Praetorian identified two GitHub actions that ran on issue comment events and would checkout and run code from an attacker-controlled branch if a specific keyword was included in a pull request comment.
#attack #ci/cd
Identity Protection, and the associated Risky reports, are a quick and easy starting point to check if Microsoft has flagged any risky sign-ins, workloads, or users.
#azure #monitor
Introducing the generally available capability of GitHub Artifact Attestations to secure your cloud-native supply chain packages and images.
#announcement #ci/cd
How an attacker can escalate their privileges in Google Cloud by leveraging weak group join settings for groups that have been granted roles in GCP.
#attack #gcp
๐ The CloudSec Engineer is out now!
The CloudSec Engineer is a practical guide on how to enter, establish yourself, and thrive in the Cloud Security industry as an individual contributor.
You can head over to engineer.cloudsecbooks.com to find more information about the book, its contents, and where to buy it.
How to implement Amazon EKS monitoring and alerting using a custom solution that automates EKS observability capabilities for dynamic performance metrics.
The second of a two-part series where we show you how to respond to a specific incident by using Amazon Security Lake as the primary data source to accelerate incident response workflow.
The benefits of IAM group authentication, its use cases, and how to start using IAM group authentication with Cloud SQL for PostgreSQL and Cloud SQL for MySQL.
Thanks for reading!
If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