How a simple web-app assessment lead to complete #AKS cluster and #Azure subscription takeover 🤯 🧵👇 #ContainerImage #ContainerRegistry #Container #Docker #AzureKubernetesService #Kubernetes #KubernetesSecurity #k8s #bugbounty #bugbountytips #bugbountytip #DevSecOps #CICD

I know a lot of excellent people are looking for jobs right now. We have several openings at Red Canary, a Zscaler company, including my peer, Senior Director of Detection Engineering, and a Threat Hunter on a team I lead. I hope you'll consider applying or sharing. redcanary.com/job-openings/

Jonathan Gonzalez 📡🛸 Yes, we have Senior and Principal Threat Hunter roles open! redcanary.com/job-openings/

VMW Carbon Black TAU discovered 34 unique vulnerable WDF/WDM drivers (237 file hashes), including ones made by major chip/BIOS/PC makers. By exploiting the drivers, an attacker without privilege may erase/alter firmware, and/or elevate OS privileges. blogs.vmware.com/security/2023/…

Its fascinating that companies are willing to give you free access to a GPT model on their cooking websites. GPUs everywhere are weeping. Shipping production GenAI software with security in mind is such a fascinating topic these days.

Happy Friday! We just opened a role for a Senior Manager on our Intelligence Team - this role reports directly to me. We're looking for a strong people manager with a threat intelligence background. US-based only. jobs.lever.co/redcanary/19b9…

To the cloud! The Detection Series returns as cloud security experts from Lacework, ATT&CK, and @RedCanary explore how adversaries compromise and navigate their way through Azure and Amazon Web Services (AWS) cloud systems. redcanary.com/resources/webi…

This Wednesday - join some smart peeps to learn more about common AWS and Azure techniques! Spoiler alert: yes, T1078.004: Cloud Accounts will make an appearance. 😀 redcanary.com/resources/webi…

Amazon has an overwhelming number of interconnected security and identity products for AWS. A handful of us at Red Canary, a Zscaler company tried to make sense of the madness by writing a visibility and observability guide with collection tips for logging and detection. redcanary.com/resources/guid…

This is interesting research that's worth reading. I'd encourage readers to also consider what's NOT here - these groups didn't use LLMs to make new malware or find zero-days. They used them to help research and write scripts. I'm not panicking about this...

Can GenAI improve security operations? Our GenAI lead Jimmy Astle examines the foundations of GenAI success and how we at Red Canary use GenAI in our security operations workflows. redcanary.com/blog/genai-sec…

Great news, everyone! Red Canary, a Zscaler company's 2024 Threat Detection Report is officially live! I've read it three times, and it's our best yet. Every section is worth your time, but I'm going to post my personal highlights in the thread. redcanary.com/threat-detecti…

An important question looms in the infosec conversation about AI: Will generative AI tools better benefit defenders or adversaries? Lifted from the trends section of our 2024 Threat Detection Report, here’s how we score the fight redcanary.com/threat-detecti…

.Senator Scott Wiener continues to falsely claim narrow opposition to SB 1047. When in reality there is massive public outcry across research, academic, public and private business and finance. Here is a mega roundup of recent announcements that fully debunk the Senator's claims 🧵

We analyzed Red Canary, a Zscaler company detection data from the first half of 2024 to produce a Threat Detection Report midyear update focusing on a trend (identities) and a few emergent threats and techniques. Useful insight for everyone from the SOC to the CISO's office: redcanary.com/threat-detecti…

Absolutely killer research by Matt Graeber on the Red Canary, a Zscaler company blog this week about compromising (and defending) Azure OpenAI resources. redcanary.com/blog/threat-de…