• tl;dr sec
  • Posts
  • [tl;dr sec] #253 - State of Cloud Security, Applying AI to Cybersecurity, Living Off The Land ESXi

[tl;dr sec] #253 - State of Cloud Security, Applying AI to Cybersecurity, Living Off The Land ESXi

Datadog's 2024 update, lots of resources on AI + security, VMware ESXi built-ins adversaries use

Hey there,

I hope you’ve been doing well!

🧩 Clue - Live!

This week I saw a live production of Clue, and it was delightful.

If you’re not familiar, Clue is the board game where you try to solve a murder mystery (“Was it Mrs. Peacock in the study with the wrench?”), which was made into a movie, and now a live show.

It had some great physical humor, fun characters, and surprising twists. It’s in San Francisco this week, San Jose next week.

But the most delightful part was something random that happened after.

I was waiting for the BART train when I saw someone walk by who looked just like one of the actors.

I approached hesitantly and asked, “Hey, are you… Colonel Mustard?”

He was! He turned out to be incredibly friendly and we chatted for like half an hour, and we parted ways with a hug.

In the end, it was Colonel Mustard, in BART, with my heart 🥰 

Quicklinks

Trying something new:

Sponsor

📣 Devs Not Fixing Identity Issues in CNAPP? Do It Yourself.

CNAPP is great. It prioritizes identity issues and sends them to the right dev teams for remediation. Yet there are still thousands of tickets, and developers can’t fix them all without taking time from more innovative projects.

The solution? Fix it yourself. Sonrai’s Cloud Permissions Firewall gives you one-click least privilege to restrict sensitive permissions without depending on devs to do individual fixes – but without taking away permissions dev’s need.

Turn off services you don’t use, “quarantine” unused identities, and use a Permissions-on-Demand system to automatically grant back permissions at scope when needed.

Least privilege is critical but quite hard, awesome to see tooling making it easier 👌 

AppSec

Client-Side Path Traversal Playground
An open source playground by Doyensec’s Maxence Schmitt to learn about, find, and exploit Client-Side Path Traversal (CSPT). Various gadgets and sinks have been implemented, and you can experiment with CSPT to CSRF and XSS.

Lessons in Security Tooling: Strategies for Success
Jeevan Singh shares his philosophy and strategy for implementing security tooling in application security programs, focusing on four key goals: fixing vulnerabilities, building security culture, understanding gaps, and building up incident response capabilities for engineering. Jeevan emphasizes the importance of selecting the right tools, fully operationalizing them, and avoiding overwhelming engineers with vulnerabilities.

The post introduces a maturity model (crawl, walk, run, sprint) for tool integration and provides practical tips for tool selection, including creating a detailed rubric and involving engineers in the decision-making process.

💡 Jeevan is a sharp dude, and has great perspective from leading AppSec teams at Segment and Rippling.

Sponsor

📣 Configure and govern infrastructure without slowing down developers

Resourcely is a configuration platform for deploying cloud infrastructure that meets your expectations. 

Subject matter expert teams set Blueprints and Guardrails that empower developers to move fast while meeting your standards and preventing risky infrastructure from being deployed.

With it, developers create and maintain infrastructure quickly without needing to be cloud services experts or infrastructure as code pros.

I think secure-by-default/”guardrails” are one of the most effective ways to empower developers to ship quickly and securely. Huge fan of making that easier 🙌 

Cloud Security

CloudGoat: New Scenario and Walkthrough (sns_secrets)
Rhino Security Labs’ Tyler Ramsbey walks through the new CloudGoat scenario, involving IAM role enumeration, SNS Topics, and API Gateways.

Breaching the Data Perimeter: CloudTrail as a mechanism for Data Exfiltration
Tracebit’s Sam Cox describes a now-fixed AWS issue that allowed stealthy data exfiltration from AWS accounts. An attacker could use compromised credentials to make cross-account requests to attacker-controlled resources, which would be denied by the victim’s VPC Endpoint policies but still logged in the attacker's CloudTrail, allowing data to be exfiltrated in the User-Agent field.

State of Cloud Security
2024 update of Datadog’s report analyzing security posture data from a sample of thousands of orgs across AWS, Azure, and Google Cloud. I love the stats and figures.

  • Long-lived credentials continue to be a major risk.

  • Adoption of public access blocks in cloud storage services is rapidly increasing.

  • <1/2 of EC2 instances enforce IMDSv2, but adoption is growing.

  • Securing managed Kubernetes clusters requires non-default, cloud-specific tuning.

  • Insecure IAM roles for third-party integrations leave AWS accounts at risk of exposure.

  • Most cloud incidents are caused by compromised cloud credentials.

When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying
Permiso’s Ian Ahl describes how attackers are exploiting exposed AWS access keys to hijack GenAI infrastructure, particularly AWS Bedrock, to power their own AI applications. The attackers use the victim’s AI access to power adult content chatbots, using common jailbreak techniques to bypass content filtering.

Stratus Red Team now has an Invoke Bedrock Model module that can simulate this attack, as well as a number of Entra ID attack techniques. See also Katie Knowles’ post on Becoming a Stratus Red Team Contributor.

Supply Chain

Are your findings reachable?
See how many SCA findings get filtered out in your code from Semgrep’s reachability analysis and win a pair of AirPods Max.

Command-Jacking: The New Supply Chain Attack Technique
Checkmarx’s Yehuda Gelb and Elad Rapoport describe how attackers can abuse entry points in Python packages and other ecosystems to execute malicious code. Instead of putting malicious commands somewhere that will immediately run (e.g. pre- or post- install), one can instead register the command name of a popular third-party tool (aws, docker) or system command (ls, mkdir) that depending on the user’s $PATH, may get called before the real tool or command. Sneaky! The post also discusses creating malicious plugins (e.g. for pytest or flake8).

