Telegram-канал "cloudsec" — @cloud_sec

cloudsec

31 Oct 2022, 09:00

🔶 AWS Security Groups Guide

Knowing how security groups & NACLs work together is extremely important for controlling network traffic to your instances & subnets.

https://sysdig.com/blog/aws-security-groups-guide

(Use VPN if you can’t open it)

#aws

201 1 7 1

cloudsec

28 Oct 2022, 09:50

🔶🔷 Enrich AWS account data in Microsoft Sentinel

As organisations are integrating Amazon Web Services data sources with Microsoft Sentinel, many are facing a common problem: how to identify AWS resources and handle contextual data such as AWS account information for alerts and incidents?

https://secopslab.fi/2022-10-microsoftsentinel-awswatchlist

#aws #azure

339 0 2 1

cloudsec

27 Oct 2022, 09:06

🔶 How to list all resources in your AWS account

You may have been there before: you got access to an AWS account and just want to list which resources are configured in it. The seemingly simple task of listing all resources quickly turns out to be complicated.

https://awstip.com/how-to-list-all-resources-in-your-aws-account-c3f18061f71b

#aws

612 1 12 1

cloudsec

26 Oct 2022, 11:00

Для безопасной работы над совместным проектом важно уметь управлять полномочиями и правами доступа. Этой теме посвящён наш вебинар «Тонкости управления пользователями и доступом в облачном окружении». На примере Yandex Identity and Access Management — сервиса идентификации и контроля доступа — мы расскажем, как выстроить процессы так, чтобы все операции над ресурсами выполнялись только пользователями с необходимыми правами.

На встрече мы разберём различные сценарии работы, важные технические особенности сервиса IAM и затронем следующие темы:

• рекомендации по выстраиванию ресурсной модели;
• возможности ролевой модели;
• привилегированные пользователи и безопасность их учётных записей;
• работа с группами пользователей;
• события безопасности, связанные с управлением пользователями и группами.

Вебинар будет полезен архитекторам, разработчикам, специалистам по безопасности уровня middle+.

Зарегистрироваться на вебинар ➡️

404 0 1 1

cloudsec

26 Oct 2022, 10:00

🔷 Untangling Azure Active Directory Principals & Access Permissions

Post untangling the question of 'who has access to what' in an Azure Active Directory environment. A PowerShell tool was also released to automatically enumerate this.

https://csandker.io/2022/10/19/Untangling-Azure-Permissions.html

#azure

376 0 5 3

cloudsec

25 Oct 2022, 09:00

🔶 The Danger of Falling to System Role in AWS SDK Client

Writeup of a vulnerability identified in a web application that was using the AWS SDK for Go (v1) to implement an "Import Data From S3" functionality.

https://blog.doyensec.com/2022/10/18/cloudsectidbit-dataimport.html

#aws

379 0 3 1

cloudsec

24 Oct 2022, 09:00

🔷 FabriXss: How We Managed to Abuse a Custom Role User Using CSTI and Stored XSS in Azure Fabric Explorer

The Orca Research Pod has discovered FabriXss a vulnerability in Azure Service Fabric Explorer that allows attackers to gain full Administrator permissions.

https://orca.security/resources/blog/fabrixss-vulnerability-azure-fabric-explorer

#azure

407 0 1 1

cloudsec

21 Oct 2022, 09:47

🔶 tuladhar/cleanup-aws-access-keys

A cloud security tool to search and clean up unused AWS access keys, written in Go, by Puru Tuladhar.

https://github.com/tuladhar/cleanup-aws-access-keys

#aws

553 0 4 2

cloudsec

20 Oct 2022, 09:01

🔶 You should have lots of AWS accounts

Lots of AWS accounts working together in harmony will net you a more secure, more reliable, and more compliant cloud infrastructure.

https://src-bin.com/you-should-have-lots-of-aws-accounts

#aws

Source & Binary / You should have lots of AWS accounts

An article about AWS and Substrate

530 0 4 1

cloudsec

19 Oct 2022, 09:00

🔶 Lateral movement risks in the cloud and how to prevent them - Part 1: the network layer (VPC)

Post introducing lateral movement as it pertains to VPCs. It discusses attacker TTPs, and outlines best practices for security practitioners and cloud builders to help secure their cloud environment and reduce risk.

https://www.wiz.io/blog/lateral-movement-risks-in-the-cloud-and-how-to-prevent-them-part-1-the-network-layer

#aws

518 0 9 2

cloudsec

29 Aug 2022, 09:03

🔷Hunt for compromised Azure subscriptions using Microsoft Defender for Cloud Apps

How Microsoft Defender for Cloud Apps data can help hunt and mitigate the risk of compromised subscriptions.

https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/hunt-for-compromised-azure-subscriptions-using-microsoft/ba-p/3607121

#azure

Hunt for compromised Azure subscriptions using Microsoft Defender for Cloud Apps

In our present threat landscape, attackers are constantly trying to compromise organizations, each with their own set of motives. They may want to compromise accounts credentials to later sell, utilize compromised users to spread phishing campaigns, or even utilize the computing resources of the org...

