permiso.io/blog/exploitin…

Great blog post from Permiso Security on LLMHijacking attacks against AWS Bedrock. I remember when we first started seeing this behavior from threat actors and I couldn't figure out why they would target Bedrock. Well, I guess we have on answer. 🧵 permiso.io/blog/exploitin…

Really looking forward to speaking at BSides Orlando in two weeks!

This is a killer talk! If you have not seen it yet, make some time to watch Nick explain some really cool initial access techniques he found in a super approachable way!

I had such a great time speaking about Cloud Security at Bsides Orlando! I saw some great talks, made some new friends, and got to hang with old ones. A huge thank you to all of the volunteers that made this epic event possible!

How it feels to be on the other side… #Bluesky

Registration for the 2024 CNY Hackathon is now open! …thon-2024-registration.eventbrite.com

Excited to share some research I've been working on for the past few months, based on real-world data from thousands of environments using AWS, Azure and Google Cloud! datadoghq.com/state-of-cloud…

Mine & Sabi's #MaLDAPtive presentation from DEF CON is now posted on YouTube! LDAP obfuscation, deobfuscation & detection - all built on our 100% custom LDAP parser. Recording: youtube.com/watch?v=mKRS5I… Tool: github.com/MaLDAPtive/Inv… Permiso Security #LDAP #ClippyGotJokes

☁️ State of Cloud Security 2024 update of @Datadog’s report analyzing security posture data from a sample of thousands of orgs across AWS, Azure, and Google Cloud • Long-lived credentials continue to be a major risk. • Adoption of public access blocks in cloud storage

🔗In this article we talk about how I exploited a Fortune 500 Through Hidden Supply Chain Links Link 👇 landh.tech/blog/20241028-… Thanks to the entire HashiCorp team ! 🤟 Enjoy 🔥

Fun with Google Cloud's default service accounts (and how to leverage them for offensive purposes) securitylabs.datadoghq.com/articles/googl…

What. The.

Excellent research here from Seth Art and crew - including responsible disclosure, AWS hardening enhancement, detection guidance, etc. 🤔 I did report a name confusion in SSM Documents impacting Datadog right before this was found... 😜

The prior name confusion issue: ramimac.me/poisoning-ssm-…

whoAMI research by DataDog. I immediately thought about all the user-data scripts that me be attached to those launched EC2 instance images 🥶 Kudos to Seth Art for the discovery, research, and tool! #aws #cloudsecurity securitylabs.datadoghq.com/articles/whoam…

whoAMI attacks give hackers code execution on Amazon EC2 instances - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

📣 Issue 84 is out. Highlights: - Amazon Inspector enhances the security engine for container images scanning. - AWS CloudTrail network activity events for VPC endpoints now generally available. - whoAMI: A cloud image name confusion attack by Seth Art. - Uncovering a Hidden