This week's articles
Top10 CI/CD Security Risks
A document which helps defenders identify focus areas for securing their CI/CD ecosystem. It is the result of extensive research into attack vectors associated with CI/CD, and the analysis of high profile breaches and security flaws.
A simple Lambda that monitors your CloudTrail log files to find manual actions taken in your accounts.
Abusing Azure Hybrid Workers for Privilege Escalation
Azure Hybrid Workers can be configured to use Automation Account "Run as" accounts, which can expose the credentials to anyone with local administrator access to the Hybrid Worker. Since "Run as" accounts are typically subscription contributors, this can lead to privilege escalation from multiple Azure Role-Based Access Control (RBAC) roles.