security Datadog analyzed data from thousands of organizations to understand the latest trends in cloud security posture. https://www.datadoghq.com/state-of-cloud-security/ #aws #azure #gcp

🔷 Mistaken Identity: Extracting Managed Identity Credentials from Azure Function Apps The article discusses a security vulne
🔷 Mistaken Identity: Extracting Managed Identity Credentials from Azure Function Apps The article discusses a security vulnerability in Azure Function Apps, where Linux containers use an encrypted startup context file that can be decrypted to expose sensitive data, including Managed Identity certificates. https://www.netspi.com/blog/technical/cloud-penetration-testing/mistaken-identity-azure-function-apps #azure

🔴 Introducing Advanced Vulnerability Insights for GKE Artifact Analysis in partnership with Google Kubernetes Engine has int
🔴 Introducing Advanced Vulnerability Insights for GKE Artifact Analysis in partnership with Google Kubernetes Engine has introduced a new vulnerability scanning offering called Advanced Vulnerability Insights. https://cloud.google.com/blog/products/identity-security/introducing-advanced-vulnerability-insights-for-gke #gcp

🔶 How to create an AMI hardening pipeline and automate updates to your ECS instance fleet How to create a workflow to enhanc
🔶 How to create an AMI hardening pipeline and automate updates to your ECS instance fleet How to create a workflow to enhance Amazon ECS-optimized AMIs by using the CIS Docker Benchmark and automatically updating your EC2 instances in your ECS cluster with the newly created AMIs. https://aws.amazon.com/ru/blogs/security/how-to-create-an-ami-hardening-pipeline-and-automate-updates-to-your-ecs-instance-fleet/ #aws

🔷 The Triforce of Initial Access The article emphasizes that the success of Red Teaming often hinges on the quality of infor
🔷 The Triforce of Initial Access The article emphasizes that the success of Red Teaming often hinges on the quality of information (loot) gathered and the effectiveness of the tools used, such as Evilginx, ROADtools, and TeamFiltration, complemented by the Bobber script. https://trustedsec.com/blog/the-triforce-of-initial-access #azure

🔷 Spoofing Microsoft Entra ID Verified Publisher Status It was possible to manipulate the consenting process of a legitimate
🔷 Spoofing Microsoft Entra ID Verified Publisher Status It was possible to manipulate the consenting process of a legitimate verified publisher application to implant malicious unverified applications within a Microsoft Entra ID tenant. https://www.secureworks.com/research/spoofing-microsoft-entra-id-verified-publisher-status #azure

🔷 Weather Forecast: Money Is Going to Rain from the Cloud SafeBreach researchers discovered and exploited a billing flaw in
🔷 Weather Forecast: Money Is Going to Rain from the Cloud SafeBreach researchers discovered and exploited a billing flaw in Azure Automation Service, enabling free, hidden, and unstoppable cryptocurrency mining using Python scripts and Runbooks. https://www.safebreach.com/blog/cryptocurrency-miner-microsoft-azure #azure

🔶 Announcing the EKS Cluster Games Wiz released "The EKS Cluster Games", a cloud security Capture The Flag (CTF) event. The
🔶 Announcing the EKS Cluster Games Wiz released "The EKS Cluster Games", a cloud security Capture The Flag (CTF) event. The mission? To identify and learn about common Amazon EKS security issues. https://www.wiz.io/blog/announcing-the-eks-cluster-games #aws

🔶🔴 ApatchMe - Authenticated Stored XSS Vulnerability in AWS and GCP Apache Airflow Services Unpatched Apache Airflow instan
+1
🔶🔴 ApatchMe - Authenticated Stored XSS Vulnerability in AWS and GCP Apache Airflow Services Unpatched Apache Airflow instances used in AWS and GCP allow an exploitable stored XSS through the task instance details page. https://www.tenable.com/blog/apatchme-authenticated-stored-xss-vulnerability-in-aws-and-gcp-apache-airflow-services (Use VPN to open from Russia) #aws #gcp

