cloud_sec | Unsorted

Telegram-канал cloud_sec - CloudSec Wine

2225

All about cloud security Contacts: @AMark0f @dvyakimov About DevSecOps: @sec_devops

Subscribe to a channel

CloudSec Wine

🔶 whim

Throwaway root shells in AWS Lambda Firecracker microVMs.

https://github.com/udgover/whim

#aws

Читать полностью…

CloudSec Wine

🤖 Three Ways to Give an AI Agent an Identity

This post compares three AI agent identity models: acting as the user (simple but single-player), service account tokens (common in production but insecure), and SPIFFE-based workload identity (best but costly to implement). Covers governance plumbing like Okta XAA and cloud-provider managed options.

https://kanenarraway.com/posts/agent-identity-models

#AI

Читать полностью…

CloudSec Wine

🔴 Securing agentic AI: What's new in VPC Service Controls

Designed for agentic workloads, new capabilities in VPC Service Controls can help establish a network-level, destination-based perimeter.

https://cloud.google.com/blog/products/identity-security/securing-agentic-ai-whats-new-in-vpc-service-controls

#gcp

Читать полностью…

CloudSec Wine

🤖 datadog-saist

Unlike traditional SAST tools that rely solely on parsing and analysis rules, this project uses LLM (e.g. Claude from Anthropic, GPT from OpenAI or Gemini from Google) to find vulnerabilities.

https://github.com/DataDog/datadog-saist

#AI

Читать полностью…

CloudSec Wine

🔶 Run isolated sandboxes with full lifecycle control: AWS Lambda introduces MicroVM

AWS launches a new serverless compute primitive, AWS Lambda MicroVMs. VM-level, isolated sandboxes with no shared kernel or resources between sessions. Rapid launch and resume, full lifecycle control, state preservation up to 8 hours, no infrastructure to manage.

https://aws.amazon.com/ru/blogs/aws/run-isolated-sandboxes-with-full-lifecycle-control-aws-lambda-introduces-microvms

#aws

Читать полностью…

CloudSec Wine

🔶 Amazon S3 annotations: attach rich, queryable context directly to your object

Amazon S3 now lets you attach up to 1 GB of rich, mutable, and queryable context directly to your objects using annotations, purpose-built for AI agents and autonomous workflows that need to discover, understand, and act on data at scale without maintaining separate metadata systems.

https://aws.amazon.com/ru/blogs/aws/amazon-s3-annotations-attach-rich-queryable-context-directly-to-your-objects

#aws

Читать полностью…

CloudSec Wine

🔴 Mind the Gap: GCP serviceData in Logs Explorer vs. Exported Logs

GCP's deprecated serviceData field gets silently stripped when audit logs reach your SIEM, leaving detection rules blind to disabled logging. Here's the gap.

https://permiso.io/blog/gcp-servicedata-officially-deprecated-actively-dangerous

#gcp

Читать полностью…

CloudSec Wine

🤖 AI Agent Supply-Chain Malware in Instruction Files

Mitiga Labs scanned 50,000+ AI instruction files across 7,000+ repos, finding prompt-exfiltration malware, ANTHROPIC_BASE_URL MITM overrides, YOLO-mode permission bypasses, and 1,230+ hardcoded API keys. They released Skillgate, a free scanner, to detect these techniques.

https://www.mitiga.io/blog/malware-in-ai-instruction-files-skillgate

#AI

Читать полностью…

CloudSec Wine

🤖 Entra Agent ID: The blueprint blast radius

Entra Agent ID is an extension of Entra's application model that provides identities for AI agents. Unlike applications, the agent identity model allows linking a single app registration (blueprint) to multiple identities and their associated privileges, increasing the potential blast radius of a compromised agent.

https://securitylabs.datadoghq.com/articles/agent-id-blueprint-blast-radius

#AI

Читать полностью…

CloudSec Wine

🔶 Operationalizing AWS security: A maturity roadmap

A six-phase maturity roadmap for operationalizing AWS Security Hub and GuardDuty: assess current state, reduce alert noise via tuning, build tiered notification routing, implement automated remediation for high-confidence findings, establish recurring review cadences with metrics, then expand with Inspector, Macie, Security Lake, and preventive controls.

https://aws.amazon.com/ru/blogs/security/operationalizing-aws-security-a-maturity-roadmap

