Chad Magee
@chadmagee.bsky.social
Senior Cloud Security Engineer at Colorados first billion dollar unicorn company.
Reposted by Chad Magee
“It wasn’t hard to spot you since you’re the only ones willing to use it without being forced.”
Google to Iran: Yes, we see you using Gemini for phishing and scripting. We're onto you
Google to Iran: Yes, we see you using Gemini for phishing and scripting. We're onto you
And you, China, Russia, North Korea ... Guardrails block malware generation
Google says it's spotted Chinese, Russian, Iranian, and North Korean government agents using its Gemini AI for nefarious purposes, with Tehran by far the most frequent naughty…
dlvr.it
January 31, 2025 at 1:39 AM
“It wasn’t hard to spot you since you’re the only ones willing to use it without being forced.”
Reposted by Chad Magee
I heard this quote from my favorite podcast this morning, and it resonates a lot in my consulting journey in cloud security.
"You can lead a horse to water, but you can't make him drink".
We can spread best practices, but at some point, developers will make the final decision.
"You can lead a horse to water, but you can't make him drink".
We can spread best practices, but at some point, developers will make the final decision.
January 9, 2025 at 4:00 PM
I heard this quote from my favorite podcast this morning, and it resonates a lot in my consulting journey in cloud security.
"You can lead a horse to water, but you can't make him drink".
We can spread best practices, but at some point, developers will make the final decision.
"You can lead a horse to water, but you can't make him drink".
We can spread best practices, but at some point, developers will make the final decision.
Reposted by Chad Magee
Great post from @scottpiper.bsky.social echoing what many of us have been saying for a while; OIDC is great! But easy to misconfigure, and when it is it can have serious consequences. Even AWS themselves fell into this trap.
I looked at all the AWS OIDC integrations I could find to identify how they might be misconfigured and to understand the variations that different vendors have in how they set these up. www.wiz.io/blog/avoidin...
Avoiding mistakes with AWS OIDC integration conditions | Wiz Blog
Secure AWS OIDC integrations by avoiding common misconfigurations. Discover key IAM trust policy conditions for popular SaaS vendors to protect your cloud.
www.wiz.io
January 1, 2025 at 5:12 PM
Great post from @scottpiper.bsky.social echoing what many of us have been saying for a while; OIDC is great! But easy to misconfigure, and when it is it can have serious consequences. Even AWS themselves fell into this trap.
Reposted by Chad Magee
Interesting example of leveraging the AWS Console for phishing. I’ve seen it done with CloudFormation templates but not SSM Documents.
dev.to/aws-builders...
dev.to/aws-builders...
Get Phished by a Public AWS Systems Manager Automation Document
You've probably heard the buzz about AWS unveiling the new Nova models at re:Invent 2024. Among them,...
dev.to
December 24, 2024 at 6:53 AM
Interesting example of leveraging the AWS Console for phishing. I’ve seen it done with CloudFormation templates but not SSM Documents.
dev.to/aws-builders...
dev.to/aws-builders...
🌩️🔒 Want to better understand cloud security attacks?
Check out this powerful GitHub repo featuring AWS & Azure attack simulations: github.com/CyberSecurit...
Learn, test, and strengthen your defenses! 💻☁️
#CyberSecurity #CloudSecurity #AWS #Azure
Check out this powerful GitHub repo featuring AWS & Azure attack simulations: github.com/CyberSecurit...
Learn, test, and strengthen your defenses! 💻☁️
#CyberSecurity #CloudSecurity #AWS #Azure
GitHub - CyberSecurityUP/Cloud-Security-Attacks: Azure and AWS Attacks
Azure and AWS Attacks. Contribute to CyberSecurityUP/Cloud-Security-Attacks development by creating an account on GitHub.
github.com
December 21, 2024 at 9:49 PM
🌩️🔒 Want to better understand cloud security attacks?
Check out this powerful GitHub repo featuring AWS & Azure attack simulations: github.com/CyberSecurit...
Learn, test, and strengthen your defenses! 💻☁️
#CyberSecurity #CloudSecurity #AWS #Azure
Check out this powerful GitHub repo featuring AWS & Azure attack simulations: github.com/CyberSecurit...
