Olivia
Online
Hacking the Cloud
@HackingthCloud
The official Twitter account for Hacking the Cloud, the open-source encyclopedia of offensive security techniques in the cloud. Created by @frichette_n
Your Cloud
Joined February 2024
1 Following
244 Followers
114 Posts
The location for AWS’s in-development European Sovereign Cloud (Berlin) is also a hotbed for Luddite action. Fault tolerance there will be extra spicy, especially for a single region partition. https://t.co/DuKXoYeAG8
The 2025 Hacking the Cloud: Year in Review is out! We take a look at the growing tide of software supply chain attacks, discuss the most critical cloud vuln discovered to date, and share some stats for the site!
https://t.co/yBAwqrWSVt
We’re off to a great start with macOS telemetry. Big thanks to @OliviaGalluccii for kicking things off and leading the initial work to bring macOS into the EDR Telemetry Project next year.
She opened the first PR defining macOS telemetry categories and rationale.
Now is the time to share your thoughts, as we’re actively deciding which events and telemetry make it into this first and most important iteration of macOS support!
https://t.co/eU4QzPiiYa
New on @HackingthCloud, did you know that attackers can prevent you from kicking them out of your environment in certain situations? @saw_your_packet shares his research on how attackers can nullify containment attempts!
https://t.co/vGExpwbQPR
I think isof used a location designator other than an airport? 🤔 ALE airport is in Alpine, TX. That's a remote place to put an AWS partition. There's no military base and barely any population. The domain for the endpoints is https://t.co/Zrxd26EWEC
😈 Copilot Studio agents are great for users... and attackers! Check out our deep-dive on why you should be careful to trust unknown agents, plus background on upcoming app consent changes that will help prevent our demo scenario.
https://t.co/fvsL9VoJgL
Watch the talk here:
https://t.co/0Pee5JJf4R
#OBTS
Great write up from the @The_Cyber_News on our latest open-source tool, #Inboxfuscation, in their newsletter today.
"A new open-source tool named Inboxfuscation can create malicious inbox rules in Microsoft Exchange that are difficult for security tools to detect. Developed by security firm Permiso, the tool uses Unicode-based obfuscation to hide keywords in rules, allowing attackers to maintain persistence and exfiltrate data from compromised mailboxes. This technique can substitute standard characters with visually identical Unicode variants, making the rules appear harmless while functionally matching sensitive terms. While these specific obfuscation methods have not yet been observed in active attacks, their development exposes a critical blind spot in email security postures."
https://t.co/BvUqH8TLeA
New on @HackingthCloud! A great post by Federico Lucini on bypassing AWS Network Firewall egress filtering!
https://t.co/8BlpOYy7Ip
Cloud attackers keep evolving. So should defenses.
Enumeration through AWS Resource Explorer used to be invisible. Not anymore.
Breakdown from @datadoghq: https://t.co/boMpgNacrp
It’s a month and a half away but I’m already super excited for @fwdcloudsec EU! If you’ll be there in Berlin, come find me for limited edition, holographic, @HackingthCloud stickers!
Safe travels to everyone coming to @fwdcloudsec! It’s the densest concentration of cloud security nerds in the world!
There is a lot wrong with what happened here, but I’ll complain about the parts in my wheel house. Exposing access keys via an API?! Having logs go to a bucket that could be claimed by anyone?! AHHHH We still have so far to go with cloud security.
https://t.co/nqo9o8acjZ
If you're heading to fwd:cloudsec in a few weeks, we are teaming up with our friends at @tamnoon_io to host Arcade & Apps. What's better than pizza and arcade games after a long day of conferencing?
Space is limited, so reserve your spot by signing up!
https://t.co/pp6tNtBeer
If you're looking for a sts:GetCallerIdentity replacement that doesn't log to CloudTrail, I've added a few more APIs that don't log and don't have support for additional logging with Data events. Perfect for a quiet `whoami` in the AWS control plane.
https://t.co/7NtbKGCE3e
Why does AWS Amplify not use CodeConnections? The latter is a nice way to set up integration with GitHub once and share it across a whole org - except for Amplify 🫠
Is it due to Amplify having extra functionality, maybe?
A little over a year ago I published research on how you could leverage non-production AWS API endpoints to enumerate permissions without logging to CloudTrail. A year later...I'm still finding them. Red Teamers, these can be super useful and really up your game!
🤩 I just came across this fascinating talk by @Frichette_n at fwd:cloudsec: “Hidden Among the Cloud: A Look at Undocumented AWS APIs.” https://t.co/vjxCVe7RYC
Last Seen Users on Sotwe
tekbayanlar-O5O15492972
Seen from Turkey
LinaQuennn
Seen from Austria
Village desi girl
Seen from India
Oliver Muhl 
Seen from Germany
هنادي💓
Seen from Qatar
c0cksckr
Seen from France
BabyKxtten🌟
Seen from United Kingdom
STW tobrut
Seen from Indonesia
باكستاني الرياض
Seen from Italy
Migo
Seen from Saudi Arabia
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.7M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers