• tl;dr sec
  • Posts
  • [tl;dr sec] #184 - Public Cloud Security Breaches, OWASP Top 10 for LLMs, Living Off the Orchard: macOS Binaries

[tl;dr sec] #184 - Public Cloud Security Breaches, OWASP Top 10 for LLMs, Living Off the Orchard: macOS Binaries

Compendium of cloud security incidents and breaches that have affected customers, top risks for software leveraging Large Language Models, a library of macOS binaries that can be used for ‘living off the land’.

Hey there,

I hope you’ve been doing well!

Oops! AGI Did It Again

This week, on #PeakBayArea

Some signs AI hype is going mainstream:

  • You can’t avoid people talking about it on social media.

  • Your non technical family members mention ChatGPT.

  • You get invited to an AI-themed Pizza-pocalypse Party.

Wait, was the last one only me?

Well you’re missing out, because recently my friend Isaac Evans and his wife* threw such a party, in which the invitation asked us to “bring your best ChatGPT conversation starter prompt” and “we will have AI-generated recipe suggestions.” 🤣

* You may not be surprised to learn that Isaac and his wife met at MIT.


📢 Secure remote access to shared resources

Tailscale connects your team's devices and development environments for easy access to remote resources. Securely access shared developer resources including VMs, containers, and databases wherever they are. With 65+ integrations, and growing, Tailscale works almost everywhere you do.

📜 In this newsletter…

  • AppSec: Code Credential Scanner, Semgrep taint mode tutorial video

  • Web Security: Burp extension to search across Repeater tabs, Burp tips n tricks presentation

  • Cloud Security: How We Detect Anomalies In Our AWS Infrastructure, Securing Cloud Native Microservices with RBAC, Public Cloud Security Breaches

  • Container Security: Container security fundamentals part 4: Cgroups

  • Supply Chain: Announcing the launch of GUAC v0.1, PGP signatures on PyPI: worse than useless

  • Blue Team: Birds at (Tail)scale, URL Obfuscation Through Schema Abuse, The Dangers of Google’s .zip TLD

  • Red Team: awesome-password-cracking repo, Introducing LOOBins, Infecting SSH Public Keys with backdoors

  • Machine Learning: 13 examples of Adobe's AI-enhanced photoshop, AI Music Thread, Bringing the power of AI to Windows 11, replace the face in a video with one photo, Turn yourself into a Pixar character

  • Machine Learning + Security: OWASP Top 10 for Large Language Model Applications, AI Risk Database

  • Misc: Stop Silly Security Awards, Lewis Capaldi documentary


NCC Group’s Chris Anley shares Code Credential Scanner, a tool that scans large and diverse codebases for hard-coded credentials or credentials present in configuration files. It can be used in a CI/CD pipeline and incorporates a range of methods to suppress issues, ensuring compatibility with other SAST tools.

Mobile Security

Semgrep - Abusing Taint Mode’s internal logic to rewrite non Taint Mode rules!
Video tutorial by Enno Liu on how taint mode works within the Semgrep engine and how you can take advantage of its behaviors to use taint mode for non-injection style rules, based on an improvement they did for someone in the Semgrep Community Slack.

Web Security

Burp Suite extension by Tanner Barnes that adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response matches a query via simple text matching or Regex.

Burp tips n tricks
Nicolas Grégoire’s presentation at NorthSec 2023 (video) explores how to unleash the full potential of Burp Suite. The talk covers various aspects, including keyboard shortcuts, performance optimization, automation tips, as well as the effective utilization of extensions such as hackvertor and piper.


📢 GitGuardian just launched Honeytoken 🍯, a new capability that detects breaches in your software supply chain!

With Honeytoken, GitGuardian helps you create credential "tripwires" that you can place anywhere in your SDLC -- but instead of giving access to real data, they trigger alerts full of useful info and help you stay one step ahead of attackers. This helps you be aware of breaches faster and can also let you know if your code has been leaked.

Deploy at scale, monitor for unauthorized use, and detect intrusions before it's too late. With Honeytoken, you'll know where, who, and how one is trying to access your confidential data.

Cloud Security

How We Detect Anomalies In Our AWS Infrastructure (And Have Peaceful Nights)
Bytewax’s Esteban Miccio provides a step-by-step process for constructing a cloud-based anomaly detection system designed to identify anomalies in EC2 instance CPU utilization using CloudWatch, RedPanda, and Bytewax.

Securing Cloud Native Microservices with Role-Based Access Control using Keycloak
Red Hat’s Daniel Oh provides a step-by-step tutorial on how to integrate Keycloak’s (a cloud-native Single Sign-On server) RBAC capabilities into cloud-native microservices for security while using Quarkus, a Kubernetes native Java framework.

Public Cloud Security Breaches
PrimeHarbor Technologies’ Chris Farris et al have published a compendium of security incidents and breaches that have affected companies operating in major cloud providers. The objective of this project is to serve as a centralized resource for identifying real-world examples of how cloud security misconfigurations have impacted actual customers.

“The 2019 Capital One breach wouldn’t have resulted in a 100 million dollar fine if the engineer deploying the WAF hadn’t attached the S3FullAccess to the ***WAF-Role.”

Container Security

Container security fundamentals part 4: Cgroups
Datadog’s Rory mcCune discusses how cgroups can limit the amount of CPU time a container can use and restrict the number of processes that can be spawned, mitigating common denial-of-service attacks.

Supply Chain

Announcing the launch of GUAC v0.1
The Google Open Source Security team announces the v0.1 launch of Graph for Understanding Artifact Composition (GUAC), which aggregates software security metadata and maps it to a standard vocabulary of concepts relevant to the software supply chain.

