Our #CFP for DEF CON ends in 2 days! Hurry up and get them papers in! Form - forms.gle/7594FC8oWBCf1p… Visit cloud-village.org for more details. #hackersummercamp #defcon #dc31

Wanted to give folks a TLDR on this one because 1. Its one of the bigger GCP vulns to come out in a while (h/t Orca Security ) 2. I know most aren't that familiar with GCP and would benefit from a TLDR; 1/8

w00t! Come check us out at the DEF CON Cloud Village, where Terrance DeJesus and I will be sharing a demo tool talk about emulating attacks on #GoogleWorkspace #defcon31 #DetectionEngineering

🪣 BucketLoot An automated bucket scanner for secrets * 30+ unique regexes built-in * Search custom keywords * Perform asset extraction * Compatible with AWS, Google Cloud Storage & DigitalOcean Spaces By Umair #bugbountytips #CloudSecurity github.com/redhuntlabs/Bu…

Had so much fun recording Cloud Security Podcast we talked about learning to hack GCP and some of the common attack paths Ofc always repin RITSEC Club and stay tune to the end for a mandatory shoutout to my mom and the #CeliacsInCyber (which I just made up) youtube.com/watch?v=SqfDFI…

I am excited to announce that I will be presenting at Black Hat and DEF CON with JS0N Haddix and Gunnar Andrews! 💻 Black Hat DEF CON #InfoSec #OffensiveSecurity #OpenSource

Best training ever!!!! Thank you Dirk-jan and Sanne for teaching me all your Azure AD hacking brilliance. My brain feels 10x bigger 🧠 10/10 really recommend this to others

Excellent tool. Be sure to check it out

a new tool released by Justin Ibarra and Terrance DeJesus for simulating attacks against Google Workspace. github.com/elastic/SWAT

For those that missed our DEF CON Cloud Village talk - "What the Function: A Deep Dive into Azure Function App Security" Here is a quick thread of the code/slides/blog that we released over the weekend. 🧵(1/4)

Looks like Command VM got updated recently. github.com/mandiant/comma…

Howdy Folks, It took us a while but we finally got there! :) In case you missed the YouTube notification, our first day's recording for DEF CON 31 is out. Hope you enjoy the interesting research shared by our amazing speakers! Day1 Playlist - youtube.com/playlist?list=… #DEFCON31

Shmoo 🫎Shmoo🫎 Shmoo🫎 Excited to see talks by Hulto Katie Nickels and Dillon Franke Even more hype to see all the homies, especially mentors/mentees

Thrilled to say I’ll be speaking at fwdcloudsec EU this September on new #GCP research covering Service Agent abuse. Hope to see you there!

It’s HAPPENINGGGGGGGG

Fun with Google Cloud's default service accounts (and how to leverage them for offensive purposes) securitylabs.datadoghq.com/articles/googl…

🎥 RECORDED TALK #BlackAlps24 🎥 ⚡⚡⚡ GCP CL-WHY: The Hacker's and the Hero's Guide to the CLI ⚡⚡⚡ by Shannon McHale (Shannon McHale), Senior Red Team Consultant at Google youtu.be/nr4G1ekjrqY #conference #cybersecurity #switzerland

So great to meet you Dylan!!!!!

Take a journey in Administrative Unit Attack Paths! Check out Katie Knowles's #SOCON2025 talk, which starts w/ scoped role assignments for privilege escalation against users & groups and finishes w/ protecting accounts using Restricted Management AUs. 👀: ghst.ly/4ksxiEx

Most companies find out about weaknesses too late. Mandiant (part of Google Cloud) Red Teamers use offensive security to spot and fix vulnerabilities before attackers can exploit them. See how they help organizations stay ahead and learn more: bit.ly/4o3OnGp