#aws

Читать полностью…

CloudSec Wine

🌩 Hidden Gaps in Claude Code Security Reviews

Claude Code's /security-review is vulnerable to model anchoring bias when run in the same session that wrote the code. A new diff-scoped plugin avoids this but misses cross-commit vulnerability chains where each individual change appears benign in isolation.

https://brainoverflow.blog/posts/claude-code-security-review-bias

#ClaudeCode

Читать полностью…

CloudSec Wine

👩‍💻 Azure’s Hidden Operators: A Threat Model for Platform-Level Managed Identities

Post which explores, names, defines, and threat-models an Azure identity type that has quietly operated inside every customer tenant. Never documented under a single name, never owned by you, and never fully visible to you.

https://www.vectra.ai/blog/azures-hidden-operators-a-threat-model-for-platform-level-managed-identities

#azure

Читать полностью…

CloudSec Wine

🔶 Well-architected best practices for software supply chain security

Aligned with the AWS Well-Architected Security Pillar, the article recommends defending against npm supply chain attacks (e.g., Shai-Hulud) by using temporary credentials, least-privilege IAM, artifact signing via AWS Signer, centralized dependency management with CodeArtifact, continuous scanning via Amazon Inspector, and CloudTrail-based monitoring.

https://aws.amazon.com/ru/blogs/security/well-architected-best-practices-for-software-supply-chain-security

#aws

Читать полностью…

CloudSec Wine

🤖 Comparing AI Application Security Testing Platforms

Doyensec compared Aikido Attack AI Pentest and XBOW Lightspeed for web app vulnerability detection, evaluating true/false positives, configuration, report quality, cost, speed, and impact on tested applications. Full findings available as a PDF.

#AI

Читать полностью…

CloudSec Wine

🌩 When Background AI Agents Become a Security Boundary Problem

Claude Code's background sessions, supervisor process, CLAUDE_CONFIG_DIR override, scheduled tasks, and Markdown-based agent definitions can be chained post-foothold to deploy a persistent, nearly invisible C2 agent evading standard EDR binary-focused detection.

https://www.originhq.com/research/background-c2-agent

#ClaudeCode

Читать полностью…

CloudSec Wine

🔶 Apps can now impersonate human access to AWS via IAM Identity Center

AWS IAM Identity Center now lets server-side apps exchange an IdP-issued OIDC token for user-scoped AWS credentials via CreateTokenWithIAM, ListAccounts, and GetRoleCredentials. Actions are attributed to the user in CloudTrail. Key gaps: no per-app scope restrictions and no application ARN in audit trails.

https://awsteele.com/blog/2026/07/01/apps-can-now-impersonate-human-access-to-aws-via-iam-identity-center.html

#aws

Читать полностью…

CloudSec Wine

🤖 AI brands as bait: How threat actors are using the AI hype in social engineering

Threat actors impersonate AI brands (ChatGPT, Claude, DeepSeek, Copilot) in phishing, malvertising, and SEO-poisoning campaigns to steal credentials, credit card data, and deliver infostealers like Vidar. Storm-3075 and Fox Tempest are attributed actors using signed malware.

https://www.microsoft.com/en-us/security/blog/2026/06/08/ai-brands-as-bait-how-threat-actors-are-using-the-ai-hype-in-social-engineering

#AI

Читать полностью…

CloudSec Wine

🔐 Enterprise-Managed Authorization: Zero-touch OAuth for MCP

The Enterprise-Managed Authorization extension to the Model Context Protocol is now stable, enabling organizations to centrally provision MCP server access through their identity provider so users get connected servers on first login without per-app OAuth.

https://blog.modelcontextprotocol.io/posts/enterprise-managed-auth

#AIM

Читать полностью…

CloudSec Wine

🤖 LLMjacking evolved: Attackers are using stolen AI compute to build offensive agentic tools

Sysdig TRT caught a threat actor using a stolen Ollama server to power an autonomous, multi-stage offensive hacking tool.

https://www.sysdig.com/blog/llmjacking-evolved-attackers-are-using-stolen-ai-compute-to-build-offensive-agentic-tools

#AI

Читать полностью…

CloudSec Wine

🤖 An Introduction to AI Coding Agent Security

NCC Group whitepaper covering security of AI coding agents (Claude Code, Cursor, Codex) as of May 2026. Analyzes permission models, OS-level sandboxing, agent tool attack surfaces, and common vuln classes: workspace trust bypasses, sandbox escapes, permission prompt bypasses, sensitive file overwrites, and indirect prompt injection.

