📢 Today, I'm thrilled to announce "Stratus Red Team", an open-source adversary emulation tool for the cloud!. Comes with a catalog of cloud-native attack techniques that you can easily detonate to test your threat detection. 📝

RT @arstechnica: Yearlong supply-chain attack targeting security pros steals 390K credentials

RT @__steele: Back in 2022 I started a project I called vpcshark. Since then, AWS has launched three generations of EC2 instances without t….

I don't want to fully commit to never using Twitter ever again, but I'll try to post my content mostly on Bluesky and Mastodon.

Come say hi on Bluesky!

RT @Frichette_n: I’m very excited for this to be released! RCPs cover a need to restrict external access to resources across your organizat….

Fun with Google Cloud's default service accounts (and how to leverage them for offensive purposes).

RT @net_code: Fresh from the oven 📷. Analysis of NPM malicious packages connected to contagious interview campaign.

RT @datadoghq: Our team created a K8s sidecar container to support cross-cloud access in a multi-cloud environment. It simplifies access to….

Excited to share some research I've been working on for the past few months, based on real-world data from thousands of environments using AWS, Azure and Google Cloud!.

Stratus Red Team now supports an Amazon Bedrock attack technique to simulate LLMjacking, thanks to a contribution from @_brucedh!.

RT @0xdabbad00: Interesting update to the quarantine policy. 👀.

RT @healdevHQ: Today we’re happy to announce that is moving to private Beta. At heal, we’re building an AI-powered….

RT @fwdcloudsec: The recordings for fwd:cloudsec Europe talks are now on YouTube!

RT @ericonidentity: I��ve had this research from @_sigil bookmarked for a thorough read through. Excellent technical dive into abusing AU’s….

RT @_sigil: 🦎 It's up! Using Entra ID AUs for sticky accounts and hidden permissions:.

github-scanner[.]com.github-scanner[.].shop.2x[.]si/l6E.exe / fac2188e4a28a0cf32bf4417d797b0f8 (FormBook infostealer).

Interesting phishing website registered a few hours ago that automatically copies malicious PowerShell code in your clipboard, then asks you to "press Windows+R and Ctrl+V". Currently spamming 1k+ GitHub issues:

RT @fwdcloudsec: We're incredibly excited that fwd:cloudsec Europe is happening tomorrow, in Brussels. All the talks will be livestreamed….

RT @0xdabbad00: Oof, AWS had a bug that allowed Transit Gateway peering requests to be accepted by the requestor, so an attacker could acce….

Just in time for fwd:cloudsec Europe, Stratus Red Team now supports 6 Microsoft Entra ID (Azure AD) attack techniques!🌩️ 😈. brought to you by my awesome colleague @_sigil and yours truly!