Upwind Security’s Post

Amazing course on IAM PrivEsc from Cybr had a blast and a half doing these labs/challenges, in fact I enjoyed it so much, I did this course 3X (on top of new, plan on re-doing lessons to solidify all techniques/concepts). Here's a write-up of the first challenge: Secrets Unleashed. https://lnkd.in/e2TAd8Nr The 2 challenges were a great cumulation of exploiting multiple exploits to grant ourselves higher privs and ultimately, access items we normally should not be allowed to. Major shout-out to Christophe Limpalair Cybr for incredibly amazing customer service/content/platform and absolutely recommend subscribing! Next write-up coming is the final challenge #cloud #cloudsec #cybersec #infosec #aws #amazon #ctf #IAM #pentesting #ethicalhacking

🚀 AWS CloudFront Just Got Even Better! Two major updates are here to simplify and secure your deployments: 1️⃣ Private VPC Origins: Connect CloudFront directly to ALB, NLB, or EC2 in private subnets—no public endpoints or complex workarounds required. 2️⃣ Static IPs: Get Anycast static IPs for predictable whitelisting and simplified firewall rules. Why It Matters: ✅ No need to expose ALBs—secure your backend with ease. ✅ Dedicated, fixed IPs for compliance and security. ✅ Simplified, streamlined configurations for better cloud security. 🔗 Learn more: https://lnkd.in/d3Vtfctj & https://lnkd.in/dd8WjKax #AWS #CloudFront #CloudSecurity #Networking

Excited for the official start of Amazon Web Services (AWS) re:Inforce starting with the keynote! Takeaways from yesterday: Sure, genAI can assist with security, specifically in simplifying the act of querying your logs and security sources, but at the end of the day, it's still about the blocking and tackling. 60% of all AWS compromises can be tied to static credentials. If you rely on Access Keys today, investigate using IAM Roles Anywhere to replace those static keys! Keep an eye on VPC Lattice as it matures. Tired of how networking on layer 4 with VPC peering, Transit Gateways, route tables, etc. complicate security? Get hands on with VPC Lattice and see the potential that application networking on AWS has to simplify security and networking. Is it ready for prime time as a v1.0 release? Maybe not. But definitely something to watch. As always, if you want to talk about your cloud security, reach out to JetSweep or me directly! #re:inforce #aws #security #jetsweep

✅ Snowflake updates - detailed report ⬇️ Mandiant (part of Google Cloud) just published our research into the active campaign impacting compromised Snowflake customer tenants that were configured without MFA. 🌟 To date, Mandiant and Snowflake have notified approximately 165 potentially exposed organizations. 🎯 Mandiant tracks this cluster of activity as UNC5537, a financially motivated threat actor suspected to have stolen a significant volume of records from Snowflake customer environments. 💥💥 Link to research: https://lnkd.in/eCqgEyrm Google Cloud

We’ve just updated our Page. Visit our Page to see the latest updates.Keep your AWS environment safe without adding weight to your infrastructure. using https://Flagger.ai Here's why you should choose Flagger.ai: Effortless Setup: Sign up in seconds with Google or your company account – no AWS credentials needed! Multi-Scan Power: Run comprehensive scans to identify vulnerabilities and empower your team with shared insights. Resource-Neutral Security: Flagger.ai integrates seamlessly without impacting your cloud infrastructure. Stop compromising on security or speed. ️ Start for FREE today! #cloudsecurity #awssecurity #devsecops #securityfirst #vulnerabilitymanagement #multicloudsecurity

Want to find out what all those instruments are on Neil Carpenter's wall and also learn about agentless #cloudsecurity? It's all covered on this Amazon Web Services (AWS) Twitch episode! 😃 ⤵

Our MXDR service just got a whole lot better, with enhanced support for Amazon Web Services (AWS). 🤝 This service enhancement brings customers deeper cloud detection and response capabilities by combining cloud native telemetry, AWS security telemetry, and enhanced detections in the Rapid7 Command Platform to drive broader, faster threat detection and remediation, delivered by the Rapid7 SOC. Learn more: https://r-7.co/3CXQA4f 📍 At #AWSreInvent? Swing by booth #697 to see the Command Platform in action!

🚀 Exciting News in Cloud Security! 🚀 We’re thrilled to announce that Illumio has achieved the prestigious AWS Security Competency status! 🏅 This accomplishment showcases our deep expertise in providing top-tier security solutions for AWS environments, ensuring organizations can confidently protect their critical applications and data. As businesses continue to migrate to the cloud, it’s more important than ever to have security solutions that are purpose-built for modern cloud infrastructures. Illumio’s adaptive micro-segmentation technology is designed to reduce the attack surface, limit lateral movement, and enable zero-trust security without complexity. We are excited to continue our partnership with AWS, empowering customers with seamless, scalable, and resilient security for their cloud-native workloads. 📢 Learn more about the AWS Competency and how Illumio is helping organizations secure their cloud environments here: Illumio's AWS Competency Announcement #CloudSecurity #AWS #Illumio #ZeroTrust #Microsegmentation #Cybersecurity #AWSCompetency

✨ PRODUCT NEWS ✨ Today, we're excited to add the AWS Access Graph to our cloud-native Data Security Platform, allowing your security team to automatically visualize your AWS blast radius and cut off access paths to data. 🦾 With these new cloud security abilities for AWS, your team can use the AWS Access Graph to: + Quickly understand which access keys, groups, identity, inline, and resource policies affect access  + See which policies expose sensitive data publicly + Surface trust relationships that grant external access to sensitive internal resources  + Reduce the blast radius by identifying and removing stale or unused policies automatically Learn more about this exciting update and our full suite of Varonis for AWS features: https://hubs.ly/Q02X6jx00

🚀 Today's Learning: Understanding AWS Network Security Components 🚀 I had a deep dive into how various AWS networking components work together to secure EC2 instances and subnets. Here’s what I learned: NACLs (Network Access Control Lists): Stateless filters that check inbound and outbound traffic at the subnet level. They inspect traffic as it enters and leaves the subnet, following defined allow/deny rules. Security Groups: Stateful firewalls applied at the EC2 instance level. They check inbound traffic, and once a request is allowed, the return traffic is automatically permitted. Flow of Traffic: Incoming traffic is first checked by the NACL, and if allowed, it passes through to the security group. The security group then checks the traffic against its rules. If it's allowed, the traffic reaches the EC2 instance. For outbound traffic, the security group allows the return traffic automatically, while the NACL checks the outbound rules before the traffic leaves the subnet. It’s fascinating to see how these components work together to secure the cloud infrastructure! 🌐 #AWS #CloudSecurity #EC2 #LearningJourney #TechLearning #Networking