Shimit is a Python-based tool that facilitates the execution of the Golden SAML attack. This attack method allows an adversary to forge SAMLResponse objects, which are then used to bypass authentication and gain unauthorized access to applications relying on SAML for single sign-on. By crafting a signed SAMLResponse, attackers can impersonate any user and achieve Read More …
Tag: aws
SCP – Service Control Policies
Service Control Policies are a feature of AWS Organizations that allow administrators to manage permissions across multiple AWS accounts in a centralized manner. SCPs provide a way to define the maximum available permissions for accounts within an organization, ensuring that security and compliance requirements are met while allowing flexibility in resource management. Organizations can enforce Read More …
Cloud Formation Example
Imagine you’re a System Administrator tasked with setting up a new environment. Traditionally, this involves a long checklist: log into the console, click through menus to create a VPC, spin up three VMs, configure storage, attach security groups, and set up a load balancer. If you need a second environment for testing, you have to do Read More …
Zig: The New Foundation for Modern Malware
This year Zig has moved from a niche systems language to a new primary choice for high-sophistication malware in 2026. Its design as a “better C” provides the low-level control required for weaponization without the legacy baggage that makes C code prone to crashes or easy detection. Is Zig is Over passing C and Rust Read More …
CDR – Cloud Detection and Response
I have witnessed the evolution of security from a static, perimeter-focused discipline to a dynamic practice centered on data and identity. The shift to the cloud had been the most significant disruption, introducing a level of complexity that traditional security tools were never designed to handle. This is the operational reality that has given rise Read More …
Demystifying VDI with AppStream
I’ve seen technology trends come and go, but one area that continues to evolve is the virtual desktop. The age of complex, on-premise Virtual Desktop Infrastructure is fading in my opinion and it will slowly be replaced by the agility of cloud-native solutions. A recent dive into Amazon AppStream and its potential as a “Citrix Read More …
Invictus :: Profiling TraderTraitor
TraderTraitor, a DPRK-nexus threat actor known for state-sponsored financial gain to fund North Korea’s nuclear weapons programs and engage in espionage. TraderTraitor primarily targets AWS environments, the cryptocurrency industry, and adjacent financial sectors through supply chain compromise, credential theft, and cloud service abuse. They are responsible for major crypto heists, including $625 million from the Read More …
Navigating the Kubernetes Threat Landscape
The escalating adoption of Kubernetes and containerized assets has introduced complex security challenges, making anomaly detection difficult due to their highly dynamic nature. Microsoft Threat Intelligence reveals a concerning trend: attackers are increasingly exploiting unsecured workload identities to infiltrate these environments. A striking 51% of workload identities were inactive in the past year, representing a Read More …
Key Use Cases for Containers and Kubernetes
Containers and Kubernetes serve various use cases that enhance application development and deployment. One prominent use case is microservices architecture, where independent and loosely coupled application components are orchestrated effectively. Containers and Kubernetes provide a robust foundation for microservices, enabling scaling, self-healing, and service isolation. Additionally, containers act as enablers for DevOps practices by facilitating Read More …
Navigating the Challenges of Containers and Kubernetes Deployment
Containers and Kubernetes present several limitations and challenges that organizations must consider. One significant issue is platform complexity. While these technologies are versatile, they are not always necessary for every application. For instance, using Kubernetes to orchestrate static Commercial Off-The-Shelf (COTS) applications can be excessive, as the complexity of Kubernetes may outweigh any potential business Read More …