Securing Service Principals
How Entra ID App Registrations / Enterprise Applications are comonly misconfigured and can be used by attackers to elevate privileges, access sensitive information and move laterally across Azure tenancies.
Showing only posts tagged cloud. Show all posts.
Snotra Kubernetes
Snotra now supports kubernetes!
Pillaging Data from Private AWS Subnets
Exploiting overly permissive VPC endpoints to exfiltrate data from private AWS subnets
Pwnboxes
Simple method to define and build security testing containers in Podman
Pentesting AWS Enviroments
Attacking AWS Accounts from a black box perspective
New AWS Tag Checks
Using Snotra to Check For Sensitive Tags
Azure Monitor - Activity Logging, Resource Logging and Alerts
Making Sense of Logging in Azure with Azure Monitor, Diagnostic Settings and Activity Log Alerts
AWS and GitHub OIDC Cross Account Roles
AWS and overly permissive GitHub OIDC cross-account role trust policies
Cybersecurity Fundamentals for Kubernetes
Blog post about Kubernetes Security Fundementals
Understanding Cloud Configuration Reviews
Blog post about Cloud Configuration Reviews
page 1 | older articles »