Seth Art
@sethsec
Followers
1K
Following
3K
Media
30
Statuses
1K
Cloud Security Research and Advocacy @Datadoghq. Previous: Cloud Penetration Testing lead @BishopFox. Also on Mastodon https://t.co/R1KYbwIdme
Ithaca, NY
Joined June 2010
RT @awscloudsec: 📣 Issue 84 is out. Highlights:. - Amazon Inspector enhances the security engine for container images scanning. - AWS Cloud….
0
2
0
RT @BleepinComputer: whoAMI attacks give hackers code execution on Amazon EC2 instances - @billtoulas. https://t.co….
bleepingcomputer.com
Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name.
0
69
0
RT @_xDeJesus: whoAMI research by DataDog. I immediately thought about all the user-data scripts that me be attached to those launched EC2….
securitylabs.datadoghq.com
Detailing the discovery and impact of the whoAMI cloud image name confusion attack, which could allow attackers to execute code within AWS accounts due to a vulnerable pattern in AMI retrieval.
0
1
0
RT @ramimacisabird: The prior name confusion issue:
ramimac.me
Responsibly disclosing risks in using SSM Command Docs for software distribution.
0
1
0
RT @ramimacisabird: Excellent research here from @sethsec and crew - including responsible disclosure, AWS hardening enhancement, detectio….
0
1
0
The post also includes many ways you can check to see if you are vulnerable!.
0
0
0
My Datadog Security Labs research is finally live! The whoAMI research highlights how a malicious actor could gain remote code execution in thousands of AWS accounts that are vulnerable to this attack.
securitylabs.datadoghq.com
Detailing the discovery and impact of the whoAMI cloud image name confusion attack, which could allow attackers to execute code within AWS accounts due to a vulnerable pattern in AMI retrieval.
1
4
18
RT @christophetd: Fun with Google Cloud's default service accounts (and how to leverage them for offensive purposes). .
securitylabs.datadoghq.com
This post offers a deep dive into Google Cloud’s default service accounts, explaining their functionality, risks, and real-world adoption trends.
0
21
0
RT @clintgibler: ☁️ State of Cloud Security. 2024 update of @Datadog’s report analyzing security posture data from a sample of thousands of….
0
14
0
RT @danielhbohannon: Mine & @sabi_elezi's #MaLDAPtive presentation from @defcon is now posted on YouTube! LDAP obfuscation, deobfuscation &….
github.com
MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. - MaLDAPtive/Invoke-Maldaptive
0
37
0
RT @christophetd: Excited to share some research I've been working on for the past few months, based on real-world data from thousands of e….
datadoghq.com
For our 2024 report, we analyzed data from thousands of organizations to understand the latest trends in cloud security posture.
0
32
0
RT @CNY_Hackathon: Registration for the 2024 CNY Hackathon is now open! .
eventbrite.com
The CNY Hackathon will be held VIRTUALLY starting at 4 pm on 11/08 and IN PERSON at MVCC's Utica campus on 11/09 from 8 am to 5 pm.
0
5
0
I had such a great time speaking about Cloud Security at @BsidesORL! I saw some great talks, made some new friends, and got to hang with old ones. A huge thank you to all of the volunteers that made this epic event possible!
0
0
10
This is a killer talk! If you have not seen it yet, make some time to watch Nick explain some really cool initial access techniques he found in a super approachable way!.
My talk at DEF CON 32 is now on YouTube! "Kicking in the Door to the Cloud: Exploiting Cloud Provider Vulnerabilities for Initial Access" is a look at vulnerabilities I've found in AWS services that provided initial access to victim environments!.
0
1
3
RT @Frichette_n: Great blog post from @permisosecurity on LLMHijacking attacks against AWS Bedrock. I remember when we first started seeing….
permiso.io
Permiso has found that some attackers are using hijacked LLM infrastructure to power highly inappropriate AI chatbot services. In this article we will explain the methods we are observing attackers...
0
13
0
Really looking forward to speaking at BSides Orlando in two weeks!.
0
2
13