jcfarris

@jcfarris@infosec.exchange

Cloud Security nerd | AWS Security Hero | https://infosec.exchange/@fwdcloudsec Organizer | Warning: Snark ahead | https://infosec.exchange/@jcfarris on the bird site

This profile is from a federated server and may be incomplete. Browse more on the original instance.

jcfarris, to random

Vir. You moon-faced assassin of job.

jcfarris, to random

The Avalanche has already begin. It's too late for the pebbles to vote.

GossiTheDog, to random
@GossiTheDog@cyberplace.social avatar

deleted_by_author

    •
    jcfarris,

    @GossiTheDog No boom today. Boom Tomorrow. There is always a boom tomorrow. Cmdr Susan Ivanova.

    jcfarris,

    @GossiTheDog Zathras is finite, you are finite, this. This is wrong tool

    jcfarris, to random

    Can we all be glad that the JEDI/MSFT thing fell apart?

    Quinnypig, to random
    @Quinnypig@awscommunity.social avatar

    Broadcom continues to burn VMware to the ground for the insurance money.

    jcfarris,

    @Quinnypig it’s called the Zaslav Strategy

    jcfarris, to random

    Found this nugget in a Mandiant report from 2022 wrt Midnight Blizzard and AzureAD accounts:

    "Mandiant has begun to observe another trend where threat actors, including APT29, take advantage of the self-enrollment process for MFA in Azure Active Directory and other platforms. When an organization first enforces MFA, most platforms allow users to enroll their first MFA device at the next login. This is often the workflow chosen by organizations to roll out MFA. In Azure AD and other platform’s default configuration, there are no additional enforcements on the MFA enrollment process. In other words, anyone with knowledge of the username and password can access the account from any location and any device to enroll MFA, so long as they are the first person to do it."

    Makes sense that a "legacy test-tenant account" might have been created, but never used, so the self-enrollment of 2FA never occurred till the Russians came a knockin'.

    CLOUD HYGIENE MATTERS!!!!

    jcfarris,

    @FritzAdalis “Winter2022”

    jcfarris,

    @haroldgodwinson yeah, that seems like an oopsie that needs to lead to jail time.

    jcfarris, to random

    AWS Config is a zero-interest rate service.

    andreas, to random
    @andreas@social.cloudonaut.io avatar

    ⚠️ A major risk when using customer-managed KMS keys is that someone deletes the key, and thus, all data is encrypted with the key. How to mitigate the risk?

    1️⃣ AWS does not allow to delete keys immediately but enforces a waiting period of 7 to 30 days.
    2️⃣ Customers use key policies, IAM policies, or SCPs to restrict access to the kms:ScheduleKeyDeletion action.

    But there is another risk of losing access to a key: modifying the key policy. (1/2)

    jcfarris,

    @andreas I was having a good day till you posted that

    jerry, to random

    There is a remote possibility that it might snow tomorrow morning, and if it does, it would be a dusting, however all the school districts around me have cancelled class for tomorrow already.

    jcfarris,

    @jerry After 2014's snowmageddon, I think they're never gonna take a chance again.

    jerry, to random

    On my day off, I ran a test restore of the database backups for infosec.exchange and associated instances. The good news is that they work. The better news is that the RPO is measured in seconds. The bad news is the RTO is measured in hours.

    jcfarris,

    @jerry We can survive without our social media fix for a few hours. And if we can't, well....

    zackwhittaker, to random
    @zackwhittaker@mastodon.social avatar

    Don't forget to update your keyboards, folks.

    jcfarris,

    @zackwhittaker This is why anyone who cares about security shouldn't use a wireless keyboard!

    frichetten, to random

    Me: I'm gonna learn about AWS Amplify today! 😀

    10 minutes later: Why are the official docs telling me to create an IAM user with an access key? Especially when there is a functional workaround to use SSO 😠
    https://docs.amplify.aws/javascript/tools/cli/start/set-up-cli

    jcfarris,

    @frichetten

    Xavier, to Meme

    jcfarris,

    @Xavier Those damn EuroCrats have gone too far!!!!!

    jcfarris, to random

    It's 2023. I'm finally going to download VSCode.

    jcfarris,

    It’s two days later and I finally installed it

    jcfarris, to random

    My re:Invent roundup -
    https://www.chrisfarris.com/post/reinvent2023/

    jcfarris, to random

    Capturing this for when I'm banned from Twitter

    jcfarris, to random

    Wait! Werner acknowledged it's not Day One?!?!?1

    jcfarris, to random
    jcfarris, to random

    Amazon Q - yeah, that's the attitude I want in my GenAI

    zoph, to AWS

    💌 AWS Security Digest 141 is out!

    1️⃣ Chris's AWS pre:Invent 2023 edition (@jcfarris)
    2️⃣ New CISO of AWS: Chris Betz
    3️⃣ Scaling data access with Amazon S3 Access Grants

    jcfarris,

    @zoph Mainly because I don't ever smile. :)

    Quinnypig, to random
    @Quinnypig@awscommunity.social avatar

    Historically AWS would start with a big party called "Midnight Madness," and the First Release of re:Invent would drop at, predictably, midnight.

    That's apparently not frugal enough for the company making $92 billion a year, so these days they cancel the party and just yeeted a bunch of releases at us around noon on Sunday. This thread will highlight a few of the interesting ones for those who celebrate.

    jcfarris,

    @Quinnypig now they need to explain all that to the Config team.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • mdbf
  • ngwrru68w68
  • tester
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • InstantRegret
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • DreamBathrooms
  • megavids
  • tacticalgear
  • osvaldo12
  • normalnudes
  • cubers
  • cisconetworking
  • everett
  • GTA5RPClips
  • ethstaker
  • Leos
  • provamag3
  • anitta
  • modclub
  • lostlight
  • All magazines
    •