[tl;dr sec] #279 – Security for High Velocity Engineering, Cloud Incident Readiness, AI-powered Malware Implants

I’m absolutely thrilled to share a new guest post from my friend Jason Chan.

Jason was the VP of InfoSec at Netlix for many years, and if you’ve ever heard of the “Paved Road” or secure-by-default approach, he and his team have been giving talks about it for over a decade.

If you want to build a highly effective security program that improves developer productivity AND security, read this.

• Strategy: Aligning with developer experience, focusing on high leverage investments.

• Execution: Understanding your environment and context, building a Paved Road, the two dimensions of a Paved Road (how wide / how smooth).

• And more!

P.S. If you’re in the San Francisco Bay Area and want to watch the new Mission Impossible: The Final Reckoning movie before it’s publicly released, Semgrep is doing a free private screening on May 21st.

Security teams lack control over AI use because they can’t see what users are entering into prompts or where that data is going. They’re forced to rely on rigid “AI app” categories, even as AI spreads across the SaaS stack. 

And when they turn on DLP, it creates too much noise and too much friction for the user. 

There is a better way. Harmonic gives you real time visibility and control. It runs in the browser, understands context, and flags risky behavior to the user in real time. 

No noise. No guesswork. Just policy enforcement that actually works.

10 Burp Extensions Tib3rius actually uses
A few of these I’d heard of, a few were new, love it. Lots of focus on AuthN/Authz. Including: Authentication Token Obtain and Replace (ATOR), SAML Raider, Extensibility Helper, Hunt Scanner, TokenJar, GAP, Server-Side Prototype Pollution Scanner, …

• Always do extra testing of functionality that generates PDF invoices with dynamic content as it can lead to vulnerabilities like SSRF, local file read, leaking internal data, executing JS if enabled in the browser.

• Including unnecessary metadata in PDFs, images, and documents can help attackers: in this case leaking the specific library and version being used for PDF generation helped significantly with exploiting the issue locally.

• The library API used to do HTML → PDF has an option that can deny local file access and disable the JavaScript engine, but it’s not set by default  

Understand LUCR-3 (Scattered Spider) and how they are infiltrating cloud environments of some of the largest enterprises in the world as Ian Ahl, SVP of P0 Labs walks through many of the Scattered Spider’s TTPs. Sign up for this private, complimentary session to learn:

• How LUCR-3 executes extortion campaigns via data theft of intellectual property 

• The playbook of how this threat actor group is operating in the cloud (Iaas/Saas/IDP/CI-CD) and what TTPs to look for in your environment 

• Actionable steps you can take to prevent breaches or know about them as quickly as possible

Seems like LUCR-3 has hit a lot of companies, great to hear more about their TTPs and preventing IP theft in general  

Tales from the cloud trenches: The Attacker doth persist too much, methinks
Datadog’s Martin McCloskey describes multiple novel AWS attack techniques observed during a real-world incident involving a leaked long-term AWS access key. These include creating “persistence-as-a-service” via Lambda and API Gateway (external HTTP request → dynamically create further malicious IAM users), disabling trusted access for organization-level services, and persistence through AWS Identity Center (AWS SSO). The post ends with a list of detection ideas for this type of activity.

Securing a SaaS Company’s AWS Environment After a Breach
Chandrapal Badshah describes an AWS breach at a SaaS company where an attacker gained admin access to staging and production accounts through leaked IAM credentials. The post covers what led to the incident, attacker tactics, and how better security controls could have hindered the attacker. Not necessarily totally new info, but it’s a nice case study + tactical, actionable bullets of things to keep in mind or do.

Shout-out to the Wiz research team: they’ve created several free educational CTFs over the years. These take a non trivial amount of work to create, so it’s awesome that they share them with the community for free. I’d love to see more companies doing this (Obviously PortSwigger’s Web Security Academy is also great.)

EKS vs. GKE – Security
Jason Umiker compares security features of AWS EKS and GCP GKE across key areas like identity management, network firewalling, configuration/posture management, vulnerability/supply chain management, and runtime threat detection. Excellently detailed post  

Understanding the threat landscape for Kubernetes and containerized assets
Microsoft Threat Intelligence describes six primary threats in Kubernetes environments, including compromised accounts (e.g. cloud credentials), vulnerable or misconfigured images, environment misconfigurations, app-level attacks, node-level attacks, and unauthorized traffic. The post provides a case study of a password spray attack leading to cryptomining, and offers best practices and guidance of each of the threat categories. Nice overview  

This is smart: releasing OSS tools to help (potential) customers auto-migrate to using your platform. Reducing adoption friction and time to value  

Whatever Wiz engineers are taking to ship so fast, I’ll take two, right into my veins.