PGP signatures on PyPI: worse than useless
William Woodruff offers some insights into why the current PGP signatures on PyPI do not provide any security benefits. A significant number of these signatures cannot be linked to any well-known PGP key, and the ones that can be linked are generated using weak keys or certificates with malformed formats.

I really like this framing:

Security tools, especially cryptographic ones, are only as good as their least-informed and most distracted user.

Have you ever slain a feature so hard the platform removes it? Well that appears to have happened here, see the PyPI blog announcement: Removing PGP from PyPI.

Sponsored Event

📢 2023 Code to Cloud Cybersecurity Summit: Level up your security across the entire application lifecycle 💫

RSVP for the worldwide virtual Code to Cloud Cybersecurity Summit coming up on June 21-22 & July 11. You’ll learn from the most loved experts and up-and-coming voices in cloud, DevOps and cybersecurity across 20+ keynotes, technical sessions, roundtable discussions and hands-on labs. Speakers include Nir Zuk (Founder & CTO, Palo Alto Networks), Armon Dadgar (Founder & CTO, HashiCorp), Jimmy Mesta (Co-Founder & CTO, KSOC) and more. Join us at the intersection of code and cloud security as we explore the risks and dependencies at each stage of the application.

Blue Team

Birds at (Tail)scale
Thinkst has launched the ability to create a Canary in your Tailnet (a mesh VPN to run your own secure network), for example, one that looks like a Windows machine with a file share and RDP.

Attackers probing for other hosts on the Tailnet deserve to bump into Canaries as much as attackers exploring your cloud environments do.

We adore Tailscale: They have a first-rate team and their product is also widely loved for being startlingly simple to deploy.

Don’t @ Me: URL Obfuscation Through Schema Abuse
Mandiant’s Nick Simonian presents his research on the use of URL Schema Obfuscation techniques to distribute different malware variants. The technique involves the utilization of the ‘@’ sign to conceal the destination address and the usage of alternative hostname formats to obscure the destination IP address. Nick provides several examples and offers YARA rules to aid in the detection and mitigation of this technique.

The Dangers of Google’s .zip TLD
Bobby Rauch talks about the new .zip TLD launched by Google and how attackers can leverage this TLD, in combination with the @ operator and unicode character /(U+2215) to create a very effective phishing attack:

Replacing all the forward slashes after https:// with U+2215 (∕) slashes, and adding the @ operator before the v.1.27.1.zip, will take us to the hostname portion of the URL, v1.27.1.zip

Red Team

A curated list of awesome tools, research, papers and other projects related to password cracking and password security by n0kovo.

Introducing LOOBins
Zoom’s Brendan Chamberlain et al announce Living Off the Orchard: macOS Binaries (loobins.io), a library of macOS binaries that can be used for “living off the land” techniques. Like LOLBAS or GTFOBins but for macOS.

Infecting SSH Public Keys with backdoors
The Hacker’s Choice group shares their research on hiding a backdoor inside the SSH Public Key (e.g., id_rsa.pub or authorized_keys) using OpenSSH’s command= feature. This technique allows for persistence even after server reboots and enables lateral movement when administrators copy their SSH Public Keys to new servers or instances in cloud deployments.

Machine Learning

13 examples of Adobe’s AI-enhanced photoshop
Neat Twitter thread by Nathan Lands. The generative fill to combine images from Midjourney is pretty rad.

AI Music Thread
For example, Kanye singing Hey There Delilah.

Bringing the power of AI to Windows 11
Windows Copilot and Bing Chat are getting integrated into all the things. Interesting to see AI getting integrated into the OS itself and built-in apps.

By Somdev Sangwan: Take a video and replace the face in it with a face of your choice. You only need one image of the desired face. No dataset, no training.

Turn yourself into a Pixar character
Justine Moore explains how to do it in <15min using Midjourney, ElevenLabs, and HeyGen.

Machine Learning + Security

OWASP Top 10 for Large Language Model Applications
Version 0.1 provides a draft list of important vulnerability types for AI applications built on LLMs, including: Prompt Injections, Data Leakage, Inadequate Sandboxing, Unauthorized Code Execution, and more.

AI Risk Database
A tool for discovering and reporting the risks associated with public machine learning models. Aims to provide a comprehensive and up-to-date overview of the risks and vulnerabilities associated with publicly available models.

Paws in the Pickle Jar: Risk & Vulnerability in the Model-sharing Ecosystem Splunk’s Ryan Fetterman scanned the most popular ML model sharing hub, HuggingFace, to determine the prevalence of potentially risky machine learning models.

Our analysis shows that more than 80% of the evaluated machine learning models in the ecosystem consist of pickle-serialized code, which is vulnerable to code injection / arbitrary code execution risks.

See also Trail of Bits’ Evan Sultanik’s Exploiting machine learning pickle files post, which was previously shared in tl;dr sec 76.


Stop Silly Security Awards
A petition to end the practice of security awards run by marketing companies, with a very satisfying “Get Your Own Award Here” button. If you haven’t already watched it, check out Haroon Meer and Adrian Sanabria’s excellent talk The security products you deserve, and Mark Curphey names and shames in Why you should not give a f*ck about security awards.

In one of the most vulnerable and authentic documentaries ever, we find Lewis Capaldi at a pivotal moment in his career. Take a look into his personal life and defining year, his struggle to balance the familiarity of home, normality, and all he’s ever known with life as one of the biggest stars on the planet, gleaning an intimate portrait of his unique character, hopes and fears in his own words.

“Fame doesn’t change you,” he says. “It just changes everyone around you.”

✉️ Wrapping Up

Have questions, comments, or feedback? Just reply directly, I’d love to hear from you.

If you find this newsletter useful and know other people who would too, I'd really appreciate if you'd forward it to them 🙏

Thanks for reading!