youtu.be/o7Gbsi0o6Y8?si…

Awesome Security lists for SOC/CERT/CTI github.com/mthcht/awesome…

Cirrus: a command-line tool written in Python to facilitate environment access & evidence collection across Google Cloud & is composed of two scripts: Assistant: automate Google Cloud access setup & cleanup Collector: collect log, configuration & user data github.com/SygniaLabs/Cir…

I teach my teams this simple mantra: measurability == survivability. “Use specific, quantifiable metrics to showcase improvements in security posture and ops efficiency.” Reductions in vulnerability remediation time, decreases in IR costs, and latency too. helpnetsecurity.com/2024/07/24/kar…

I'm excited to be on a panel at the Defcon Blue Team Village on hot topics in security operations with Carson Zimmerman, Enoch Long, and Eric Lippart at 3:00pm Pacific on Saturday in room W310. See you there! #Defcon #BlueTeamVillage #SecurityOperations Hope to see you there!

Looking forward to seeing folks tomorrow at our BTV panel in LVCC W3 10 from 3-4p. With over 80 years of SOC experience, we cut the buzzword bingo & get real. We’ll be discussing topics like how to get value with threat intel beyond IOC matching, and more! cfc.blueteamvillage.org/dc32/talk/XR7H…

The Blue Team Village at #DEFCON32 had lots of defender-focused activities, and the best pool party! 💙 🛡️ Shoutout to Ray [REDACTED], Nicole Beckwith, Dr. Ch33r10, Ryan "Chaps" Chapman, @JamieAntiSocial, @HolisticInfoSec, @BenGoerz and [email protected]. More @DEFCON villages 👇🏽 infosecmap.com/listing/def-co…

Google's Cloud Vulnerability Research team (CVR) presents vulnerabilities in the 3rd party image library Kakadu, outlining challenges external attackers face exploiting vulnerabilities in unknown environments. Simon Scannell Anthony Weems Ezequiel Pereira bughunters.google.com/blog/622075742…

The bad news is there is a vulnerability in the CUPS printer system on Linux. The good news is nobody has ever gotten their printer working on Linux so they are safe.

At Google, we continually evolve security capabilities & practices to make our cloud the most trusted cloud. To help protect from stolen creds, cookie theft & accidental creds loss, announcing general availability of cert-based access in our IAM portfolio. cloud.google.com/blog/products/…

While working with Project Zero, #NickGalloway found an integer overflow in the dav1d AV1 video decoder. He received questions about issue discovery as dav1d is already being fuzzed by oss-fuzz. This is a useful case study in constructing fuzzers 4 effect googleprojectzero.blogspot.com/2024/10/effect…

Our CVR team performed vuln research on GCP’s AI Platform, Vertex AI & considered potential attack scenarios across Google & industry. They discovered unknown vulns that not remediated potentially could have allowed exfil of Gemini 1.0 Pro model Anthony Weems bughunters.google.com/blog/567986357…

While cloud providers can support customers in restoring access to their environments or activate backups, cloud providers generally lack the visibility & access to customer environments needed to perform customer incident response & remediation at scale. cloud.google.com/blog/products/…

Announcing the launch of Google Cloud Vulnerability Reward Program (VRP), dedicated to products & services that are part of Google Cloud. GC VRP focuses on coordinating new vulnerabilities and compensating security researchers. Top award: $101,010. cloud.google.com/blog/products/…

Google's approach to the 7 Secure by Design goals include focus on MFA, default passwords, reducing entire classes of vulnerability, security patches, vulnerability disclosure (VRP), CVEs & evidence of intrusions. Stayed tuned for more re Cloud VRP & CVEs! blog.google/technology/saf…

Big Sleep LLM agent found an exploitable stack buffer underflow in SQLite, the database engine. This is believed to be the first public example of an AI agent finding a previously unknown exploitable memory-safety issue in widely used real-world software. googleprojectzero.blogspot.com/2024/10/from-n…

Mandatory MFA is coming to Google Cloud. We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll out to all users worldwide during 2025. cloud.google.com/blog/products/…

As part of our continued commitment to security & transparency on vulnerabilities found in our products & services, effective today we will be issuing CVEs for critical Google Cloud vulnerabilities, even when we do not require customer action or patching. cloud.google.com/blog/products/…

We're sending a HUGE thank you to our incredible community of bughunters ! 🙏 Your passion for finding vulnerabilities keeps our users safe 🔒 To show our appreciation, we awarded over $380,000 in bounties this week, including the largest reward ever given in Google VRP history!