- tl;dr sec
- Posts
- [tl;dr sec] #213 - AWS Secure Defaults, Damn Vulnerable LLM Agent, cdk-goat
[tl;dr sec] #213 - AWS Secure Defaults, Damn Vulnerable LLM Agent, cdk-goat
Useful secure defaults + SCPs for your AWS account, a chatbot LLM ReAct agent for prompt injection practice, vulnerable by design AWS Cloud Development Kit infrastructure
Hey there,
I hope you’ve been doing well!
✈️ In Plane Sight
I’ve gotta get something off my chest.
Normally on planes I read or get work done, but recently I did something else.
As we were taking off, I saw that a person in the row in front of me was starting to watch a TV show on their phone. Season 1 Episode 1 of Reacher on Amazon Prime.
I thought, “Nice, I haven’t missed anything, I wonder what this show is about. I’ll go back to reading in a second.”
The person had headphones in but subtitles on, so I could follow.
About 10 minutes in, I realize I’m engaged and I decide to just finish the episode. At the end of the episode, he immediately starts Episode 2.
Well, I am curious what happens next, so I keep watching. From a row behind. On this guy’s phone. Reading the subtitles 😂
After Episode 4, I have to use the restroom (these are 40min episodes), but I don’t want to go, because then I’m going to miss what happens. Should I ask him to pause? I don’t know how he’ll take it. So I decided to just hold it.
By the end of the flight we’d watched about half a season of Reacher together. I felt a bond with him even though we’d never spoken.
Lesson: When you use a screen protector, you could be missing out on some quality connections. 🤣
Sponsor
📣 CNAPP for Dummies
A clear, friendly guide to mastering the hot new category in cloud-native security that's taking the industry by storm.
Wiz partnered with Wiley to create the Cloud Native Application Protection Platform (CNAPP) for Dummies eBook. This free 48-page PDF includes everything you *need* to know to secure the changing landscape of cloud-native applications and protect your cloud environment today.
You’ll learn:
The fundamentals of cloud-native security
Powerful tactics to strengthen security measures
Best practices for getting started
Techniques to shift security up the pipeline (and ahead of threats)
10 strategies for maximizing the potential of your CNAPP
AppSec
Google OAuth is broken (sort of)
Truffle Security’s Dylan Ayrey describes a Google OAuth vulnerability that allows employees at companies to retain indefinite access to applications like Slack and Zoom, after they’re off-boarded and removed from their company’s Google organization. Google has not made changes to mitigate this risk.
dwisiswant0/ngocok
By Dwi Siswanto: A free Burp Collaborator alternative that uses ngrok for capturing out-of-band requests.
Burp Extension Development Part 1: Setup & Basics
The first part in a new series by Tib3rius on adding new features to Burp and exploring the Burp Extension API. In this video, he covers setting up your dev environment, creating your first extension, and modifying request headers using the extension.
Panic!! At the YAML
GreyNoise’s Ron Bowes gives a great overview of a SnakeYAML deserialization vulnerability, including how to figure things like this out yourself: building a sample vulnerable application, adapting public exploit code, understanding how it works, troubleshooting errors, and lots of related work cited. Nice.
Sponsor
📣 ESET World-Class Threat Research
Research has been at the core of ESET and its technology since the company's inception.
The journey began in 1987 when ESET co-founders uncovered one of the world's first computer viruses, which they named "Vienna," and wrote a program to detect it. Many other discoveries quickly followed.
More than 30 years later, ESET remains at the forefront of cybersecurity research, operating 13 R&D centers across the world that analyze, monitor and anticipate new threats.
The research below contains a view of the H2 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts.
Cloud Security
avishayil/cdk-goat
By CyberArk’s Avishay Bar: Vulnerable by design AWS Cloud Development Kit (CDK) infrastructure that includes a vulnerable Python application (Damn Vulnerable Python Web App).
aws-samples/aws2tf
Automates the importing of existing AWS resources into Terraform and outputs the Terraform HCL code.
How to Securely let Frontend Apps to Directly Access AWS services
Yan Cui describes how a frontend can talk directly to AWS services like DynamoDB and S3, without an intermediary like API Gateway or Lambda, using Cognito Identity Pools, which can issue temporary AWS credentials that are then used for authn/authz. I feel like this might not be a great approach in most cases, but it’s interesting that it can be done.
AWS Account Security Onboarding Mind Map
AUTO1 Group’s Artem Marusov shares a succinct and structured mind map to act like a checklist when onboarding new AWS accounts to an existing AWS Organization, covering SCPs, logging, alerting, AWS security services, and more.
Setting secure AWS defaults and avoiding misconfigurations
Excellent guide by Wiz’s Scott Piper covering a number of useful secure defaults and potential misconfigurations, including preventing resources from being made public (e.g. S3 buckets, AMIs), preventing risky feature (e.g. IAM users and access keys, IMDSv1) and enforcing security measures (restricting network modifications, restricting admin access with network controls).
For each, Scott provides useful CLI commands to action what he’s describing and/or Service Control Policies (SCP) to enforce good posture.
Container Security
wagoodman/dive
By Alex Goodman: A tool for exploring a Docker image, layer contents, and discovering ways to shrink the size of your Docker/OCI image.
How to use Dockerfiles with wolfi-base images
Chainguard’s Adrian Mouat describes how to use wolfi-base with Docker tooling to create hardened, low vulnerability images, including for images and static binaries, when you need libraries or runtimes like the JDK and JRE, if you need matching build and runtime dependencies (e.g. Python), or including tools at specific versions.
