• tl;dr sec
  • Posts
  • [tl;dr sec] #182 - Cloud Native Security Talks, AI Attack Surface Map, Attacking and securing cloud identities in managed Kubernetes

[tl;dr sec] #182 - Cloud Native Security Talks, AI Attack Surface Map, Attacking and securing cloud identities in managed Kubernetes

Video playlists and abstracts from CloudNativeSecurityCon and KubeCon, overview of attacking AI assistants and agents, attack vectors to pivot from an EKS cluster to an AWS account.

Hey there,

I hope you’ve been doing well!

📢 ICYMI AppOmni recently released a free tool that can evaluate your Salesforce instances for misconfigurations and data exposure risks.

 🥳 Welcome Sebas to the tl;dr sec family

It’s with great pleasure that I’d like to introduce you to Sebas Guerrero, who will be helping me create tl;dr sec.

I originally came across Sebas’ work from reading his newsletter Security Pills, and I thought he did an excellent job selecting high quality articles and pulling out their key valuable insights.

Sebas has actually already been helping me over the last few weeks with sourcing and summarizing great content, and with his help I think tl;dr sec will be able to more sustainably share high quality resources every week, and hopefully even more original content.

Thanks again for joining me on this journey, it’s an honor and privilege to share neat security stuff (and memes) with you every week 🙏

Sponsor

 📢 The CSPM Buyer’s Guide (Free PDF)

Security risks grow exponentially as your cloud footprint increases. That’s why picking the right Cloud Security Posture Management (CSPM) solution is critical to building your security strategy. In this free resource, Wiz breaks down market trends to help you understand how to find the right solution for your org. You’ll learn:

📜 In this newsletter...

  • AppSec: Tunnel via Cloudflare to any TCP Service, Attacking Language Server JSON RPC, Testing Zero Touch Production Platforms and Safe Proxies

  • Conferences: BSidesSF 2023 YouTube Playlist, CloudNativeSecurityCon 2023, Cloud Native Security Talks

  • Cloud Security: Exploiting misconfigured Google Cloud Service Accounts from GitHub Actions, Cloud Platform Log Configurations to Consider in Investigations

  • Container Security: Managed Kubernetes Auditing Toolkit, Attacking and securing cloud identities in managed Kubernetes: Amazon EKS

  • Blue Team: Detection Engineering Twitter List, So you think you can block Macros?

  • Machine Learning: Run all chat models at once, 10 free courses on AI from Harvard and Stanford, language to control LLMs more effectively, Brex's prompt engineering guide, hurdles agents need to overcome for large-scale adoption

  • Machine Learning + Security: The Dual LLM pattern for building AI assistants that can resist prompt injection, The AI Attack Surface Map v1.0

  • Misc: Every Single Marvel Movie Post-Credits Scene, Get started making music, beating Pokemon blind and deaf, a day in Lex Fridman's life

  • Right in the Feels: You have 18 summers with your kids, Divorce, Jason Haddix on trauma -> relentless productivity, Vulnerable U

AppSec

Tunnel via Cloudflare to any TCP Service
How to ‘publish’ any service (like SSHD, not just HTTP services) and make it accessible via the cloudflared tunnel by adding a WebSocket Proxy on either side of the tunnel. Uses websocat, cloudflared, and gost.

Attacking Language Server JSON RPCLive
Overflow shares his thoughts and lessons learned on how to perform a security audit on VSCode Language Servers while attempting to answer whether it’s possible to launch an attack on the VSCode language server’s JSON RPC protocol from a malicious website. Overally a great discussion on doing security research.

Testing Zero Touch Production Platforms and Safe Proxies
Doyensec’s Lorenzo Stella provides an overview of Zero Touch Production (ZTP) tools and services, their security role in DevSecOps, and common security vulnerabilities and misconfigurations to watch out for when auditing these services.

Vulnerabilities include: weaknesses in webhook authentication, replay attacks, and misconfigurations that affect the ownership of the Access Control List (ACL).

