Tales from the Cloud Trenches

Source In a recent threat hunt, Datadog Security Labs uncovered sophisticated attacker activity stemming from a leaked, long-term AWS access key (AKIA*). Within a mere 150-minute window, five distinct IP addresses were observed attempting to leverage this compromised key, executing various malicious techniques, tactics, and procedures (TTPs). This incident brought to light several previously unreported Read More …

The Dawn of Autonomous Warfare

The landscape of modern warfare is undergoing a profound transformation, driven by the rapid advancements in artificial intelligence (AI) and the proliferation of autonomous weapons systems. This shift, often likened to the advent of the Maxim gun which revolutionized battlefields, signals a potential end to traditional manned mechanized combat. At its core, autonomous warfare involves Read More …

Covert Recruitment

Information security, traditionally focused on technical defenses against digital intrusions, is increasingly grappling with threats that exploit human vulnerabilities, particularly in intelligence gathering and economic espionage. Modern adversaries are employing sophisticated social engineering tactics that leverage personal circumstances to gain access to sensitive information. A recent Reuters report highlights a concerning development: a secretive Chinese Read More …

North Korea infiltrates crypto markets

N. Korea infiltrates crypto markets Google Gemini However, I can provide you with general information about North Korea’s involvement in the cryptocurrency industry, which is a widely reported topic: Sanctions Evasion: North Korea faces strict international sanctions due to its nuclear weapons program. Cryptocurrency offers a way to bypass traditional financial systems and evade these Read More …

Some fun AWS reads

Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources https://www.aquasec.com/blog/bucket-monopoly-breaching-aws-accounts-through-shadow-resources/ Capturing Exposed AWS Keys During Dynamic Web Application Tests https://www.praetorian.com/blog/capturing-exposed-aws-keys-during-dynamic-web-application-tests/ AWS Network Firewall egress filtering can be easily bypassed https://canglad.com/blog/2023/aws-network-firewall-egress-filtering-can-be-easily-bypassed/

Infrastructure Attacks Are Growing

A couple of news articles caught my eye this past week that are quite interesting IMO. Ukraine’s largest mobile operator Kyivstar downed by ‘powerful’ cyberattack & Attacks on Critical Infrastructure Attributed to Insidious Taurus You have to love the names that the security companies come up with for the other nation state actors.  I am Read More …