Release Date: 06/07/2025 | Issue: 295
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Stop breaches before they start - with Intruder

Your tech stack’s evolving fast. Can your security keep up? Intruder helps you find and focus on the vulnerabilities that pose the biggest risk to your business. From cloud to apps to infrastructure, get continuous monitoring, smart prioritization, and full visibility into your attack surface. One powerful platform. Top-rated user experience. Built for busy teams.

Start your free trial

This week's articles


Rolling Out Santa Without Freezing Productivity: Tips from Securing Figma's Fleet
Here's how Figma scaled Santa, an open-source binary authorization tool, across all their laptops to boost endpoint security while keeping workflows seamless.   #defend   #process   #strategy


How I Scanned all of GitHub's Oops Commits for Leaked Secrets
A researcher scanned every force push event since 2020 and uncovered secrets worth $25k in bug bounties.   #attack   #ci/cd


Hijacking Amazon EventBridge for launching Cross-Account attacks
Learn how AWS EventBridge cross-account configurations can create security risks and discover practical guidance to protect your serverless architecture.   #attack   #aws


Requesting Entra ID Tokens with Entra ID SSO Cookies
How to use a browser SSO cookie to request Entra ID OAuth tokens and enumerate a target tenant. This technique is useful when a device is not joined to an Entra ID tenant.   #attack   #azure   #iam


Azure's Role Roulette: How Over-Privileged Roles and API Vulnerabilities Expose Enterprise Networks
Several Azure built-in roles are misconfigured to be over-privileged - they grant more permissions than intended by Azure.   #attack   #azure   #iam


Azure Machine Learning Escalation: When Pipelines Go Off the Rails
Orca uncovers a privilege escalation risk in Azure Machine Learning pipelines that could allow attackers to run code and access sensitive data.   #attack   #azure


Extracting Sensitive Information from Azure Load Testing
The blog discusses techniques for extracting sensitive information from the Azure Load Testing service, which supports Managed Identities for accessing Key Vault entries.   #attack   #azure


When Backups Open Backdoors: Accessing Sensitive Cloud Data via "Synology Active Backup for Microsoft 365"
A leaked credential allowed anyone unauthorized access to all Microsoft tenants of organizations that use Synology's "Active Backup for Microsoft 365" (ABM).   #attack   #azure

Tools


GitPhish
A GitHub Device Code Flow Security Assessment Tool.


Entra ID First Party Apps & Scope Browser
Browse and explore first-party applications including their pre-consented permissions in Microsoft Entra ID.


route-detect
Find authentication (authn) and authorization (authz) security bugs in web application routes.


wstunnel
Tunnel all your traffic over Websocket or HTTP2.


firecrawl
Turn entire websites into LLM-ready markdown or structured data.

From the cloud providers


#AWS   Remote access to AWS: A guide for hybrid workforces
This post is designed to help you decide which remote access approach is best for your use-case.


#AWS   AWS Certificate Manager now supports exporting public certificates
How to automate the export and distribution of public exportable certificates across a diverse infrastructure.


#GCP   Just say no: Build defense in depth with IAM Deny and Org Policies
IAM Deny allows you to explicitly define which actions principals can not take, regardless of the roles they have been assigned.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! πŸ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
Β© 2019-present CloudSecList Β· Marco Lancini