Infosec – Purple Serendipity

Gratitude Challenge – #28 Technology

written by Fabian

The Gratitude Challenge’s twenty-eighth topic is “Technology”. Oh yeah, technology. One person’s love, another person’s nightmare. Bringing us closer together … More Gratitude Challenge – #28 Technology →

HowToInfosecProgrammingPython

Script to check VirusTotal for many files and folders

written by Fabian

Edit 09/04/2021: Clarified installation instructions by adding explanation on how to install the YAML module. Edit 13/03/2021: Corrected reference for … More Script to check VirusTotal for many files and folders →

Cloud SecurityHowToInfosec

Use AWS Security Token Service (STS) to let low-privileged user temporarily assume privileged role in other account

written by Fabian

Imagine one of your contractors usually does not need access to your AWS S3 buckets (or only access to buckets … More Use AWS Security Token Service (STS) to let low-privileged user temporarily assume privileged role in other account →

Cloud SecurityContainer SecurityHowToInfosec

“Stealing the environment” – Insecure password injection in scripts and containers via environment variables

written by Fabian

An “interesting” part when working with APIs or runtime environments like containers is of course credential management. Somehow you have … More “Stealing the environment” – Insecure password injection in scripts and containers via environment variables →

Infosec

Making a unidirectional double tagging VLAN hopping attack bidirectional

written by Fabian

A network engineer recently asked me why VLAN hopping via a double tagging attack is considered dangerous – after all, … More Making a unidirectional double tagging VLAN hopping attack bidirectional →

Cloud SecurityInfosec

Is “the cloud” secure?

written by Fabian

Yes, cloud computing is not a new thing. Yes, it has been written many times before if the cloud is … More Is “the cloud” secure? →

AttributionInfosec

Finding & Attributing Malicious Command & Control Servers

written by Fabian

In one of my last posts, I wrote about attribution in cybersecurity, i.e. ways to find out who was behind … More Finding & Attributing Malicious Command & Control Servers →

Cloud SecurityInfosec

Differences in cloud security (Alibaba, Amazon, Google, IBM, Microsoft)

written by Fabian

I recently had a look at the security assessments of different well-known cloud providers and found some interesting discrepancies. It … More Differences in cloud security (Alibaba, Amazon, Google, IBM, Microsoft) →

AttributionInfosec

Who the hæck?Attribution in cybersecurity

written by Fabian

While we are getting used to hearing news on a daily basis about hacking attacks, much less do we read … More Who the hæck?Attribution in cybersecurity →

HowToInfosec

SRPs block malware, but what if things stop working?

written by Fabian

As I wrote in my last post on lateral movement, using AppLocker or Software Restriction Policies (SRPs) to avoid the … More SRPs block malware, but what if things stop working? →

Purple Serendipity

Mais les braves gens n'aiment pas que l'on suive une autre route qu'eux

Category: Infosec

Gratitude Challenge – #28 Technology

Script to check VirusTotal for many files and folders

Use AWS Security Token Service (STS) to let low-privileged user temporarily assume privileged role in other account

“Stealing the environment” – Insecure password injection in scripts and containers via environment variables

Making a unidirectional double tagging VLAN hopping attack bidirectional

Is “the cloud” secure?

Finding & Attributing Malicious Command & Control Servers

Differences in cloud security (Alibaba, Amazon, Google, IBM, Microsoft)

Who the hæck?Attribution in cybersecurity

SRPs block malware, but what if things stop working?