270 1 2 1

cloudsec

26 Aug 2022, 09:00

🔶How to detect suspicious activity in your AWS account by using private decoy resources

AWS’s Maitreya Ranganath and Mark Keating describe how you can create low-cost private decoy AWS resources in your AWS accounts and configure them to generate alerts when they are accessed.

https://aws.amazon.com/ru/blogs/security/how-to-detect-suspicious-activity-in-your-aws-account-by-using-private-decoy-resources

#aws

355 0 9 2

cloudsec

25 Aug 2022, 16:06

Специальный выпуск Monthly Cloud News, посвященный информационной безопасности в облаке

В беседе Антона Черноусова с Алексеем Миртовым и Евгением Сидоровым окунемся в вопросы терзающие безопасников и разработчиков, ведущих проекты в облаке.

Темы августовского выпуска:

🔹 IT-сотрудники хотят в облака
🔹 Лучше ли безопаснику в облаке?
🔹 Обсудим топ-рисков ИБ в облаках
🔹 Утечки статических Сredentials
🔹 DevSecOps как симбиоз полезных практик для разработки
🔹 Audit Trails и все все все...
🔹 Повышение культуры разработки через обучение ИБ

Регистрируйтесь!

#advertising

406 0 4 6

cloudsec

25 Aug 2022, 09:00

🔶How to setup geofencing and IP allow-list for Cognito user pool

AWS announced a new feature this week that lets you enable WAF protection for Cognito user pools. And one of the things you can do with this is to implement geo-fencing and IP allow/deny lists.

https://theburningmonk.com/2022/08/how-to-setup-geofencing-and-ip-allow-list-for-cognito-user-pool

#aws

How to setup geofencing and IP allow-list for Cognito user pool | theburningmonk.com

Learn to build production-ready serverless applications on AWS

363 0 0 1

cloudsec

24 Aug 2022, 10:23

🔶Three Guardrails for AWS Lambda

Three guardrails you can put in place around that Lambda code: code signing, function versions and aliases, and Amazon CodeGuru Reviewer.

https://blog.symops.com/2022/08/17/lambda-guardrails

#aws

Three Guardrails for AWS Lambda

While most articles about Lambda security focus on the actual Lambda code, it’s worth looking at the guardrails you can put in place around that code. In this article, I’ll go over three practices that should be considered table stakes.

386 0 1 2

cloudsec

23 Aug 2022, 09:22

🔴 GCP: Monitor IAM role assignments via Log Alerts in GCP

How to create Log alerts in GCP to track specific IAM role assignments.

https://medium.com/google-cloud/audit-iam-role-assignments-in-gcp-through-log-alerts-3bcdf3d7a504

#gcp

GCP: Monitor IAM role assignments via Log Alerts in GCP

GCP IAM enables Organization and Project administrators to manage role based access to users on specific resources. Typically enterprises…

403 0 3 1

cloudsec

22 Aug 2022, 09:14

🔷Automating Insecurity In Azure

Slides of the homonym talk at cloudvillage_dc (on Twitter).

https://notpayloads.blob.core.windows.net/slides/DC-AzureAutomationAccounts.pdf

#azure

435 0 1 2

cloudsec

19 Aug 2022, 08:59

🔶awslabs/assisted-log-enabler-for-aws

Assisted Log Enabler for AWS is for customers who do not have logging turned on for various services, and lack knowledge of best practices and/or how to turn them on.

https://github.com/awslabs/assisted-log-enabler-for-aws

#aws

GitHub - awslabs/assisted-log-enabler-for-aws: Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.

Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on. - GitHub - awslabs/assisted-log-enabler-for-aws: Assisted Log Enabler for AWS - Find AWS resources that a...

587 0 3 2

cloudsec

18 Aug 2022, 09:52

🔶Granted Approvals - an Open Source Permission Management Framework

"We’ve designed Approvals so that it only has the ability to assign roles to existing users, rather than create new roles or new users. By design, the blast radius of Granted Approvals being compromised is that existing users in your directory could be granted access to roles, rather than external users being created. Better yet — Approvals is deployed as a serverless application which runs in your own AWS account, so Common Fate won’t have access to any data in your Granted Approvals deployment."

https://commonfate.io/blog/granted-approvals-release

#aws

Granted Approvals - an Open Source Permission Management Framework - Common Fate Blog

An open source privileged access management framework which makes requesting access a breeze.

550 0 6 3

cloudsec

17 Aug 2022, 08:57

🔶 How to manage Route53 hosted zones in a multi-account environment

How to manage Route53 hosted zones in a multi-account environment so each account has full authority over its subdomain.

https://theburningmonk.com/2021/05/how-to-manage-route53-hosted-zones-in-a-multi-account-environment

#aws

How to manage Route53 hosted zones in a multi-account environment | theburningmonk.com

Learn to build production-ready serverless applications on AWS

483 0 8 1

cloudsec

Гео и язык канала

Категория

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

cloudsec

72

Язык сайта

cloudsec

Гео и язык канала

Категория

72