🔴 Migrating to Google Workspace: Solving Email Routing Challenges My firsthand experience with migrating from Cloudflare Ema
🔴 Migrating to Google Workspace: Solving Email Routing Challenges My firsthand experience with migrating from Cloudflare Email Routing to Google Workspace. https://blog.marcolancini.it/2023/blog-migrate-to-google-workspace/ #gcp

🔶 The deputy is confused about AWS Security Hub The article highlights a potential issue with AWS Security Hub where incorre
🔶 The deputy is confused about AWS Security Hub The article highlights a potential issue with AWS Security Hub where incorrect AWS account IDs could lead to cross-tenant data pollution, potentially allowing an attacker to pollute someone else's Security Hub. https://blog.plerion.com/the-deputy-is-confused-about-aws-security-hub/ #aws

🔶 CloudKeys in the Air: Tracking Malicious Operations of Exposed IAM Keys PaloAlto analyzes an attack path starting with Git
🔶 CloudKeys in the Air: Tracking Malicious Operations of Exposed IAM Keys PaloAlto analyzes an attack path starting with GitHub IAM exposure and leading to creation of AWS Elastic Compute instances, which TAs used to perform cryptojacking. https://unit42.paloaltonetworks.com/malicious-operations-of-exposed-iam-keys-cryptojacking/ #aws

🔶 AWS Network Firewall egress filtering can be easily bypassed If you are thinking of or are already using AWS Network Firew
🔶 AWS Network Firewall egress filtering can be easily bypassed If you are thinking of or are already using AWS Network Firewall to control and filter egress traffic to only allow connections to approved destination sites, you need to read this post, as it may not work as you have thought. https://canglad.com/blog/2023/aws-network-firewall-egress-filtering-can-be-easily-bypassed/ #aws

🔴 Detect transitive access to sensitive Google Cloud resources If a user can successfully authenticate as a service account,
🔴 Detect transitive access to sensitive Google Cloud resources If a user can successfully authenticate as a service account, they gain access to all the IAM permissions associated with that account. https://p0.dev/blog/transitive-access-gcp #gcp

🔶 Fargate and Cribl (Stream): How We Got It Working The article discusses deploying Cribl using AWS Fargate to manage log da
🔶 Fargate and Cribl (Stream): How We Got It Working The article discusses deploying Cribl using AWS Fargate to manage log data more effectively, outlining an approach to setting up this infrastructure. https://floqast.com/engineering-blog/post/fargate-and-cribl-stream-how-we-got-it-working/ #aws

🔶 Securing attacks targeted at user or kernel level for customer X with KubeArmor & AWS Bottlerock The article outlines how
🔶 Securing attacks targeted at user or kernel level for customer X with KubeArmor & AWS Bottlerock The article outlines how KubeArmor and AWS Bottlerocket enhance security in Kubernetes deployments. KubeArmor aids in blocking unwanted binaries and applying granular controls at the container level, while AWS Bottlerocket fortifies host and worker nodes. https://www.cncf.io/blog/2023/10/26/securing-attacks-targeted-at-user-or-kernel-level-for-customer-x-with-kubearmor-aws-bottlerocket/ #aws

🔷 Exploring the Dark Side of Package Files and Storage Account Abuse How attackers can abuse the Storage Account's connectio
🔷 Exploring the Dark Side of Package Files and Storage Account Abuse How attackers can abuse the Storage Account's connection string to gain unauthorized access to the Function Apps. https://3xpl01tc0d3r.blogspot.com/2023/10/exploring-dark-side-of-package-files.html #azure

🔴 Cloud CISO Perspectives: How boards can help cyber-crisis communications Google Cloud CISO Phil Venables talks about the i
🔴 Cloud CISO Perspectives: How boards can help cyber-crisis communications Google Cloud CISO Phil Venables talks about the important (and often undervalued) organizational skill of crisis communications. https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-how-boards-can-help-cyber-crisis-communications/ #gcp