Hats off to researchers at Unit 42 for sharing a detailed write-up of two real-world cloud attacks they witnessed in AWS and GCP. unit42.paloaltonetworks.com/compromised-cl… I encourage other companies to follow their lead!

If you are running a public facing jupyter notebook, especially in AWS, heads up: permiso.io/blog/s/christm…

A good example of threat lists in CI/CD: storage.googleapis.com/prd-engineerin… This 👆 is part of the worth-reading article: engineering.mercari.com/en/blog/entry/… by Mercari Developers

This will be a little chaotic. Different IAM privileges depending on when your account was created and they are retiring some privileges.

This was cool to read :) Thanks Pawel Rzepa ! rzepsky.medium.com/aws-and-hacker…

📜 Trying to get better at putting out rougher work! To that end, I'm starting to externalize some of my internal knowledge hub - starting with an enumeration of Lambda risks. Let me know what I'm missing! ramimac.github.io/wiki/lambda-ri…

Found a cool CloudFormation StackSet feature that didn't get an announcement blogpost (yet?): At this point it still seems very limited, but hopefully it will get more features over time docs.aws.amazon.com/AWSCloudFormat…

My talk "What I Wish I Knew Before Pentesting AWS Environments" for SANS Pen Test Hackfest 2022 is now on YouTube! Check it out if you're interested in learning more ways to attack AWS environments. youtube.com/watch?v=jq8SAF…

New cloud security research! We found a method to bypass CloudTrail logging for both read AND write API actions in AWS Service Catalog! In addition, we also reported an issue with a lack of CloudTrail logging in AWS Control Tower. securitylabs.datadoghq.com/articles/bypas…

Interesting real-life cyber attack with a good kill chain analysis. It uncovers the all-too-common mistakes that lead to data theft, including hardcoded secrets and overlooked least privilege principles. Worth reading article 👇

I hacked into a @Bing CMS that allowed me to alter search results and take over millions of Office 365 accounts. How did I do it? Well, it all started with a simple click in Microsoft Azure… 👀 This is the story of #BingBang 🧵⬇️

#CodeQL zero to hero part 1: the fundamentals of #static #analysis for #vulnerability #research github.blog/2023-03-31-cod…

This is an excellent writeup by Sylwia Budzynska on the fundamentals of static analysis, especially the practical graph theory background of the tools. It's important to understand how they work! github.blog/2023-03-31-cod…

In addition to the SCP validator (aka linter), AWS also put together a collection of SCPs github.com/aws-samples/se… and has a re:Inforce video from the author of that repo, Swara Gandhi youtube.com/watch?v=KFphCn…

Today we share our Alibaba Cloud research for the first time, where we gained unauthorized access to other customers' databases in two different services 🚨 This complex research involved RCE, PE, Container escape, K8s lateral movement, and supply chain attack. Check it out 🧵

Think you are an AWS IAM expert? 🤖 Put on your attacker hat and play our new CTF: The Big IAM Challenge! 🎉 wiz.io/blog/the-big-i…

Thank you everyone who attended my talk fwd:cloudsec! The slides are here: frichetten.com/fwdcloudsec-20…

Nick Frichette Dirk-jan Dr. Nestori Syynimaa Sean Metcalf Karl Ryan Andy Robbins Steve Borosh Melvin langvik

AWS CloudShell got container functionality this week. This felt like an opportunity to do a deep(-ish) dive into how CloudShell works under the hood. I extracted some containers and listed some roles. I remembered that I suck at non-sequence diagrams. awsteele.com/blog/2024/01/1…

Denial of wallet attacks are a very real thing 😬I think the official solution to this is to front your S3 bucket with CloudFront. medium.com/@maciej.pocwie…