unicrons.cloud's Avatar

unicrons.cloud

@unicrons.cloud

https://unicrons.cloud

13
Followers 10
Following 143
Posts 06.02.2024
Joined
Posts Following

Latest posts by unicrons.cloud @unicrons.cloud

WriteUp: Cloud Village CTF DEFCON 33 - unicrons.cloud

And we couldn't let August end without publishing our writeups for the @cloudvillage-dc.bsky.social CTF at @defcon.bsky.social

unicrons.cloud/en/2025/08/3...

31.08.2025 08:40 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
WriteUp: Cloud Security Championship #2 - Contain Me If You Can - unicrons.cloud

Wiz already released the new challenge for this month, so it is time to show how we solved the previous one!

We always wanted to dig more about containers escaping, so it was a perfect opportunity to learn.
unicrons.cloud/en/2025/08/1...

28.08.2025 19:34 πŸ‘ 1 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
WriteUp: Cloud Security Championship #1 - unicrons.cloud

New post! πŸ“° WriteUp: Cloud Security Championship #1

unicrons.cloud/en/2025/07/0...

07.07.2025 18:36 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Probably you don't know how we look like so this is us

30.06.2025 21:44 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

We're at @fwdcloudsec.org and we have stickers. I do not know what else to say so just find us (or the stickers we left around πŸ˜‚)

30.06.2025 21:44 πŸ‘ 0 πŸ” 2 πŸ’¬ 1 πŸ“Œ 0
IAM policy mishaps: Case 2 - SNS - unicrons.cloud

Pensabais que nos habΓ­amos olvidado de la serie de IAM? Bueno, pues es correcto. PerdΓ³n por el retraso, pero aquΓ­ estamos de nuevo.

Hoy como estrella invitada: SNS ⭐️

unicrons.cloud/es/2025/02/2...

10.03.2025 11:13 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
IAM policy mishaps: Case 2 - SNS - unicrons.cloud

Did you think we had forgotten about the IAM series? Well, you were right. Sorry for the delay, but here we are again.

Today SNS as starring guest. ⭐️

unicrons.cloud/en/2025/02/2...

10.03.2025 11:13 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Post image

Do you agree with this chatGPT definition of "misconfiguration" in a cloud security context?

How would you define it?

01.03.2025 11:02 πŸ‘ 0 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Preview
Awseye - See Inside AWS Accounts Awseye tracks publicly accessible AWS data to help identify and secure known and exposed AWS resources. Empowering defenders with open-source intelligence.

The self described β€œShodan of AWS” is now live! This is an amazing project from Daniel Grzelak that helps democratize cloud resource enumeration for the masses. Very excited about this!
awseye.com

26.11.2024 02:31 πŸ‘ 70 πŸ” 33 πŸ’¬ 2 πŸ“Œ 3
Post image

In one hour we will be talking about Cloud Security in #AWSCommunityDaySpain 😬

PD: we have stickers... πŸ¦„

19.10.2024 10:18 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

On our way to #AWSCommunityDaySpain πŸš† to talk about how to build your own CSPM with @steampipeio, AWS SecurityHub and AWS Organizations.

18.10.2024 08:31 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Deploy IAM Roles across an AWS Organization as code - unicrons.cloud

Do you have a tool that needs permissions across all your AWS accounts? Do you want to manage it using IaC? Check out our latest post! https://unicrons.cloud/en/2024/10/14/deploy-iam-roles-across-an-aws-organization-as-code/

14.10.2024 12:46 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Here we go! @fwdcloudsec

17.09.2024 07:15 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
WriteUp: Cloud Village CTF 2024 - unicrons.cloud

You know us, if we see a scoreboard, there we go. And last weekend, we weren't at #defcon32, but we didn't miss the opportunity to participate in the @cloudvillage_dc CTF😬

Here we you have the 5 challenges we were able to solve:
https://unicrons.cloud/en/2024/08/13/writeup-cloud-village-ctf-2024/

13.08.2024 17:53 πŸ‘ 1 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
unicrons.cloudIAM policy mishaps: Case 1 - S3IAM policy mishaps: Intro to IAM

Y aquΓ­ tenΓ©is el enlace del feed en espaΓ±ol: https://unicrons.cloud/es/feed.xml

22.06.2024 15:58 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
unicrons.cloudIAM policy mishaps: Case 1 - S3IAM policy mishaps: Intro to IAM

We have just enabled the RSS feed on our blog. You can subscribe here: https://unicrons.cloud/en/feed.xml

22.06.2024 15:57 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
AWS JSON policy elements: Principal - AWS Identity and Access ManagementAWS JSON policy elements: Principal - AWS Identity and Access Management Describes the Principal element of the AWS JSON policy language.

Because if you add an ARN as `Principal`, it must exists and will generate a unique ID. You can find more information in the following AWS docs, either way if someone can recreate your roles without your authorization, you have a bigger issue.
docs.aws.amazon.com/IAM/latest/U...

16.06.2024 12:21 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Extra bit we didn't include in the post: The source roles are included under the `aws:PrincipalArn` condition to avoid losing access if we recreate the roles. Why don't add them as `Principal`?

16.06.2024 12:21 πŸ‘ 1 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
IAM policy mishaps: Case 1 - S3 - unicrons.cloud

TambiΓ©n puedes leerlo en EspaΓ±ol aquΓ­:
unicrons.cloud/es/2024/06/0...

01.06.2024 15:38 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
IAM policy mishaps: Case 1 - S3 - unicrons.cloud

It's been a while but the new episode of our IAM series is out! Let's talk about S3:
https://unicrons.cloud/en/2024/06/01/iam-policy-mishaps-case-1---s3/

01.06.2024 15:27 πŸ‘ 1 πŸ” 2 πŸ’¬ 1 πŸ“Œ 1

TambiΓ©n puedes leerlo en EspaΓ±ol aquΓ­
unicrons.cloud/es/2024/02/2...

23.02.2024 14:25 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
IAM policy mishaps: Intro to IAM - unicrons.cloud

We just launched unicrons.cloud. Check out our first blog post! IAM intro from our Sh3llCON talk, first episode of the series. unicrons.cloud/en/2024/02/2...

23.02.2024 13:49 πŸ‘ 3 πŸ” 2 πŸ’¬ 0 πŸ“Œ 1