mastouille.fr est l'un des nombreux serveurs Mastodon indépendants que vous pouvez utiliser pour participer au fédiverse.
Mastouille est une instance Mastodon durable, ouverte, et hébergée en France.

Administré par :

Statistiques du serveur :

597
comptes actifs

#awssecurity

0 message0 participant0 message aujourd’hui
theOmegabit<p>Some good reads in the latest AWS security digest</p><p><a href="https://infosec.exchange/tags/awssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>awssecurity</span></a></p><p><a href="https://awssecuritydigest.com/past-issues/aws-security-digest-219" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">awssecuritydigest.com/past-iss</span><span class="invisible">ues/aws-security-digest-219</span></a></p>
theOmegabit<p>Why is Inspector Code Security not integrated in Security Hub on day 1? </p><p><a href="https://infosec.exchange/tags/awssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>awssecurity</span></a></p><p><a href="https://docs.aws.amazon.com/inspector/latest/user/code-security-assessments.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">docs.aws.amazon.com/inspector/</span><span class="invisible">latest/user/code-security-assessments.html</span></a></p>
Anonymous 🐈️🐾☕🍵🏴🇵🇸 :af:<p>Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI <a href="http://dlvr.it/TLmF6P" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">dlvr.it/TLmF6P</span><span class="invisible"></span></a> <a href="https://kolektiva.social/tags/Cisco" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cisco</span></a> <a href="https://kolektiva.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://kolektiva.social/tags/ISE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ISE</span></a> <a href="https://kolektiva.social/tags/CloudSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudSecurity</span></a> <a href="https://kolektiva.social/tags/AWSSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AWSSecurity</span></a></p>
theOmegabit<p>There’s a decent amount of talk and research on specific AWS api calls that aren’t logged to cloudtrail but is there an all encompassing list (GitHub hopefully) that covers everything currently known?</p><p><a href="https://infosec.exchange/tags/awssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>awssecurity</span></a></p>
theOmegabit<p>Minor annoyance - it looks like AWS renamed “Security Hub” of years past to “Security Hub CSPM” and then re-used “Security Hub” for this new functionality. </p><p><a href="https://infosec.exchange/tags/awssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>awssecurity</span></a> </p><p><a href="https://aws.amazon.com/blogs/aws/unify-your-security-with-the-new-aws-security-hub-for-risk-prioritization-and-response-at-scale-preview/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">aws.amazon.com/blogs/aws/unify</span><span class="invisible">-your-security-with-the-new-aws-security-hub-for-risk-prioritization-and-response-at-scale-preview/</span></a></p>
theOmegabit<p>The new site-to-site secrets manager inclusion is pretty sweet. </p><p><a href="https://infosec.exchange/tags/awssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>awssecurity</span></a></p><p><a href="https://aws-cloudsec.com/p/issue-101" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">aws-cloudsec.com/p/issue-101</span><span class="invisible"></span></a></p>
theOmegabit<p>Handy </p><p><a href="https://infosec.exchange/tags/awssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>awssecurity</span></a> <a href="https://infosec.exchange/tags/awscloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>awscloud</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p><p><a href="https://aws.amazon.com/about-aws/whats-new/2025/05/amazon-inspector-container-security-images/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">aws.amazon.com/about-aws/whats</span><span class="invisible">-new/2025/05/amazon-inspector-container-security-images/</span></a></p>
theOmegabit<p>Why would you not deploy this in the management account (or a security tooling account) considering what the tool is?</p><p><a href="https://infosec.exchange/tags/awssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>awssecurity</span></a></p><p><a href="https://www.token.security/blog/aws-built-a-security-tool-it-introduced-a-security-risk" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">token.security/blog/aws-built-</span><span class="invisible">a-security-tool-it-introduced-a-security-risk</span></a></p>
theOmegabit<p>Sneaky</p><p><a href="https://infosec.exchange/tags/awssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>awssecurity</span></a></p><p><a href="https://medium.com/@oraspir/how-attackers-rizzlers-can-exploit-aws-trust-policies-to-hide-behind-third-party-roles-052687dad7e9" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">medium.com/@oraspir/how-attack</span><span class="invisible">ers-rizzlers-can-exploit-aws-trust-policies-to-hide-behind-third-party-roles-052687dad7e9</span></a></p>
theOmegabit<p>Is this SSM Agent BuildSafePath fix tied to any CVE?</p><p><a href="https://github.com/aws/amazon-ssm-agent/blob/mainline/RELEASENOTES.md" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/aws/amazon-ssm-agen</span><span class="invisible">t/blob/mainline/RELEASENOTES.md</span></a></p><p><a href="https://infosec.exchange/tags/awssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>awssecurity</span></a></p>
theOmegabit<p>This looks pretty slick. A little short week mini project. </p><p> <a href="https://infosec.exchange/tags/awssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>awssecurity</span></a> </p><p><a href="https://awseye.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">awseye.com</span><span class="invisible"></span></a></p>
theOmegabit<p>Amazon Inspector best practices. <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a> <a href="https://infosec.exchange/tags/awssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>awssecurity</span></a> </p><p><a href="https://aws.amazon.com/blogs/security/amazon-inspector-suppression-rules-best-practices-for-aws-organizations/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">aws.amazon.com/blogs/security/</span><span class="invisible">amazon-inspector-suppression-rules-best-practices-for-aws-organizations/</span></a></p>
Astra Kernel :verified:<p>AWS Elastic Container Registry Public (ECR Public) vulnerability:</p><p>=&gt;Hackers can delete, update, and create ECR Public images, layers, and tags in registries and repositories that belong to victims' AWS Accounts</p><p><a href="https://blog.lightspin.io/aws-ecr-public-vulnerability" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.lightspin.io/aws-ecr-publ</span><span class="invisible">ic-vulnerability</span></a></p><p>Credit: @gafnitav @LightspinTech</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/AwsSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AwsSecurity</span></a> <a href="https://infosec.exchange/tags/ContainerSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ContainerSecurity</span></a> <a href="https://infosec.exchange/tags/Devops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Devops</span></a> <a href="https://infosec.exchange/tags/DevSecops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevSecops</span></a> <a href="https://infosec.exchange/tags/kubernetes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kubernetes</span></a> <a href="https://infosec.exchange/tags/websecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>websecurity</span></a></p>