• tl;dr sec
  • Posts
  • [tl;dr sec] #235 - Threat Hunting in Snowflake, AWS Incident Query Cheatsheet, Securing AI Infra

[tl;dr sec] #235 - Threat Hunting in Snowflake, AWS Incident Query Cheatsheet, Securing AI Infra

Queries to look for attackers in your Snowflake, AWS queries to use during incidents, how OpenAI and Apple secure AI workloads

Hey there,

I hope you’ve been doing well!

🎂 Birthday Reflections

Soon it’s going to be my birthday, which means I’m one year closer to being dust in the wind wiser.

I was thinking about writing up some reflections, and I was curious: what would you like to know? Is there anything that would be neat to include?

It’ll probably be a combination of professional and personal.

If you have any thoughts, feel free to respond directly to this email! 👋 

Feel free to check out this 5min extended clip from my interview with GitHub CSO Mike Hanley on how he things about secure guardrails/defaults.

One point he makes that I like is that if large software providers (e.g. cloud platforms) had better secure defaults, it might reduce or eliminate entire verticals of security products.

The challenge is with the incentives: the cloud providers don’t bear the brunt of these decisions, it’s a negative externality for their customers (e.g. SSRF for IMDSv1, public S3 buckets).

💡 Random thought: what would it look like if a platform somehow took some ownership of customer breaches that at least partially were due to product footguns or security features that could have been implemented?

👉️ Watch it here 👈️ (Spotify)


📣 WorkOS, modern identity platform for B2B SaaS

WorkOS supports a complete User Management solution along with SSO, SCIM, RBAC, & FGA. Unlike other auth providers that rely on user-centric models, WorkOS is specifically designed for B2B SaaS with an org modeling approach.

The APIs are flexible and modular, which means integration only takes a few minutes. It’s used by some of the fastest growing startups like Perplexity, Vercel, and Webflow.

Pricing is also transparent and scales with your growth. Best of all, User Management is free up to 1 million MAUs and comes with bot protection, impersonation, MFA, & more.

👉️ Get started 👈️

Used by Perplexity, Vercel, Loom, Webflow and other big names? Nice 🤘 

Great new guest post by Canva’s Kane Narraway and Rami McCarthy on why many security engineers need to fix the same undifferentiated problems, job after job. They discuss:

  • Why security doesn’t have as many micro SaaS companies

  • Bootstrapped vendor successes

  • Five specific fixable security problems they wish they could “buy” and not build

👉️ Read it here 👈️ 


You’ve Got SBOMs💣️, We’ve Got Answers💡 

There’s an alphabet soup of regulations requiring software producers to generate, maintain, and provide software bills of materials (SBOMs) to regulators. Between Executive Order 14028 and the FDA’s Section 524B in the United States to the Cyber Resilience Act (CRA) in the E.U., and global standards like UNECE R155 for automotive manufacturers, SBOM mandates are everywhere. Let the SBOM experts at Manifest help you understand the SBOM requirements and timelines during a complimentary 1-on-1 consultation specific to you and your industry. And if you just want to vent, that’s fine too!

Lots of policies and government mandates, nice to chat with an expert to help sort out what’s the latest and greatest re: SBOMs.

Cloud Security

Validate AWS CloudFormation templates against AWS Well-Architected Sustainability Pillar best practices— maximizing utilization, and minimizing waste and the total resources deployed and powered to support your workload.

AWS Cloud Incident Analysis Query Cheatsheet
Securosis’ Rich Mogull shares sample queries he and Will Bengtson use for their BlackHat training on investigating incidents in your cloud environment. The queries use AWS Athena running on top of CloudTrail so that anyone with an AWS account can run them, and the queries examine resources, events, changes, identity, permissions, and more, along with scripts to pull IAM policies and EC2 instance permissions.

Encryption At Rest: Whose Threat Model Is It Anyway?
I never thought I’d say a post about encryption at rest in a web app or cloud context would be interesting, but this thoughtful and detailed post by Scott Arciszewski, formerly on the AWS Cryptography team, is great. It covers: client-side encryption, security considerations, how to avoid confused deputy issues, why you should use authenticated encryption, and more. Great work 👍️ 

Supply Chain

How a Single Vulnerability Can Bring Down the JavaScript Ecosystem
Roni Carta discovered that the npm registry is vulnerability to cache poisoning, which could allow an attacker to render popular packages unavailable, causing widespread disruptions in software development pipelines. GitHub will ship a fix.

