@CloudSecPartner profile picture
Cloud Security Partners @CloudSecPartner

Your partner for reducing modern risk.

Joined January 2020
  • Tweets 287
  • Following 128
  • Followers 239
83 Photos and videos
Cloud Security Partners retweeted
Verified Voting@VerifiedVoting
26 Mar 2025
3️⃣ Non-voting election technologies are fundamental to our elections! Senior Policy Associate Saige Draeger will take the stage with experts from @CloudSecPartner & @EnhancedVoting for a crucial conversation on "Verifying Non-Voting Election Technology." 🔍
3
3
217
Cloud Security Partners retweeted
John Poulin@forced_request
12 Feb 2025
Looking forward to giving a webinar tomorrow on Defense-in-Depth engineering. We’ll talk through four key areas to help harden our applications and systems, including real tangible examples that folks can start utilizing right away. us02web.zoom.us/webinar/regi…
1
185
Cloud Security Partners retweeted
HackGDL@HackGDL
9 Jan 2025
Michael McCabe de @CloudSecPartner nos explica como asegurar nuestra infraestructura con Terraform, incluyendo sus vulnerabilidades y las mejores prácticas para proteger los sistemas de IAC. youtu.be/OxtUkgs6JHc #HackGDL #HackGDL2025 #hacking #cybersecurity #Mexico
3
1
483
#FunFactFriday! 🌟 Did you know that you can easily set up and maintain a safe, multi-account #AWS environment with AWS Control Tower? It's like connecting with air traffic control to maintain the safety of your cloud tarmac. 🛫 ☁
231
Cloud Security Partners retweeted
Ken Johnson@cktricky
29 May 2024
If you’re in the DMV area - next week myself, @amanofwar , and others will be speaking at @CloudSecPartner “Summer Series” in Ashburn, VA. I’ll be discussing the history of AppSec, current gaps, and how AI can be leveraged to push us forward. cloudsecuritypartners.com/su…
1
3
379
#MemeMonday
2
144
Catch @mccabe615 talks tomorrow at 11 am at @hackmiami XI or 9 am on Sunday at @cackalackycon! To learn more on Remote Code Execution: How to Abuse Terraform to Elevate Access?
149
Wondering why we have been quiet recently? It's because we've been preparing something epic! We're excited to announce a 3-part summer conference series. The first event kicks off in June. For more details and to sign up, check out the link in the comments.
1
98
cloudsecuritypartners.com/su…
62
#MemeMonday
1
4
167
Want to dive into Infrastructure As Remote Code Execution: How to Abuse Terraform to Elevate Access? Catch @mccabe615 talks next week at @Hackmiami XI or @CackalackyCon! #InfrastructureAsCode #security
2
90
#mememonday
60
CISA has reported that a severe vulnerability in GitLab, CVE-2023-7028, is currently being exploited. This flaw permits malicious actors to redirect password reset emails to an email address of their choice, enabling potential account takeovers. darkreading.com/application-…

Application Security recent news | Dark Reading

Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading

darkreading.com
85
In episode 3 of Cocktails & Cloud, join @forced_request as he makes the Blue Milk of Tatooine and explores 3 key #AWS Security Group practices. Secure your cloud with the Force! #MAYTHEFORCEBEWITHYOU youtube.com/watch?v=2QfqhYs3…
56
Alex went back to Highschool today! She went to talk to the students about careers in Cybersecurity. #cybersecurity #CareerGoals
2
83
Fun fact: We have a Cocktails and Cloud episode coming your way soon!
1
45
#throwbackthursday revisit #Firebase: Google Cloud’s Evil Twin, blog post analysis of Firebase's security challenges presented by SANS. The article shows how Firebase's user-friendly interface can unintentionally expose sensitive data. sans.org/blog/firebase-googl…
38
Check out our blog on Prompt Injections in #LLMs. These #vulnerabilities arise because LLMs can't differentiate between user inputs and system prompts. We discuss existing guardrails and design strategies to mitigate these risks. blog.cloudsecuritypartners.c…
2
155
There has been an increase in attacks exploiting a command injection flaw, known as CVE-2024-3400, in the PAN-OS operating system of Palo Alto Networks' firewall. The vulnerability allows for unauthenticated code execution with elevated privileges.
1
189
Disabling telemetry is not an effective mitigation measure. Rapid7 determined that the exploit involves a secondary vulnerability outside of telemetry, an untracked vulnerability related to the GlobalProtect web server.
1
49
This is supported by GreyNoise's findings that additional vulnerabilities require an additional untracked vulnerability. Consult Palo Alto Networks' CVE guidelines for mitigation and workaround techniques. #CVE #CyberSecurity cybersecuritydive.com/news/p…

Palo Alto Networks warns firewall exploits are spreading

Attempted exploits and attacks linked to the zero-day vulnerability, which has a CVSS of 10, grew after proof of concepts were released.

cybersecuritydive.com
72
Load more