Keeping up with Icinga Web Permissions and Restrictions
This blogpost is a followup to the blogpost Icinga Web permissions and restrictions (how do they work, examples). These two additions provide flexibility to manage web access control..
This blogpost is a followup to the blogpost Icinga Web permissions and restrictions (how do they work, examples). These two additions provide flexibility to manage web access control..
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week let’s go back to security basics with password hygiene—the simplest, and yet often overlooked step in account security. Passwords have been the bane of many internet users since the inception of the world wide web.
On March 9, 2021, Verkada, a software company that specializes in making security cameras for monitoring physical access control, was subject to a security hack. Hackers gained access to the video feed of at least 15 thousand cameras deployed across various locations and exposed the inner workings of hospitals, clinics, and mental health institutions; banks; police departments; prisons; schools; and companies like Tesla and Cloudflare.
In my last post we looked at the structure of AWS IAM policies and looked at an example of a policy that was too broad. Let's look at a few more examples to explore how broad permissions can lead to security concerns. By far the most common form of broad permissions occurs when policies are scoped to a service but not to specific actions.
The Splunk Threat Research Team recently developed an analytic story to help security operations center (SOC) analysts detect adversaries attempting to escalate their privileges and gain elevated access to Amazon Web Services (AWS) resources. In this blog, we’ll walk you through an AWS privilege escalation analytic story, demonstrate how we simulated these attacks using Atomic Red Team, collect and analyze the AWS cloudtrail logs, and highlight a few detections from the March 2021 releases.
One of the most powerful aspects of AWS is their Identity and Access Management (IAM) service. The obvious aspect of its power is that it controls who can do what with all the resources inside your AWS account. But the non-obvious side is how configurable it is. You can encode permissions that are so finely grained that a Lambda Function could, for example, be given just enough permissions to be able to read one attribute from one record for the current user of a DynamoDB Table.
Since the start of the COVID-19 pandemic, identity management has taken center stage as the key enterprise security practice for enabling remote workforces while protecting company data and IT services.