Skip to Main Content

Get a FREE Cloud Compromise Assessment

Are you compromised?

blog-aws-console-login-watering-hole-card

blog-aws-console-login-watering-hole-card

Ian

Ian Ahl

31 Jan 2023

Gather Round the Watering Hole, We have a story to tell

Watering hole phishing attack targeted at users of AWS Management Console via Google ads!

READ MORE

blog-aws-ses-pionage-detecting-ses-abuse

blog-aws-ses-pionage-detecting-ses-abuse

Nathan Eades

12 Jan 2023

SES-pionage

What do attackers do with exposed AWS access keys? We look inside AWS SES to give deeper insights into the service, why & how its targeted and how to detect it.

READ MORE

blog-cloud-cred-harvesting-campaign-grinch

blog-cloud-cred-harvesting-campaign-grinch

Ian

Ian Ahl

29 Dec 2022

Cloud Cred Harvesting Campaign - Grinch Edition

The Grinch targets Jupyter this Christmas with a cloud cred harvesting campaign.

READ MORE

blog-aws-logging-enhancement-card

blog-aws-logging-enhancement-card

Ian

Nathan Eades & Ian Ahl

25 Oct 2022

AWS Enhancements to UpdateLoginProfile and CreateLoginProfile logging

Logging by cloud providers and identity providers sometimes does not contain the level of detail needed for detections. We found a case in AWS when a login profile is created or updated without the reset password flag set to true.

READ MORE

blog-password-spray-enters-okta-gon

blog-password-spray-enters-okta-gon

Ian

Ian Ahl

16 Sep 2022

Password spray enters the Okta-gon

Identity Providers (IDPs), like Okta have always been a juicy target for threat actors of all skill levels. Permiso identified a large Okta password spraying campaign that took place in late August.

READ MORE

paginate first page

paginate first page

previous page

previous page

123

next page

next page

paginate last page

paginate last page