[tl;dr sec] #287 – fwd:cloudsec Talk Recordings, How Figma Only Runs Approved Software, Auditing Code with AI

The past few weeks of using Claude Code have been some of the most fun I’ve ever had coding.

Claude Code still makes mistakes sometimes or over excitedly writes like 200 lines of Python that could be 20, but overall it’s made me 5x-10x faster at prototyping (disclaimer: I’m a “works on my machine” level programmer by default).

It’s been a delight describing what I want then mostly letting it go while I periodically check in as I prep food, do chores, or in between lifting sets  

With the GitHub Action installed, I’ve also iterated on features or design docs via Issues or PRs on my phone while I’m on public transport. Very cool.

I’ve been including a number of resources I’ve found useful in this newsletter, I’ll try to write a post putting everything in one place at some point.

Malicious AI innovation is accelerating. See how adversaries are scaling attacks with AI—and how defenders are fighting back.

In this guide, you’ll learn how to:

• Track how adversaries are operationalizing AI tools—from jailbroken LLMs to deepfake-as-a-service.

• Build AI-enhanced workflows that improve signal detection, speed up analysis, and sharpen investigations.

• Avoid common AI pitfalls: automation overreach, blind trust in models, and losing human context.

anvilsecure/pqcscan
By Anvil Secure: A small utility, written in Rust, that allows users to scan SSH and TLS servers for their stated support of Post-Quantum Cryptography algorithms.

hazcod/shade
By Niels Hofmans: A system for detecting shadow SaaS and insecure credentials (checks Have I Been Pwned) via a browser extension deployed to your company’s browsers.

Unexpected security footguns in Go’s parsers
Trail of Bits’ Vasco Franco explores unexpected behaviors in Go’s JSON, XML, and YAML parsers that can lead to security vulnerabilities, including: misuse of the “-” tag allowing unintended field (un)marshaling, case-insensitive key matching in JSON, and parser differentials when processing the same input across services. The post provides concrete examples, Semgrep rules for detection, and recommends using DisallowUnknownFields, implementing custom strict parsing, and watching for JSON v2 which addresses many issues.

Authentication isn’t just login. It’s building secure flows, managing sessions, handling tokens, supporting SSO, and protecting user data. AuthKit gives you a fully hosted, customizable UI for sign-up, MFA, password resets, and seamless SSO. Production-ready from day one.

But authentication alone doesn’t stop abuse. WorkOS Radar adds real-time threat prevention: blocking bots, stopping brute force attempts, and catching free trial abuse. Built-in defenses activate instantly without custom scripts or logic.

Authentication and session management are easy to make mistakes implementing, and blocking bots is a pain, nice to not have to deal with that  

inayathulla/cloudrift
By Inayathulla Lavani: An open-source cloud drift detection tool that helps you identify when your cloud infrastructure no longer matches your Infrastructure-as-Code, before it causes a security or compliance incident.

Stealthy Persistence in AWS – A Practical Simulation for Defenders
Sergio Jimenez shares a step-by-step guide to simulate a recently discussed stealthy AWS persistence technique (H/T Eduard Agavriloae and Martin McCloskey) using API Gateway and Lambda for credential exfiltration. The attack leverages Lambda versioning to hide malicious code, with a “benign” $LATEST version and a separate “backdoored” version explicitly invoked. The post offers a number of defense and detection recommendations, including looking for invocations of old or “inactive” versions of Lambdas.

Security tool acronyms: cloud-native application protection platform (CNAPP), cloud detection and response (CDR), cloud infrastructure entitlement management (CIEM), data security posture management (DSPM), privileged access management (PAM), and more.

Every time a new security vendor acronym is created, a fairy loses its wings, I take a drink, and someone at Gartner probably gets promoted.

Prevent lateral movement and privilege escalation by enforcing custom access zones in cloud, on-premises, or hybrid environments. 

Privilege Zones extend BloodHound’s attack path analysis and remediation capabilities beyond the traditional Tier Zero focus, so teams define custom security boundaries and enforce least privilege access across their environment.

