New Vulnerability “LeakyCLI” Leaks AWS and Google Cloud Credentials

By Waqas
A critical vulnerability named LeakyCLI exposes sensitive cloud credentials from popular tools used with AWS and Google Cloud. This poses a major risk for developers, showing the need for strong security practices. Learn how to mitigate LeakyC… Continue reading New Vulnerability “LeakyCLI” Leaks AWS and Google Cloud Credentials

AWS IoT – Use a temporary certificate created at build time to authenticate a device for self-enrolment

Let’s say we produce IoT devices and want them to access AWS IoT Core.
The best solution is something like: every device has a (unique) private key and a public X.509 certificate signed by a valid Certification Authority.
This way, the dev… Continue reading AWS IoT – Use a temporary certificate created at build time to authenticate a device for self-enrolment

CloudGrappler: Open-source tool detects activity in cloud environments

CloudGrappler is an open-source tool designed to assist security teams in identifying threat actors within their AWS and Azure environments. The tool, built on the foundation of Cado Security’s cloudgrep project, offers enhanced detection capabilities … Continue reading CloudGrappler: Open-source tool detects activity in cloud environments

Telstra Among APAC Telcos Seeking Innovation, Resilience and Growth in 2024

Telcos in the Asia-Pacific are fighting hard to boost revenue from 5G networks and cut costs from operations. AI is playing a role, as are cloud providers like Amazon Web Services. Continue reading Telstra Among APAC Telcos Seeking Innovation, Resilience and Growth in 2024