#AI

Читать полностью…

CloudSec Wine

🔶 Governing AI Assets at Scale with MCP Gateway and Registry

Open source MCP Gateway and Registry (Apache 2.0) provides enterprise governance for AI assets (MCP servers, agents, skills) via centralized discovery, fine-grained RBAC, supply-chain security scanning, hybrid semantic/keyword search, OpenTelemetry observability, federation with external registries, and deployable on EKS/ECS/EC2.

https://aws.amazon.com/ru/blogs/opensource/governing-ai-assets-at-scale-with-mcp-gateway-and-registry

#aws

Читать полностью…

CloudSec Wine

👩‍💻 Holding blobs for ransom: Four methods for Azure Storage ransomware

This post explores four vectors for threat actors to abuse Azure Storage to maliciously encrypt victim blobs, including step-by-step explanations and event codes for detection.

https://securitylabs.datadoghq.com/articles/azure-blob-storage-ransomware-four-methods

#azure

Читать полностью…

CloudSec Wine

🔶 local-cloud-browser

Mac-Native AWS GUI, enables you to perform some fundamental actions without a CLI mess.

https://github.com/milan0x/local-cloud-browser

#aws

Читать полностью…

CloudSec Wine

🌩 Securing CI/CD in an agentic world: Claude Code Github action case

Microsoft Threat Intelligence identified a prompt injection pathway in Claude Code GitHub Action that allowed access to workflow secrets under specific conditions. This research examines the attack chain, responsible disclosure process, Anthropic's mitigation, and guidance for securing AI-powered CI/CD workflows.

https://www.microsoft.com/en-us/security/blog/2026/06/05/securing-ci-cd-in-agentic-world-claude-code-github-action-case

#ClaudeCode

Читать полностью…

CloudSec Wine

🔐 Identity and Access Management Whitepaper

CNCF TAG Security released an IAM whitepaper targeting architects and platform engineers, covering zero-trust vs. perimeter models, PEP/PDP-based authorization, SPIFFE workload identity, and authentication patterns for stateful and stateless cloud native workloads.

https://www.cncf.io/blog/2026/06/04/identity-and-access-management-whitepaper

#iam

Читать полностью…

CloudSec Wine

🤖 Hermes-USB-Portable

Run a fully self-contained, self-improving AI agent from a single folder or USB drive.

https://github.com/techjarves/hermes-usb-portable

#AI

Читать полностью…

CloudSec Wine

🤖 ChatGPhish: The Page Is the Payload

Any web page a victim asks ChatGPT to summarize can become a phishing payload. P0 Labs research reveals a Markdown rendering vulnerability in ChatGPT's response UI.

https://permiso.io/blog/chatgpt-markdown-rendering-vulnerability

#AI

Читать полностью…

CloudSec Wine

🤖 A Security Researcher’s Guide to Understanding Copilot Studio AI Agents

A guide to understanding Copilot Studio AI agents, their deeper architecture on Entra ID and APIM, and key security risks.

https://www.beyondtrust.com/blog/entry/copilot-studio-ai-agents-security-risks

#AI

Читать полностью…

CloudSec Wine

🔴 Securing Your Gemini and Google API Keys

Protect your Gemini API keys with this guide on API restrictions, secure storage in Secret Manager, and key hygiene to prevent hijacking and unauthorized use.

https://cloud.google.com/blog/topics/developers-practitioners/api-keys-are-open-secrets

#gcp

Читать полностью…

CloudSec Wine

🔶 Global S3: Another C2 Channel for AgentCore Code Interpreters

AWS AgentCore Code Interpreters in Sandbox mode allow unrestricted global S3 access (including cross-account, public/presigned URLs), enabling a bidirectional C2 channel via S3 polling, demonstrated as a full reverse shell PoC. Mitigation: use VPC mode with S3 Gateway Endpoints and strict endpoint policies.

https://sonraisecurity.com/blog/global-s3-another-c2-channel-for-agentcore-code-interpreters

#aws

Читать полностью…
Subscribe to a channel