Taking SHELLTER: a commercial evasion framework abused in-the-wild
Elastic Security Labs describes how the commercial AV/EDR evasion framework SHELLTER is being used by threat actors to deploy infostealers. The post provides an in-depth technical analysis of SHELLTER’s evasion capabilities, including polymorphic junk code, API unhooking, payload encryption, advanced VM/sandbox detection, and more. Elastic also released a dynamic unpacker tool for SHELLTER-protected binaries and YARA rules.

Detection Field Manual #2 – What are Detection Rules?
Zack Allen explains how detection rules allow detection engineers to encapsulate their threat knowledge and expertise and scale it by encoding it into search queries against SIEM-indexed logs. SIEMs ingest logs from assets (e.g. laptops, servers), and then detection rules can execute on a fixed schedule (e.g., every 5 or 30 minutes) or in near real-time as logs are ingested.

• Using file access authorization (FAA) to restrict access to specific files (e.g. browser cookies), ensuring that only approved applications or processes can interact with them.

• They initially ran Santa in monitoring mode to build a data-driven ruleset of what employees were currently running, then did a staged rollout.

• Using SigningID and TeamID rules, which leverage Apple’s developer certificates, to identify trusted applications and publishers (e.g., Zoom, Slack, Chrome, Notion, and GitHub).

• Compiler rules: To cover locally built binaries, ensuring developers could work uninterrupted.

• Package rules: They created a custom Package Rule system that dynamically generates Binary (SHA-256) rules for packages from official sources like Homebrew or GitHub.

• A Slack-based self-service approval process.

Yeeb1/SockTail
By Yeeb: A lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephemeral access into restricted environments using Tailscale’s embedded client (tsnet). Zero config, no daemon, no persistence

Beacon Object Files – Five Years On…
Raphael Mudge describes the history and design decisions behind Beacon Object Files (BOFs), a technique he created in 2019 to address post-exploitation challenges in Cobalt Strike. He explains how BOFs allow running external capabilities within Beacon without fork&run or memory-injected DLLs, and reflects on BOFs’ strengths (simplicity, small size), limitations (uninitialized globals, single-file format), and suggests potential future improvements like a module browser UI.

Abusing Chrome Remote Desktop on Red Team Operations: A Practical Guide
TrustedSec’s Oddvar Moe describes how to abuse Chrome Remote Desktop for red team operations, detailing the installation process and an undocumented parameter (–pin=111111) to bypass GUI-based PIN setup. The technique requires local admin access to install the MSI installer. Defenders can use AppLocker to prevent unauthorized installations and look for “Chrome Remote Desktop Host” in installed applications.

fraim-dev/fraim
A flexible framework for security teams to build and deploy AI-powered workflows that complement their existing security operations. Fraim has a workflow engine for orchestrating AI agents and tools, supports multiple AI providers, can integrate tools (e.g. existing security tools), input connectors for git repos, file systems, and APIs, and can output JSON, SARIF, and HTML.

It comes with pre-built workflows for analyzing source code for vulnerabilities and analyzing infrastructure as code files for security misconfigurations or compliance violations.

>Instead of saying “we cannot ensure that no harmful sequences will be generated by our function, partially because we don’t know how to specify and enumerate harmful sequences”, we talk about “behaviors”, “ethical constraints”, and “harmful actions in pursuit of their goals”.

RepoAudit: An Autonomous LLM-Agent for Repository-Level Code Auditing
Paper by Jinyao Guo et al introducing RepoAudit (GitHub repo, landing page), an LLM-based agent designed to perform autonomous repo-level code auditing that has agent memory and explores a codebase on demand by analyzing data-flow facts along feasible program paths, leveraging tree-sitter (through LLMSCAN) to identify and extract functions from source code, along with their metadata such as function name, line numbers, parameters, call sites, and other program constructs (e.g. branches and loops).

RepoAudit has found ~115 confirmed bugs so far, many of which seem to be functional bugs and memory leaks, some security-related: null pointer dereference, use after free, double free, buffer overflow.

I think combining LLMs + traditional program analysis and leaning into what each is good at is very promising  

Have questions, comments, or feedback? Just reply directly, I’d love to hear from you.

If you find this newsletter useful and know other people who would too, I’d really appreciate if you’d forward it to them