CloudSec Wine

🔴 New to Google SecOps: An Introduction to Native Dashboards An overview of the newly launched dashboarding capabilities within Google SecOps, enabling users to create custom dashboards using statistical search syntax. https://www.googlecloudcommunity.com/gc/Community-Blog/New-to-Google-SecOps-An-Introduction-to-Native-Dashboards/ba-p/856924 #gcp

🔶 Safeguard your generative AI workloads from prompt injections This blog post provides an overview of prompt injection risks in generative AI applications and outlines effective strategies for mitigating these risks on Bedrock. https://aws.amazon.com/ru/blogs/security/safeguard-your-generative-ai-workloads-from-prompt-injections/ (Use VPN to open from Russia) #aws

🔴 Unifying Your Cloud Defenses: Security Command Center & Cloud NGFW Enterprise The article discusses the integration of Google Cloud's Security Command Center (SCC) and Cloud Next Generation Firewall (NGFW), by combining threat detection from NGFW with SCC's automation and response features. https://www.googlecloudcommunity.com/gc/Community-Blog/Unifying-Your-Cloud-Defenses-Security-Command-Center-amp-Cloud/ba-p/843202 #gcp

🔴 Introducing BigQuery metastore, a unified metadata service with Apache Iceberg support BigQuery metastore is a highly scalable runtime metadata service that works with multiple engines, for example, BigQuery, Apache Spark, Apache Hive and Apache Flink, and supports the open Apache Iceberg table format. https://cloud.google.com/blog/products/data-analytics/introducing-bigquery-metastore-fully-managed-metadata-service/ #gcp

👩‍💻 DevOps access is closer than you assume Azure DevOps can be accessed using multiple 1st party client ids, allowing anyone to pivot from a stolen session to access the repositories. https://zolder.io/blog/devops-access-is-closer-than-you-assume/ #azure

👩‍💻 Intune Attack Paths - Part 1 Part 1 of an Intune Attack Paths series, discussing the fundamental components and mechanics of Intune that lead to the emergence of attack paths. https://posts.specterops.io/intune-attack-paths-part-1-4ad1882c1811 #azure

🔴 Securing Grafana on Kubernetes A step-by-step guide to secure a Grafana deployment on Kubernetes using Google Cloud Identity-Aware Proxy (GCP IAP), Gateway API, and Terraform. https://www.vidbregar.com/blog/grafana-gcp-iap #gcp

🔶 Terraform S3 Backend Setup: Skip the Table It is now possible to remove DynamoDB as a dependency, and streamline your S3 backend setup. https://kieranlowe.io/terraform-s3-backend-setup-skip-the-table #aws

👩‍💻 Register Yubikeys on behalf of your users with Microsoft Entra ID FIDO2 provisioning APIs This article explains how to use Microsoft Entra ID FIDO2 Provisioning APIs to register YubiKeys on behalf of users. It covers the process, required permissions, and provides code examples for implementing this functionality in applications. https://janbakker.tech/register-yubikeys-on-behalf-of-your-users-with-microsoft-entra-id-fido2-provisioning-apis/ #azure

🔶 How to bypass honeypots in AWS This post suggests a way to detect and avoid honeypots set up for access key IDs in an AWS environment. https://tejaszarekar.gitbook.io/tejaszarekar #aws

🔶 How to share security telemetry per OU using Amazon Security Lake and AWS Lake Formation How to extract OU structure and account metadata from your organization and use it to securely share Security Lake data on a per-OU basis across your organization. https://aws.amazon.com/ru/blogs/security/how-to-share-security-telemetry-per-ou-using-amazon-security-lake-and-aws-lake-formation/ (Use VPN to open from Russia) #aws

👩‍💻 Hijacking Azure Machine Learning Notebooks (via Storage Accounts) A (now remediated) vulnerability allowed the Reader role on the AML service to gain write access to these Storage Accounts to ultimately get code execution through Jupyter notebooks. https://www.netspi.com/blog/technical-blog/cloud-pentesting/hijacking-azure-machine-learning-notebooks/ #azure

🔶 AWS CodeBuild: Self-Hosted GitHub Action Runners How to set up AWS CodeBuild for GitHub Action Runners, including configuration steps and integration advantages. https://kieranlowe.io/implementing-self-hosted-github-action-runners-using-aws-codebuild #aws

🔶 Implementing Security Invariants in an AWS Management Account Chris Farris discusses the implementation of security invariants within an AWS management account, specifically the payer account where organizational policies do not apply. https://www.chrisfarris.com/post/payer-invariants/ #aws

🔶 Avoiding mistakes with AWS OIDC integration conditions Post exploring some common missteps in securing your AWS OIDC. https://www.wiz.io/blog/avoiding-mistakes-with-aws-oidc-integration-conditions #aws

🔶 The many ways to obtain credentials in AWS Post exploring how AWS services provide IAM credentials, and teaching key risks and detection strategies to secure your cloud environment against credential misuse. https://www.wiz.io/blog/the-many-ways-to-obtain-credentials-in-aws #aws

🔶 From Detection to Enforcement: Migrating from IMDSv1 to IMDSv2 Concrete advice on approaching a migration to IMDSv2. https://securitylabs.datadoghq.com/articles/from_detection_to_enforcement_migrating_from_imdsv1_to_imdsv2/ #aws

🔶 Hat Trick: AWS introduced same RCE vulnerability three times in four years Amazon has introduced the same dependency confusion issue at least on 3 separate occasions when adding new packages to the Neuron SDK registry. https://giraffesecurity.dev/posts/amazon-hat-trick/ #aws

🔴 The dark cloud around GCP service accounts Why does this service account still have access even though I deleted its service account key? https://redcanary.com/blog/threat-detection/gcp-service-accounts/ #gcp

👩‍💻 Escalating privileges to read secrets with Azure Key Vault access policies Azure Key Vault Contributors are not allowed access to Key Vault keys, certificates, and secrets. But did you know they can still gain access to this sensitive data? This post will cover a privilege escalation vector to access data in key vaults using the access policy permissions model. https://securitylabs.datadoghq.com/articles/escalating-privileges-to-read-secrets-with-azure-key-vault-access-policies/ #azure