3Stop worrying about 'allowPrivilegeEscalation' (opens in new tab)(blog.christophetd.fr)5christophetd2y ago0Save
4Amazon ECS is the new EC2 for crypto mining (opens in new tab)(securitylabs.datadoghq.com)1christophetd2y ago0Save
5Partial bypass of the login rate limiting in the AWS Console (opens in new tab)(securitylabs.datadoghq.com)2christophetd3y ago0Save
7Investigating a backdoored PyPI package targeting FastAPI applications (opens in new tab)(securitylabs.datadoghq.com)12christophetd3y ago0Save
8Identify malicious PyPI packages using static analysis and metadata heuristics (opens in new tab)(github.com)GitHub2christophetd3y ago0Save
9Demystifying the OpenSSL punycode vulnerability and exploitation walk-through (opens in new tab)(securitylabs.datadoghq.com)3christophetd3y ago0Save
10Using the Dirty Pipe Vulnerability to Break Out from Containers (opens in new tab)(datadoghq.com)2christophetd4y ago0Save
11"Stratus Red Team", an open-source adversary emulation tool for the cloud (opens in new tab)(github.com)GitHub2christophetd4y ago0Save
12Using Twitter to notify careless developers – the unorthodox way (opens in new tab)(incognitatech.medium.com)5christophetd4y ago2Save
13Cloud Security Breaches and Vulnerabilities: 2021 in Review (opens in new tab)(blog.christophetd.fr)8christophetd4y ago0Save
14GitHub taking down tools allowing defenders to reproduce the Log4j vulnerability (opens in new tab)(twitter.com)212christophetd4y ago94Save
15A one-pager for AWS announcements at re:Invent 2021 (opens in new tab)(github.com)GitHub4christophetd4y ago0Save