This is a great example of productizing internal security work- “we want to deploy hardened containers for our platform to keep our customers secure” → WizOS customers can benefit from this work.

Will Wiz be able to build out high quality products in most or all areas of security, becoming a Palo Alto-esque platform? Will the Google acquisition slow their velocity, as the 100 hour work weeks are replaced by Mediterranean cruises on their mega yachts? Tune in next time on CNAPP’s Inferno Season 4.

Open-source toolset of an Ivanti CSA attacker
Synacktiv CSIRT was recently in charge of different forensic investigations where the root cause was a vulnerable Ivanti Cloud Services Appliance (CSA) exposed to the Internet. Maxence Fossat describes three open source tools used by the threat actors: suo5 and iox to tunnel traffic to and from the internal network, and atexec-pro to execute code remotely. The post discusses the core capabilities of each tool and shares YARA and Sigma detection rules for each.

• Known initial access vectors (n-9,891) = 22% credential abuse, 20% exploitation of vulnerabilities (edge devices and VPNs, grew almost 8x from last year), 16% phishing.

• 37% ransomware increase from last year’s report. 64% of the victim orgs didn’t pay, up from 50% two years ago.

• 60% of breaches involved a human element, 30% of breaches involved a third party, 17% of breaches were espionage motivated.

• ….and lots more!

itaymigdal/PowerDodder
By Itay Migdal: A post-exploitation persistence utility designed to stealthily embed execution commands into existing script files (.ps1, .bat,.cmd, .vbs, .js) on the host. By leveraging files that are frequently accessed but rarely modified, it targets high-likelihood execution vectors with minimal detection risk.

How I ruined my vacation by reverse engineering WSC
es3n1n describes the journey of implementing defendnot, a tool that disables Windows Defender by using the Windows Security Center (WSC) service API directly. The project involved reverse engineering WSC, overcoming challenges like process protection level (PPL) and signature validation, and more. The final tool successfully registers a fake antivirus to disable Defender without using third-party AV code.

The Vulnerable MCP Project
By Vineeth Sai: A community-maintained database of known vulnerabilities, limitations, and security concerns with the Model Context Protocol (MCP). Search or filter by security vulnerabilities, implementation challenges, protocol limitations, and severity.

mbhatt1/PhantomPipe
By Manish Bhatt: A proof‑of‑concept C2 framework that uses Server‑Sent Events (SSE) and the MCP protocol for agent registration, command dispatch, and result collection. By tunneling through ngrok, you can quickly expose your C2 server to the public internet for rapid testing and demonstration.

Talk To Your Malware – Integrating AI Capability in an Open-Source C2 Agent
GoSecure’s jdi describes integrating AI into malware implants, allowing operators to issue natural language commands that are translated into executable code on-the-fly (“Scan every user’s home folder and pack any office file under 2MB inside a single archive located in C:/test/output.zip“) using OpenAI. The Python and C# proof-of-concepts integrating the approach into Mythic C2’s Medusa agent are in this GitHub repo.

What’s cool about this approach is a) you don’t need to create all of the implant functionality you’d want ahead of time, you can do it JIT, b) it may be harder to create signatures for due to different code being generated each time, and c) you can include obfuscation commands in the prompt to make the code harder to reverse (e.g. “all variable names should be one or two characters”).

This is super neat, but I bet there’s a fair amount of engineering required to “productionize” this approach, for example: the first version of the generated code may crash or not work and need to be fixed, will the generated code be much noisier from a detection point of view than code written by senior red teamer, etc.

Nathan Barry on Regret Minimization: “If you knew for sure you couldn’t accomplish all of your goals, which would you most regret not achieving in the next 5-10 years?”

• John Oliver on RFK Jr. and cuts being made to public health agencies

• We have reached the “severed fingers and abductions” stage of the crypto revolution – Yikes, apparently there have been a number of kidnappings of family members of people with $$ cryptocurrency wallets. Severed fingers, people rescued from the trunks of cars after being doused with gasoline. One Belgian man’s wife was the victim of an attempted abduction within weeks of him posting online that his crypto wallet was worth €1.6M.

• Rogue communication devices found in Chinese solar power inverters – “Rogue communication devices not listed in product documents have been found in some Chinese solar power inverters” and “Over the past nine months, undocumented communication devices, including cellular radios, have also been found in some batteries from multiple Chinese suppliers.”

  • “Using the rogue communication devices to skirt firewalls and switch off inverters remotely, or change their settings, could destabilise power grids, damage energy infrastructure, and trigger widespread blackouts, experts said.”

  • “In November, solar power inverters in the U.S. and elsewhere were disabled from China.”

Have questions, comments, or feedback? Just reply directly, I’d love to hear from you.

If you find this newsletter useful and know other people who would too, I’d really appreciate if you’d forward it to them