עצות לעזרה למשפחות שכולות (אני מבינה בצבאיות בעיקר)- צריך משמרות לספק להן 3 ארוחות ביום לפחות עד השלושים (מסודר עם טבלה), מכבסה שתתנדב לבוא לקחת ולהחזיק נקי כל יום, מומלץ להגביל את שעות השבעה ולפרסם אחרת יבואו גם בחצות (כי עמישראל רוצה לחבק וזה מדהים)>>

Recently I discovered a one-click account takeover vulnerability (now fixed!) in the AWS Managed Apache Airflow service that allowed full takeover of a victim’s web management panel of the Airflow instance and also revealed a broader problem. This is the story of #FlowFixation🧵

Tenable Research discovered a one-click account takeover vulnerability in the #AWS Managed Workflows Apache Airflow (#MWAA) service that could have allowed full takeover of a victim’s web management panel of the Airflow instance. spr.ly/6011kNmTl

This restaurant has a cat. That automatically makes it better than any restaurant that doesn’t have a cat. I don’t make the rules.

First up we have "Intercloud Identities: The Risks and Mitigations of Access Between Cloud Providers" from Noam Dahan and Ari Eitan. This is sure to be an exciting dive into identity risks.

"One Click, Six Services: Abusing The Dangerous Multi-service Orchestration Pattern" by Liv Matan. I'm a sucker for undocumented or hidden APIs and this is definitely going to be interesting!

Opening presentation at fwd:cloudsec with Noam Dahan #fwdcloudsec

Shodan for AWS is here!! You know those side projects you never finish? Well I started this one in October 2021 and it's finally finished. Well it won't ever be done, but it's available for anyone to use. Enter an account ID into awseye.com and see what it can find

ללייבה יש באנגר אז הוא מצייץ אותו בכללי ולא בקהילה. תודה על הכל, הקהילה הזאת גמורה.