Sponsor

 📢 Attacks can happen anywhere. So, Cloudflare is everywhere.

Your workers, applications, and data are now everywhere. Your security should be too. That's why Cloudflare has taken a fundamentally different approach – a unified platform, powered by an intelligent global network that sees and stops 136 billion threats per day. With over 25 security services delivered on a single control plane, you can strengthen and simplify security everywhere you do business.

Conferences

BSidesSF 2023 YouTube Playlist
Lots of good talks.

CloudNativeSecurityCon 2023 - Seattle
~90 talk playlist from this CNCF conference covering supply chain security, Kubernetes, cloud native security, SBOMs, zero trust, eBPF, and more.

Cloud Native Security Talks
A site that hosts abstracts and links to talks about Cloud Native Security, by Rory McCune. Also supports full text search.

Cloud Security

Exploiting misconfigured Google Cloud Service Accounts from GitHub Actions
Moving to OIDC for GitHub Actions does reduce risk compared to using long lived Google Cloud Service Account Keys, but @revbl0ck writes about an important subtlety: if you don’t specify a condition then any GitHub Action can assume the role.

revbl0ck discusses exploiting this misconfiguration, finds a number of vulnerable GCP Service Accounts in open source repos, and describes how to mitigate this issue.

Cloudy with a Chance of Bad Logs: Cloud Platform Log Configurations to Consider in Investigations
Mandiant’s David Pany and Caitlin Hanley provide a detailed overview of the different attack paths that attackers may use to obtain access to a cloud environment and compromise its various components. The article delves into attack paths such as credential stuffing and hard-coded credentials in code or database access, and provides various logging configurations and checklists to help researchers gather evidence for a hypothetical breach in their cloud infrastructure.

Sponsored Tool

 📢 Salesforce Community site data leaks persist. Is your Salesforce instance secure?

Krebs on Security reported that significant Salesforce data leaks have exposed numerous customers’ sensitive data hosted in Salesforce Community websites. Since Krebs shared his findings, AppOmni Labs has noted a 300+% spike in threat activity on Salesforce Community sites and other major SaaS apps.

To help keep Salesforce data secure, AppOmni has launched a free Salesforce Community Cloud Scanner. AppOmni will evaluate your Salesforce instances for misconfigurations and data exposure risks, reveal if the recently disclosed issues are present, and provide clear steps for remediation.

Container Security

DataDog/managed-kubernetes-auditing-toolkit By Christophe Tafani-Dereeper:
An all-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.

See also Christophe and Sourcegraph’s Diego Comas CloudNativeCon Europe 2023 talk: Mind the Gap! Bringing Together Cloud Services and Managed K8s Environments.

Attacking and securing cloud identities in managed Kubernetes part 1:
Amazon EKS Datadog’s Christophe Tafani-Dereeper on how IAM works in EKS, and then a deep-dive into various attack vectors that allow an attacker to pivot from an EKS cluster to an AWS account, potentially compromising the full cloud environment.

Blue Team

Detection Engineering Twitter List
A collection of people sharing good threat detection/detection engineering content, curated by Zack Allen. Consider also checking out Zack’s excellent Detection Engineering newsletter.

So you think you can block Macros?
Outflank’s Pieter Ceelen and Dima van de Wouw discuss various Microsoft Office security controls on macros and add-ins, including their pitfalls and offensive bypasses for typical enterprise VBA macro settings. The authors also delve into the concept of legitimately signed Office documents and how vulnerabilities in these documents can be exploited to bypass even strictly configured MS Office installations.