Learn, test, and strengthen your defenses! 💻☁️
#CyberSecurity #CloudSecurity #AWS #Azure
@trufflesec.bsky.social discovered SaaS providers mishandling their OAuth tokens. Attackers can use this to pivot into corporate accounts on critical services like GitHub, Azure, Slack, and more.
See write up ➡️ tinyurl.com/truffl3
See write up ➡️ tinyurl.com/truffl3
Mishandled OAuth Tokens Open Backdoors ◆ Truffle Security Co.
We discovered SaaS providers mishandling our OAuth tokens. Attackers can use this to pivot into corporate accounts on critical services like GitHub, Azure, Slack, and more.
tinyurl.com
December 20, 2024 at 12:45 PM
@trufflesec.bsky.social discovered SaaS providers mishandling their OAuth tokens. Attackers can use this to pivot into corporate accounts on critical services like GitHub, Azure, Slack, and more.
See write up ➡️ tinyurl.com/truffl3
See write up ➡️ tinyurl.com/truffl3
🌐 AWS Resource Control Policies (RCPs) enforce centralized access across accounts.
Now supporting:
• S3
• STS
• KMS
• SQS
• Secrets Manager
RCPs set max permissions (e.g., restrict S3 to org-only) but don’t grant permissions.
🔗 Learn more in AWS docs!
#AWS #CloudSecurity
Now supporting:
• S3
• STS
• KMS
• SQS
• Secrets Manager
RCPs set max permissions (e.g., restrict S3 to org-only) but don’t grant permissions.
🔗 Learn more in AWS docs!
#AWS #CloudSecurity
December 9, 2024 at 5:11 PM
🌐 AWS Resource Control Policies (RCPs) enforce centralized access across accounts.
Now supporting:
• S3
• STS
• KMS
• SQS
• Secrets Manager
RCPs set max permissions (e.g., restrict S3 to org-only) but don’t grant permissions.
🔗 Learn more in AWS docs!
#AWS #CloudSecurity
Now supporting:
• S3
• STS
• KMS
• SQS
• Secrets Manager
RCPs set max permissions (e.g., restrict S3 to org-only) but don’t grant permissions.
🔗 Learn more in AWS docs!
#AWS #CloudSecurity
Reposted by Chad Magee
New from Datadog Security Research! Threat actors are constantly publishing backdoored software libraries to steal credentials, get C2, and more. @ikretz.bsky.social did something about it. Meet the Supply-Chain Firewall, a tool to block malicious packages.
securitylabs.datadoghq.com/articles/int...
securitylabs.datadoghq.com/articles/int...
Introducing Supply-Chain Firewall: Protecting Developers from Malicious Open Source Packages | Datadog Security Labs
Release of Supply-Chain Firewall, an open source tool for preventing the installation of malicious PyPI and npm packages
securitylabs.datadoghq.com
December 6, 2024 at 3:13 PM
New from Datadog Security Research! Threat actors are constantly publishing backdoored software libraries to steal credentials, get C2, and more. @ikretz.bsky.social did something about it. Meet the Supply-Chain Firewall, a tool to block malicious packages.
securitylabs.datadoghq.com/articles/int...
securitylabs.datadoghq.com/articles/int...
Stop using IAM users—switch to IAM roles! ☁️
✅ Temporary credentials = better security
✅ Simplified access management
✅ Seamless automation & scalability
✅ Compliance-ready & flexible
Future-proof your cloud security today!
#CloudSecurity #IAMRoles #AWS
✅ Temporary credentials = better security
✅ Simplified access management
✅ Seamless automation & scalability
✅ Compliance-ready & flexible
Future-proof your cloud security today!
#CloudSecurity #IAMRoles #AWS
December 6, 2024 at 1:52 PM
Stop using IAM users—switch to IAM roles! ☁️
✅ Temporary credentials = better security
✅ Simplified access management
✅ Seamless automation & scalability
✅ Compliance-ready & flexible
Future-proof your cloud security today!
