Olivia
Online
Michael Cherny
@chernymi
Programmer, Security Researcher, Architect, Tech enthusiast, now Chief Architect @aquasecteam
Joined May 2012
219 Following
321 Followers
184 Posts
We've recently launched VEX Hub, and today we have its first contribution from @Rancher_Labs! Now Trivy users who scan Rancher projects (k3s, longhorn, harvester, etc) will get the most accurate vulnerability reports, post Rancher team's vulnerability triage. Additionally >>
Exciting news! Tracee's new version v0.13.0 is here, and it brings a brand new user experience through policies. With policies, you can easily define rules for specific workloads. Check out the release notes for more info! https://t.co/sKFvXRSjm5 #Tracee #eBPF #RuntimeSecurity
Big thanks to Hyrum Anderson for closing out the awesome first day of BlueHat IL with his talk on the unmanaged risks of chatbots, GPT-4, and more.
The amazing Benny Zeltser & Jonathan Lusky hopped from ring 3 into ring -2 and back, just in time to tell us how.
Who to follow
Duo Security
@duosec
Duo flips the script on identity with security-first IAM that attackers hate and users love.
Xavier Mertens @[email protected] 🇧🇪
@xme
Freelance | Blogger | SANS ISC Handler | FOR610/FOR710 Instructor | BruCON co-organizer | BlueTeam | DFIR | MTB | PGP: 0xEB583912514B3E1F | Tweets are mine!
Tal Be'ery 
@TalBeerySec
Security Research Manager.
Co-Founder, CTO @ZenGo.
Advisor @ZeroNetworks.
x-VP Research Aorato, acq by @Microsoft.
10 times @BlackHatEvents speaker.
I am really not sure why that *truely* a surprise. We should be sad, but actually this is one of those “not again!!!” sort of things…
*screaming in cloud security* https://t.co/rjPV81wYxT
Well structured and easy to understand. Like when potentially complicated subject is made approachable.
mmap() is a tremendously important Linux syscall. Many open-source and in-house databases and KV storages use it internally to simplify data access. That's why it's so essential for SREs to understand its interaction with Page Cache: https://t.co/SaLhniuPpK
New cloud security research! We found a vulnerability in AWS AppSync that allowed us to trick the AppSync service to assume roles in other accounts, allowing us to access their resources. https://t.co/cu27TJCN7R
My awesome colleague @Frichette_n has found a cross-tenant vulnerability in AWS AppSync, allowing an attacker to access data in victim's accounts.
Write-up: https://t.co/ddIvV0Fvyu
AWS security bulletin: https://t.co/O1qk8RTYj1
Cooperation is a key. Very much agree. Truly hope that In the open source age it can actually happen. So much redundant work is done over the years by security industry to overcome “traceability” shortcomings of vendors.
New startups are developing eBPF as a "zero instrumentation" observability/APM solution. Trace plaintext HTTP/gRPC/etc. across your site calls without code changes (zero added instrumentation). Currently via uprobe hacking. 1/n
@bradgeesaman Thank you for that. My whole family was amused 😁
In case you missed it, @exploitph and @4ndr3w6S just released some _awesome_ work that just landed into Rubeus' master branch- "Diamond Tickets"! Check out more details at https://t.co/02Pw2ygXzU. Great work Charlie and Andrew!!
So, that’s a fun conversation to read…
I just want to point out to
@fatherlinux
- I was right. I KNEW this would happen at some point. Mixing and matching FUD and kernel issues unrelated to your point has always been begging for trouble.
Some tips on crafting your submission to KubeCon / CloudNativeCon, from my perspective as a previous program committee member reading them:
0. No sales pitches. We eject them first. You waste a little of my time and a lot of your time even typing one in.
I wrote up some thoughts around using stolen IAM credentials. This covers how to check if they are valid, how to use them, and covers some operational security concerns along with some potential tips for defenders to detect shady activity.
https://t.co/KpaOTNENfe
Well that was a very difficult but fun exploit to write. We've reported to Linux and will do a write-up soon (@pqlqpql and myself). Details redacted since it's not patched yet.
If it's useful for anyone, I'm making my AWS API client public. This is what I used to uncover two XSS vulns in the AWS Console and is based off the silent permission enumeration research I did a while ago. I have to stress it is VERY hacky software. https://t.co/dEOkP949bf
Tremendous news everyone (in offsec)! There's a bypass for the new GuardDuty InstanceCredentialExfiltration finding! It's via VPC endpoints! (I caution this is with limited testing)
So much fun this morning, a @Microsoft signed #mimikatz
Thank you @jxy__s for your research and a such beautiful code
Now, will wait for people to understand that the "source file" can be really another thing than a file on the disk
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.6M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.8M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers