Interesting. I didn't know there was one more than region in that partition.
23.02.2026 23:04 β π 1 π 0 π¬ 1 π 0Interesting. I didn't know there was one more than region in that partition.
23.02.2026 23:04 β π 1 π 0 π¬ 1 π 0
Check out the the Call For Papers here: fwdcloudsec.org/conference/n...
13.02.2026 16:22 β π 2 π 0 π¬ 0 π 0- Practitioners! This is a conference for practitioners. Cross-tenant 0days are fun, but war stories of migrating accounts between Orgs due to M&A, migrating applications from one cloud to another, and other things practitioners do are the meat and potatoes of this conference.
13.02.2026 16:22 β π 1 π 0 π¬ 1 π 0
* How are you securing agents in the cloud?
- Some of you have multiple AWS Organizations. How are you managing an organization of Organizations?
- AI: Last year we received surprisingly few talks related to AI. π€― I know you all are using AI for all sorts of cloud security things. Let's hear about it! Examples:
* How easy was it to migrate CloudFormation to terraform, or to a different cloud, with an LLM to translate?
- Cloud concepts brought back to datacenters: For years people have turned their old existing datacenters into "clouds", but now you have people who have only ever used the cloud moving to datacenters. What did they bring with them?
13.02.2026 16:22 β π 1 π 0 π¬ 1 π 0
- Neoclouds: CoreWeave, Vercel, and other code execution as-a-service. How are you securing (or abusing) those?
- Multi-partitions: How are you leveraging both AWS standard and European Sovereign Cloud? Any unexpected gotchas in ESC or other partitions?
It pains me when I hear people say "I thought about submitting a talk to the fwd:cloudsec, but didn't because..." and the reasons are often things I actually want to see presentations on! Some talk ideas I personally want to watch (the other reviewers and I will fight βοΈ):
13.02.2026 16:22 β π 3 π 1 π¬ 1 π 0
Tickets for fwd:cloudsec North America go on sale today, in about 4 hours, at 10am PST.
fwdcloudsec.org/conference/n...
Tickets go on sale next week on Monday, Feb 9, at 10:00 a.m. PST for our North American conference happening near Seattle on June 1 and 2. An additional small batch will go on sale that evening at 11:00 p.m. PST.
Tickets will be available for purchase here: www.eventbrite.com/e/fwdcloudse...
@fwdcloudsec.org is an awesome conference. Looking forward to seeing lots of cool submissions into the CFP!
20.01.2026 20:17 β π 1 π 1 π¬ 0 π 0
Did you know Claude models have a "magic string" to test when a model refuses to respond? If that string enters prompt context, it can be abused to break LLM workflows until context is reset.
It's the EICAR test string of the AI age. Details:
hackingthe.cloud/ai-llm/explo...
We've locked in dates and venues for the North American (NA) and European (EU) fwd:cloudsec conferences this year!
fwd:cloudsec NA will be in the Seattle, Washington area at the Meydenbauer Center in Bellevue on June 1 and 2. π§΅
What are we calling normal AWS now? Normal, standard, classic, commercial, global, american?
How do you say out loud the acronym for AWS European Sovereign Cloud? I'm calling it "oosk", because the region is eusc-de-east-1, which sounds like a riff on the techno onomatopoeia "boots and cats".
The most surprising thing about AWS ESC is there aren't any cookie acceptance popup windows in the console. Is this really European?
16.01.2026 16:24 β π 3 π 0 π¬ 1 π 0
Very cool research on a CodeBuild misconfiguration which could have had significant consequences. Iβm a bit disappointed that there wasnβt more done to secure the supply chain after the Q Developer incident.
www.wiz.io/blog/wiz-res...
The AWS European Sovereign Cloud (ESC) has launched!
aws-news.com/article/2026...
This seems bad.
www.wiz.io/blog/wiz-res...
December is generally a good time for gifts, and I have a special one for you.
We are glad to announce fwd:cloudsec Europe 2026: September 7th and 8th - London, UK π¬π§
More info to come early 2026. Stay tuned, folks.
This is the best write-up on threat actor tradecraft I've seen from AWS. aws.amazon.com/blogs/securi...
16.12.2025 23:48 β π 2 π 1 π¬ 0 π 0
My top picks from re:Invent security announcements: www.wiz.io/blog/top-aws...
08.12.2025 22:35 β π 6 π 1 π¬ 0 π 2
This is excellent. Also available in video.
allan.reyes.sh/posts/keepin...
h/t tldrsec
Itβs time to bust some malware! π¦
Challenge #6 βMalware Bustersβ is LIVE.
Built by Gili Tikochinski for the reverseβengineering pros - dive into assembly and uncover whatβs hidden inside.
Think you can crack it?
cloudsecuritychampionship.com/challenge/6
π¨ New Shai-Hulud-style npm attack hitting 25k+ repos and growing fast.
Devs & CI/CD exposed via malicious preinstall. Wiz Research has detection + mitigation.
Details: www.wiz.io/blog/shai-hu...
The day has come where we get to announce what we've been working on for the past year π
www.duckbillhq.com/blog/skyway-...
My favorite security story I've read this year π, a story of surprising turns by Alex Smolen: engseclabs.com/blog/raccoon...
11.11.2025 17:24 β π 1 π 1 π¬ 0 π 0
Yuval Avrahami was ranked as the top Azure researcher by Microsoft this quarter! He has made a Kubernetes focused CTF for the Wiz Cloud Security Championship, check it out! cloudsecuritychampionship.com
Also if you can find cloud zero days, check out www.zeroday.cloud with a $4.5M prize pool!
I feel like the biggest takeaway from the latest AWS outage is that thereβs simply no architecting around them at this point. Even if you are 100% redundant/multi-whatever, your vendors and customers are certainly not. Order volume is dropping no matter what you do. Weβre all in this together.
23.10.2025 12:51 β π 28 π 2 π¬ 4 π 1I used to drink a gallon of milk a day, so this is just being more efficient.
13.10.2025 15:20 β π 0 π 0 π¬ 0 π 0
Jeep pushed a bad update on Friday that has been bricking 2024 Wrangle 4xe's. x.com/StephenGutow...
13.10.2025 00:45 β π 0 π 0 π¬ 0 π 0