Security Research and Advocacy @ Datadog. Former Principal and Cloud Penetration Testing lead @BishopFox. I like to build, break, learn, and share. 
CloudFox, CloudFoxable, BadPods, IAM Vulnerablehttps://bsky.app/profile/sethsec.bsky.socialhttps://bsky.app/profile/sethsec.bsky.social/post/3lhyncrz4vs2yI’m excited to share our research on the “whoAMI” attack. We discovered that AWS customers pulling AMI IDs insecurely could accidentally use malicious images instead of the legitimate ones— leading to remote code execution. https://securitylabs.datadoghq.com/articles/whoami-a-cloud-image-name-confusion-attack/12 Feb 2025 16:56 +0000at://did:plc:ebvszruszuar55jfkinjwj2s/app.bsky.feed.post/3lhyncrz4vs2yhttps://bsky.app/profile/sethsec.bsky.social/post/3lbkqbiopu22bThe November edition of the Datadog Security Digest is live! https://securitylabs.datadoghq.com/newsletters/november-2024/ Featuring: - Exploring Google Cloud default service accounts: deep dive and real-world adoption trends by Christophe Tafani-Dereeper 🧵(1/3)22 Nov 2024 19:40 +0000at://did:plc:ebvszruszuar55jfkinjwj2s/app.bsky.feed.post/3lbkqbiopu22b