Just “blindly signing” all internal legacy macros without proper analysis is a bad strategy. There is still a VBA/macro risk looming over your shoulder and in fact this may have made an attacker’s life easier, since signed content bypasses many MS Office security controls…

Machine Learning

Fortunately, I had the opportunity to be a sead stage investor.

chathub-dev/chathub
A chatbot client that lets you feed the same prompt to ChatGPT, the new Bing Chat, Google Bard and Claude all at the same time, making it easy to compare their answers.

microsoft/guidance
Guidance enables you to control modern language models more effectively and efficiently than traditional prompting or chaining. Guidance programs allow you to interleave generation, prompting, and logical control into a single continuous flow matching how the language model actually processes the text. Syntax is based on Handlebars templating.

brexhq/prompt-engineering
Brex’s prompt engineering guide, based on lessons learned from researching and creating Large Language Model (LLM) prompts for production. It covers the history around LLMs as well as strategies, guidelines, and safety recommendations for working with and building programmatic systems on top of LLMs.

Agents on the BrainLauren Reeder,
Cornelius Menke and Stephanie Zhan from Sequoia Capital share their thoughts on autonomous agents and discuss the hurdles they need to overcome to achieve large-scale adoption

  1. Chain-of-thought reasoning and decomposing tasks into multi-step processes often lead to errors, causing the agent to get stuck doing the same task in a loop.

  2. Potential running costs with in-house models or running into API limits.

  3. Agents are not subsequently reused, thus they cannot learn from previous attempts or prompts.

Machine Learning + Security

The Dual LLM pattern for building AI assistants that can resist prompt injection
Simon Willison presents his thoughts on protecting AI assistant systems from prompt injection attacks by using a Dual LLM pattern:

  1. A privileged LLM that accepts and acts on input from trusted sources and has access to tools

  2. A quarantined LLM that works with untrusted content and has no access to tools

Note that the system is still susceptible to social engineering attacks.

The AI Attack Surface Map v1.0
Some super nifty work by my bud Daniel Miessler.

  • 🤖 The primary components of AI attack surfaces

  • 🔓 Learn about AI Assistants, Agents, Tools, Models, and Storage

  • 🎯 Explore various attack methods and their potential impact

Misc

Get started making music
Learn the basics of making music, all in your browser, from Ableton. Super cool and fun, can’t wait to go through this in more detail.

Can you beat Pokemon FireRed while blind and deaf?
This guy came up with a sequence of ~230,000 key presses that will lead you to almost always beat Pokemon. I’m not going to lie, this was incredible. I didn’t expect to watch it, but it sucked me in immediately. There are so many sources of randomness in Pokemon that he was able to cleverly handle. A masterpiece.

A day in my life | Lex Fridman
Wow, what a focused guy. Two 4 hour deep work sessions per day, reviewing his long term and short term goals, visualizing his day, remembering his core principles, exercise, reading 1 academic paper, and more. I found the focus on improving himself/his character and repeated emphasis on embracing the grind interesting.

Right in the Feels

Because there’s nothing more important to hack than understanding your heart, and the hearts of the people around you ❤️ #Gratitude #HackWithHeart

Divorce
Troy Hunt shares his experience with divorce, social stigma, therapy, kids, and moving on.

Jason Haddix hacked a fortune 50, had a call with the Gov, and spoke to a movie producer
In the same day. “How is your life even real, bro!?”

I don’t know.The real answer?I had a massive amount of childhood trauma that instilled in me an unhealthy set of fears that feeds an unhealthy work ethic. I don’t stop. I never quit. I have to be better everyday.

Vulnerable U
A new-ish newsletter by Matt Johansen on embracing the power of vulnerability in the world of cybersecurity.

In our fast-paced digital world, we often feel the pressure to project an image of invincibility and infallibility when it comes to our online brands or personas. We’re taught to hide our vulnerabilities and weaknesses, to avoid admitting when we don’t know something or have made a mistake.

I believe that vulnerability is not a weakness, but a crucial part of the process of learning and growing in the cybersecurity world. By embracing vulnerability, we can create a community of learners who support and encourage one another, share knowledge and resources, and ultimately build more effective and sustainable cybersecurity practices.

Have questions, comments, or feedback? Just reply directly, I'd love to hear from you.

If you find this newsletter useful and know other people who would too, I'd really appreciate if you'd forward it to them 🙏

Thanks for reading!

Cheers,

Clint