#CloudSecurity #IAMRoles #AWS
✅ Temporary credentials = better security
✅ Simplified access management
✅ Seamless automation & scalability
✅ Compliance-ready & flexible
Future-proof your cloud security today!
#CloudSecurity #IAMRoles #AWS
Reposted by Chad Magee
What can an AWS IAM user or role access? Brute-forcing permissions can reveal the answer. Learn how to use the non-destructive enumerate-iam tool for safe API exploration and see which permissions succeed—all while staying aware of OPSEC concerns. Details:
Brute Force IAM Permissions - Hacking The Cloud
Brute force the IAM permissions of a user or role to see what you have access to.
buff.ly
December 3, 2024 at 3:00 PM
What can an AWS IAM user or role access? Brute-forcing permissions can reveal the answer. Learn how to use the non-destructive enumerate-iam tool for safe API exploration and see which permissions succeed—all while staying aware of OPSEC concerns. Details:
🚨 Security Tip: With read-only permissions, you can access cleartext secrets in AWS Lambda environment variables! 🔑
👉 Use AWS Secrets Manager or Parameter Store to encrypt sensitive data like API keys.
#AWS #CyberSecurity #CloudTips
👉 Use AWS Secrets Manager or Parameter Store to encrypt sensitive data like API keys.
#AWS #CyberSecurity #CloudTips
December 1, 2024 at 3:26 AM
🚨 Security Tip: With read-only permissions, you can access cleartext secrets in AWS Lambda environment variables! 🔑
👉 Use AWS Secrets Manager or Parameter Store to encrypt sensitive data like API keys.
#AWS #CyberSecurity #CloudTips
👉 Use AWS Secrets Manager or Parameter Store to encrypt sensitive data like API keys.
#AWS #CyberSecurity #CloudTips
🔐 Build, train, & deploy ML models securely with AWS SageMaker:
✅ End-to-end ML lifecycle
✅ Data encryption (SSE-KMS)
✅ Access control (IAM)
✅ Audit trails (CloudTrail)
Simplify ML workflows with security & compliance built in.
#AWS #SageMaker #MachineLearning #AI #MLOps
✅ End-to-end ML lifecycle
✅ Data encryption (SSE-KMS)
✅ Access control (IAM)
✅ Audit trails (CloudTrail)
Simplify ML workflows with security & compliance built in.
#AWS #SageMaker #MachineLearning #AI #MLOps
November 25, 2024 at 9:46 PM
🔐 Build, train, & deploy ML models securely with AWS SageMaker:
✅ End-to-end ML lifecycle
✅ Data encryption (SSE-KMS)
✅ Access control (IAM)
✅ Audit trails (CloudTrail)
Simplify ML workflows with security & compliance built in.
#AWS #SageMaker #MachineLearning #AI #MLOps
✅ End-to-end ML lifecycle
✅ Data encryption (SSE-KMS)
✅ Access control (IAM)
✅ Audit trails (CloudTrail)
Simplify ML workflows with security & compliance built in.
#AWS #SageMaker #MachineLearning #AI #MLOps
🔒 Protect your data & stay compliant with privacy laws like CCPA/CPRA & CPA using AWS KMS + S3:
✅ Encrypt S3 data (SSE-KMS)
✅ Control access with IAM policies
✅ Track usage with CloudTrail
Simplified security for modern compliance.
#AWS #CloudSecurity #PrivacyCompliance
✅ Encrypt S3 data (SSE-KMS)
✅ Control access with IAM policies
✅ Track usage with CloudTrail
Simplified security for modern compliance.
#AWS #CloudSecurity #PrivacyCompliance
November 24, 2024 at 6:13 PM
🔒 Protect your data & stay compliant with privacy laws like CCPA/CPRA & CPA using AWS KMS + S3:
✅ Encrypt S3 data (SSE-KMS)
✅ Control access with IAM policies
✅ Track usage with CloudTrail
Simplified security for modern compliance.
#AWS #CloudSecurity #PrivacyCompliance
✅ Encrypt S3 data (SSE-KMS)
✅ Control access with IAM policies
✅ Track usage with CloudTrail
Simplified security for modern compliance.
#AWS #CloudSecurity #PrivacyCompliance