OpenSSH Backdoors
Ben Hawkes compares the 2002 OpenSSH backdoor attempt with the recent xz-utils/OpenSSH backdoor, highlighting similarities in targeting OpenSSH and build systems, but noting key differences in attacker sophistication and motivation. Ben argues that we’ve largely gotten away with poor supply chain security in the past due to there being a steady supply of exploitable vulnerabilities that have enabled attackers to achieve their goals in other ways. But as exploitable vulnerabilities become sparse, attackers will pursue supply chain attacks at a higher rate. The answer: attack surface reduction, compartmentalization, and sandboxing.

Blue Team

LOLESXi: Living Off The Land ESXi
By Janantha Marasinghe and Wietze Beukema: A comprehensive list of binaries/scripts natively available in VMware ESXi that adversaries have utilized in their operations.

Living Off Security Tools
By Ali Hussein: A curated list of Security Tools used by adversaries to bypass security controls and carry out attacks.

Iscariot Suite
By Bad Sector Labs: A collection of tools to turn trusted open-source and commercial Blue Team/Sysadmin products into traitorware to achieve offensive security goals. Examples include: using Splunk native features to act as a full-blown Command and Control framework, and an osquery extension to execute binaries, shell commands, unmodified Cobalt Strike BOFs, and C# assemblies in memory

The EDR Telemetry Project
By Kostas Tsialemis: A comprehensive resource for comparing Endpoint Detection and Response (EDR) telemetry capabilities across multiple platforms. It currently has a nicely detailed feature breakdown table for Windows across Carbon Black, Cortex XDR, CrowdStrike, Elastic, Sentinel One, and more.

Red Team

mandiant/gocrack
A management frontend for password cracking tools written in Go, by Mandiant.

vxCrypt0r/Voidmaw
By vxCrypt0r: A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders implemented by C2 beacons) or other problematic executables that will be flagged by the antimalware programs (such as mimikatz).

AI + Security

Google’s OSS-Fuzz-Gen, which uses LLMs to generate fuzzing harnesses, found an out-of-bounds read in OpenSSL 🤯 

Applying LLMs & GenAI to Cyber Security
Round-up of useful links by Dylan Williams across useful blogs, academic papers, YouTube channels, building with LLM tools, and more.

Twitter thread: LLMs for security
Thread by Alex Plaskett calling out a number of relevant papers, tools, and blog posts.

Turning AWS Documentation into Gold: AI-Assisted Security Research
SecurityRunners’ Jonathan Walker describes scraping and analyzing AWS’ documentation (>150K pages, ~4GB of text) for security research, using ripgrep for local searches and AWS Bedrock embeddings for AI-assisted search. Interesting findings included >100 publicly listable buckets, reserved S3 bucket prefixes, and historical AWS console screenshots.

protectai/vulnhuntr
By ProjectAI’s Dan McInerney and Marcello Salvati: A tool to identify vulnerabilities using LLMs and static code analysis. Basically Vulnhuntr does an initial pass to identify entrypoints (e.g. routes) and potentially interesting code to analyze, then it has a series of vulnerability class-specific prompts (local file include, RCE, XSS, SQLi, SSRF, …), uses Jedi to resolve symbols (e.g. a Python-specific library for “show me the implementation of this function or class”), and then concatenates the target code + context from Jedi + vulnerability-specific prompt → potential issues.

💡 “…goes far beyond what traditional static code analysis tools are capable of performing.” Call me old fashioned, but I like to back up strong claims with data and benchmarks 🤷 

ortegaalfredo/autokaker
By Alfredo Ortega: A tool that uses LLMs to detect buffer overflows, integer overflows, or format string vulnerabilities in C code and attempts to patch them. See the doc/ folder for slides and a whitepaper for Alfredo’s Off-by-One 2024 presentation (video) on “AI-Powered Bug Hunting Evolution and benchmarking", or this VS Code extension version.

See also crashbench for a benchmark to measure bug finding and reporting capabilities of LLMs, currently consisting of 30 test cases from Gera’s Advanced Buffer Overflow exercises and 3 test cases from real vulnerabilities.

AI

Video scraping: extracting JSON data from a 35 second screen capture for less than 1/10th of a cent
Neat demo by Simon Willison: basically he recorded his screen browsing through a bunch of emails in Gmail, and then used Google Gemini 1.5 Flash to extract date and dollar amount information as JSON. Since it’s a human navigating, this method works for any visible screen content, bypassing authentication and anti-scraping measures.

Introducing computer use, a new Claude 3.5 Sonnet, and Claude 3.5 Haiku
Claude can now directly interact with your computer to perform tasks. Neat demo videos including auto-filling out a CRM and coding a website... using Claude.ai's web app 🤯 Announcement thread. That is, you can give Claude instructions and it can look at your screen, move the cursor, click buttons, type text, open the apps it needs, navigate using your browser, etc.

The upgraded Claude 3.5 Sonnet delivers across-the-board improvements, with significant gains in coding, and Claude 3.5 Haiku matches the performance of Claude 3 Opus, their prior largest model.

Misc

"Accomplishment is the opiate for those who don't play with real drugs." - A friend’s response to last week’s intro.

✉️ Wrapping Up

Have questions, comments, or feedback? Just reply directly, I’d love to hear from you.

If you find this newsletter useful and know other people who would too, I'd really appreciate if you'd forward it to them 🙏

Thanks for reading!

Cheers,
Clint
@clintgibler