Join me for FREE, live #AppSec Training for the launch of @Semgrep Academy!

🔒 Building an Application Security Program

May 1: Level 1
Register: ow.ly/AfAS50Rgpiw

May 29: Level 2
Register: ow.ly/caHX50RgpiE

June 20: Level 3
Register: ow.ly/puGP50RgpiC

We recently posted our fantastic lineup of speakers for this year's conference and early-bird tickets are on sale now 🌴

🛡️ Securing millions of developers through 2FA

Mike Hanley on rolling out 2FA to @GitHub users

* 95% 2FA opt-in rate
* 54% increase in adoption among all active contributors
* Automation reduced support burden

See also our chat here: youtube.com/watch?v=s95Puo…

github.blog/2024-04-24-sec…

Excellent post with great tactical tips, and some 🌶️ takes, by rami

😱 An Obscure Actions Workflow Vulnerability in Google’s Flank

Adnan Khan's write-up on finding a vuln in a Google repo that's existed for 3 years

Enjoyed the vuln hunting at scale and making make the exploit/exfiltration stealthy

adnanthekhan.co/2024/04/15/an-…

🔮 The Kubenomicon

A massive list of offensive Kubernetes security techniques and how to defend against them

Includes detailed tactical exploitation (and defense) tips

#cybersecurity

kubenomicon.com

Some excellent advice from my bud rami 👇

💰 Security, Funded #140 from Return on Security is out, together with Subsalt!

returnonsecurity.com/p/security-fun…

🛠️ Shoggoth

An open-source project based on C++ and asmjit library used to encrypt given shellcode, PE, and COFF files polymorphically

Previously presented at Black Hat EU 2022 Arsenal

By Furkan Göksel

github.com/frkngksl/Shogg…

🔬 Resolving Stack Strings with Capstone Disassembler & Unicorn in Python

0verfl0w walks through how on Conti Ransomware

* Identify encryption routines
* Build a 'finder' regular expression
* Use emulation to execute assembly code within Python

0ffset.net/reverse-engine…

🛠️ Armory

Repo of hundreds of free detections across Okta, AWS, endpoint, network, web, and more

By @weareanvilogic

#cybersecurity #blueteam

github.com/anvilogic-forg…

🐳 Abusing search permissions on Docker directories for privilege escalation

How having the search bit set for “other” on /var/lib/docker and child dirs can allow a low privileged user to access other containers & escalate privileges

By WithSecure™

labs.withsecure.com/publications/a…

😈 Backdooring .NET Applications

Walk through of adding a backdoor to an open source CMS that captures and sends valid login credentials to a remote server

Using tools like: ilasm, ildasm, and Dotpeek

starkeblog.com/backdooring/do…

🪣 S3 Bucket Encryption Doesn't Work The Way You Think It Works

Daniel Grzelak on how S3 decryption works more like access control than decryption

“S3 encryption can prevent data exfiltration but is irrelevant after exfiltration.”

blog.plerion.com/s3-bucket-encr…

☠️ GitHub comments abused to push malware via Microsoft repo URLs

When you add a file to a GitHub comment, GitHub uploads it to their CDN in a path that makes it look like it's from the target repo

→ Make malware look like it's from Microsoft, etc.

bleepingcomputer.com/news/security/…

☁️ Matt Slack's Journey Migrating to AWS IMDSv2

With 60,000 EC2 instances across 17 AWS regions, while operating hundreds of AWS accounts

* Determine instances currently using IMDSv1
* Migrate scripts, update Terraform templates
* SCPs
* Alert on IMDSv1 use

slack.engineering/our-journey-mi…

🤖 Azure/Copilot-For-Security

Microsoft Azure has open sourced resources related to Microsoft’s Copilot for Security, including:

* Customer guides
* Logic Apps
* Plugins
* Sample prompts
* Promptbook samples
* Technical workshops

#cybersecurity

github.com/Azure/Copilot-…

📖 NSA Publishes Guidance for Strengthening AI System Security

New 12 page whitepaper by NSA/CSS

'Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems'

#cybersecurity

nsa.gov/Press-Room/Pre…