Dirty Little Secrets of Vulnerability Management
Semgrep’s Kyle Kelly covers a number of common misconceptions, like NVD ≠ the CVE Program, CISA’s KEV only includes active exploitation (does not include if a vulnerability has public exploit code or was attacked in academic or pen testing contexts), exploit likelihood vs exploitability with EPSS, and more.

State of Exploitation - A Peek into the Last Decade of Vulnerability Exploitation
VulnCheck’s Patrick Garrity shares trends in vulnerability disclosure, exploitation, weaponization and exploit availability from 2014 to 2023.

  • Annual growth rates:

    • CVEs with known exploitation: +19.7%

    • CVE disclosure: +14.1%

    • CVEs with Publicly available Proof-of-Concept exploits: +11.8%

  • 1.1% of vulnerabilities are publicly known to have been exploited in the wild.

  • 2% of vulnerabilities are known to be weaponized

  • 31% of vulnerabilities have Proof-of-Concept Exploit Code


Certificates are better than keys 🔑

Although keys are a relatively secure authentication method for SSH when compared with password-based authentication, keys create an equal amount of operational and security overhead on the administration side. Learn how to solve challenges with key rotation and invalidation with the latest cryptographic methods like certificate-based authorization below.

👉️ Learn More 👈️

Blue Team

A guide to threat hunting and monitoring in Snowflake
Datadog’s Julie Sparks and Seth Art outline how to detect signs of attacker behavior in Snowflake, from initial access to attempts to evade defense protocols, persistent access, credential access, data collection, and exfiltration.

They share specific queries to monitor login histories, external access histories, unexpected IP addresses, client applications, network policies, and admin permissions, and provide guidance on what to look for in the results.

Detecting AiTM Phishing Sites with Fuzzy Hashing
Obsidian Security describes how phishing kits or Phishing-as-a-Service websites can be detected using fuzzy hashes, giving EvilProxy/Tycoon and an APT group as examples. A phishing site’s HTML content might be obfuscated (e.g. just a single external script resource), but once the JavaScript runs, the DOM reveals what is displayed to the user, and thus is more effective to be hashed, using a library like py-tlsh.

Phishing 2.0 – how phishing toolkits are evolving with AitM
Push Security’s Luke Jennings provides a nice overview of Adversary in the Middle (AitM) attacks, a new technique that allows attackers to bypass MFA by acting as a proxy between the target and a legitimate login portal. There are two main AitM approaches, reverse web proxies and browser-in-the-middle, and a number of tools that can be used, like Modlishka, Muraena, Evilginx, Evilproxy, EvilnoVNC, Cuddlephish, and more.

One tricky thing is that even if you detect the compromise and kill the session, the attacker could use their initial access to downstream SaaS apps (if SSO was compromised) to persist (e.g. API keys, add accounts, …). As previously covered in tl;dr sec, see also Thinkst’s post on detecting if your website or login portal has been cloned.

How to Secure the SaaS Apps of the Future
Okta’s Karl McGuinness describes how if attackers can’t manage to steal user credentials, they’ll instead steal a user’s proof of authentication (e.g. use malware or a transparent proxy to steal session tokens from a user’s browser after they sign in).

He recommends three security requirements: proof-of-possession, which binds tokens to authorized clients, preventing token replay attacks; continuous access evaluation profile, a mechanism for real-time risk assessment and response; and universal logout, a method for revoking all user sessions across applications.

Red Team

Phish Sticks; Hate the Smell, Love the Taste
SpecterOps’ Forrest Kasler outlines a number of potential failure points in phishing campaigns (e.g. your IP or domain has bad or no sender reputation, blocked due to email content, your link was filtered, …) and signals to look for about which steps succeeded (remote CSS loads, tracking image loads, immediate visits, …).