Deep dive into the new Amazon EKS Cluster Access Management features
Datadog’s Christophe Tafani-Dereeper and Martin McCloskey discuss the new AWS feature that helps address some of the issues with IAM in EKS by allowing you to manage access to your clusters using the AWS API. It enables you to: map AWS identities to pre-defined AWS-managed Kubernetes permissions, map AWS identities to specific Kubernetes groups, and gain visibility on former "shadow administrators".
The authors also share threat detection opportunities based on the newly available CloudTrail events associated with this feature.
Blue Team
chainguard-dev/osqtool
By Chainguard: A tool for testing, creating, and manipulating osquery query packs.
center-for-threat-informed-defense/adversary_emulation_library
An open library by MITRE Engenuity of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs. The library contains two types of adversary emulation plans: full emulation, which emulates a specific adversary, e.g. FIN6, from initial access to exfiltration, and micro emulation, emulating compound behaviors seen across multiple adversaries, like webshells.
Ghost in the Web Shell: Introducing ShellSweep
Splunk’s Michael Haag discusses ShellSweep, a new tool designed to hunt down and flag potential web shells. It can scan multiple directories at once, filter known good files by SHA256 or path, scan specific file extensions, and evaluate the potential maliciousness of files based on their entropy.
My bud Kurt Boberg also wrote a tool, Border Collie (blog), that continuously watches the file system, runs Semgrep rules to find potential reverse shells, and automatically chmod’s them to non executable when found.
Red Team
MegaManSec/SSH-Snake
By Joshua Rogers: Finds SSH private keys on a system → sees what other hosts may accept those keys → tries to SSH everywhere possible using all private keys discovered. Attempts to create a map of a network and its dependencies, identifying to what extent a network can be compromised using SSH and SSH private keys starting from a particular system. Blog
EvilSlackbot: A Slack Attack Framework
Andrew Steinberg shares a new tool that can be used during red teams if you acquire a Slack API token to send spoofed Slack messages, phishing links, files, and search for secrets leaked in Slack. It can also be used to conduct Slack phishing simulations via providing a list of employee emails.
Career
Preparing for a Security Engineering Interview
TryHackMe’s Ellie Gillard discusses some common behavioral and technical interview questions, across blue team, network security, web and application security, and more. I’m not sure these are the technical topics I would personally focus most on, but I’m sharing because examples of questions are generally useful.
Personal brand building - the cyber edge your career needs
Free meetup by Women in Cybersecurity (WiCyS) featuring a panel of women at the executive, mid-career and early career stages sharing their experiences. January 24, 5-8pm PST downtown San Francisco. LinkedIn Live Broadcast
Cyber for Builders: The Essential Guide to Building a Cybersecurity Startup
New book by my friend Ross Haleliuk (congrats!) on building a cybersecurity startup. It’s intended for security-focused entrepreneurs / builders- startup founders, security engineers, VCs, angel investors, and others who are building the future of cybersecurity. I’m stoked to have contributed a small section to the book, woo 🥳
Machine Learning + Security
WithSecureLabs/damn-vulnerable-llm-agent
By WithSecure: A sample chatbot powered by an LLM ReAct agent, implemented with Langchain. It's designed to be an educational tool for people to understand and experiment with prompt injection attacks in ReAct agents.
Why Anthropic and OpenAI are obsessed with securing LLM model weights
Why Anthropic CISO Jason Clinton (good name) & team spend much of their time on securing Claude’s model weights: an attacker who acquired the weights could use the model maliciously at a fraction of the cost of training it. As models improve, some feel that protecting model weights has significant national security implications.
See also Rand’s Securing Artificial Intelligence Model Weights report, which discusses 40 distinct attack vectors.
AI's Predictable Path: 7 Things to Expect From AI in 2024+
Epic post by Daniel Miessler with the insight that rather than following the tech, to understand the future of AI we should instead ask what people want from it.
Daniel believes everyone will get a Digital Assistant (DA) that knows everything about them, that everything (restaurants, the people around you) will have APIs, DA’s will constantly advocate on our behalf and mediate our interactions with the world, and more. He also discusses security and privacy implications. Well worth the read.
I’m also stoked to be attending Daniel’s upcoming course Augmented: How to Integrate AI into Life and Work, a 3-hour live AI course on January 13th, this Saturday. Today is the last day to sign up. If you’re a paid member to Unsupervised Learning, which I’ve been for years, you get $200 off the course.
Misc
Mozilla CEO’s pay has increased while the overall company’s revenue has decreased. A good job if you can get it.
Study: Optimism bias is partly a consequence of low cognition. Those with the highest cognitive ability have 22% increase in realism (pessimism) and a 34% reduction in optimism compared with those lowest in cognitive ability.
San Francisco Streets - A YouTuber (Channel 5 with Andrew Callaghan) interviews people on fentanyl, local residents, people who were robbing high end fashion stores, police, and more. He mostly just lets people talk, in a non judgmental way, and they open up.
Things you're allowed to do
“A list of things you’re allowed to do that you thought you couldn’t, or didn’t even know you could,” across learning and decision making, interpersonal, support and accountability, making the most of your resources, and professional. I bet you’ll find at least something useful in this list.
✉️ Wrapping Up
Have questions, comments, or feedback? Just reply directly, I’d love to hear from you.
If you find this newsletter useful and know other people who would too, I'd really appreciate if you'd forward it to them 🙏
Thanks for reading!
Cheers,
Clint
@clintgibler