This week's articles
Cloud Security Table Top Exercises
#aws, #monitor, #defend
Really interesting table top exercises designed to start a conversation. Although they are focused towards AWS and not all of them will be applicable to every environment, I highly recommend to try them with your monitoring team.
SLSA: The Source of the problem
#attack, #ci/cd, #defend, #supply-chain
A well-written article on software supply chain security, covering: SLSA, different strategies for attacking Source Code Management (SCM), and attack trees.
The Many Ways to Access RDS
#aws, #explain, #iam
An overview of RDS access management capabilities along with examples using Terraform.
A Deep Dive on AWS KMS Key Access and AWS Key Grants
#aws, #explain, #iam
A deep dive on KMS Key Access via KMS Key Grants and best practices with KMS Key Grants. Access via KMS Key Grants can be a forgotten means of allowing unauthorized applications, users, and other undesired access to use and manage KMS Keys.
Token tactics: How to prevent, detect, and respond to cloud token theft
#attack, #azure
As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft for this purpose.
Abusing tcp tunneling in Azure Bastion
#attack, #azure
How Azure Bastion Native Client support works, and how an adversary could abuse this feature to perform attacks against Azure VMs over private IP addresses, without having direct network connectivity to the VM.
Getting Started With Ephemeral Containers
#explain, #kubernetes
If you're following the latest news on Kubernetes, you probably would have heard about Ephemeral Containers. Not sure? This blog post sheds some light on this new feature soon to be stable in Kubernetes v1.25.
|