Assumed Breach: The Evolution of Offensive Security Testing
TrustedSec’s Jason Lang describes how offensive security testing has evolved over time: red teams wrecking, then blue teams adapting, forcing red teams to up their game.

Jason then walks through a number of assumed breach scenarios, which can provide valuable security controls feedback in a time-boxed way (read: cost-effectively), including: perimeter breach, disgruntled worker, successful social engineering attack, credential abuse, physical theft or loss of an internal device, and physical intrusion.

AI + Security

An open source, privacy-first alternative to Microsoft’s Recall. Easily access your digital history, enhancing your memory and productivity without compromising your privacy.

Extracting Concepts from GPT-4
OpenAI shares their interpretability research, in which they used new scalable methods to decompose GPT-4’s internal representations into 16 million oft-interpretable patterns. Interpretability is key for understanding how models “think,” allowing us ensure AI systems are safe and aligned with human interests (e.g. don’t help people do bad things or do bad things to people).

See also Anthropic’s interpretability research shared last week.

Securing Research Infrastructure for Advanced AI
OpenAI shares how they secure their research infrastructure. I pulled out some key points on the web version of this issue.

  • Identity foundation: Azure Entra ID

  • Kubernetes with RBAC, Admission Controller policies set a security baseline for workloads, controlling container privileges and network access.

  • VPN to connect to research environments, deny-by-default egress policy, explicitly allowlist authorized external communication paths.

  • Higher-risk tasks use gVisor.

  • Built an internal service called AccessManager to manage internal authorization, multi-party approval required to access sensitive info like model weights. GPT-4 integrated to facilitate least-privilege role assignment.

  • CI/CD security - IaC for configuring infra, restricted access to trigger infra-related pipelines to limit access to pipeline secrets.

Private Cloud Compute: A new frontier for AI privacy in the cloud
This post by Apple has some of the strongest, most impressive security guarantees of architectures I’ve read about recently. Very thoughtful and cool work, and a far cry from “storing all of your info in plaintext” cough Recall cough.

The post walks through their core requirements in the design they chose and how their approach fulfills them: stateless computation on personal user data, enforceable guarantees, no privileged runtime access, non-targetability, and verifiable transparency. Well worth the read. John Hopkins prof Matthew Green also has a thread about it.

If you want to read about all the new Apple stuff:



How to Quit Google, According to a Privacy Expert
Lifehacker article with Princeton’s Janet Vertesi, recommending: don’t switch everything at once (do one at a time to make it manageable), Chrome → Firefox, Proton or Zoho for email, Dropbox and Resilo Sync for file syncing, CryptPad for online document editing, /e/OS for Android phones or Elementary OS for your Chromebook, and if you’re going to use Google apps (e.g. Docs) use a dedicated browser to limit tracking.

See also: The Opt Out Project, a website full of recommendations and tutorials for replacing "Big Tech" services with community-driven and DIY alternatives, or PrivacyTools.io (H/T Samuel Corcoral).

Turn your iPhone into a dumb phone
How to make your phone and its apps less addictive by: using a minimal homescreen launcher (Dumbify), choosing a plain wallpaper that hides your dock, enabling grayscale mode and disabling notifications, and deleting addictive apps.

The U.S. military plans a ‘Hellscape’ to deter China from attacking Taiwan
President Xi Jinping has called on China’s People’s Liberation Army to be ready to take Taiwan by force by 2027. China’s likely strategy is to overwhelm Taiwan with a massive attack with little warning, as Xi doesn’t want to repeat Putin’s mistake in Ukraine, when Russia’s initial full-scale invasion failed and devolved into a long war of attrition.

The U.S.’s ‘Hellscape’ strategy is: as soon as China’s invasion fleet begins moving across the 100-mile waterway that separates China and Taiwan, the U.S. military would deploy thousands of unmanned submarines, unmanned surface ships and aerial drones to flood the area and give Taiwanese, U.S. and partner forces time to mount a full response.

✉️ Wrapping Up

Have questions, comments, or feedback? Just reply directly, I’d love to hear from you.

If you find this newsletter useful and know other people who would too, I'd really appreciate if you'd forward it to them 🙏

Thanks for reading!