Happy 10th Birthday Securing the Cloud!

It's my birthday and I'll blog/tag/label what I want to!

So while doing a lot of the prep work to create this site, I began organising my old code bases, ripping the good from them and create illustrations and examples... Hilariously I noted some of the dates of the code I was going over and some of it, over a decade in age!

I thought that deserved a little celebration and for some giggles and anonymised list of shenanigans I have witnessed over the times as I have grown with the Cloud.

Top 10 Funniest Moments!

1. Clients constantly asking for data to be removed from interesting places: When people hear "Security" they immediately jump to hacker and "can you hack $thing?" or "could you get rid of this photo from $X?" this has lead to some funny things I should not talk about...
2. Client Celebrations: One too few of these, it's always about what happens after the work is done!
3.  Working with a remote client to do some Network Gymnastics: A tale of deadlines, fast paced delivery and a broken VPN leading to a need to create a reverse shell from the clients system, to me, to connect to the network as SSH direct to the instance was banned. The things we do for our clients!
4.  Reverse Engineering and Early Days API: Before we had standards and everyone was building rapidly, reverse engineering how things like the Foreman were working to create wrappers and scripts like YAFCT to interact provided so, so many sleepless and coffee driven evenings, I do miss those times!
5.  Getting told off for talking about Security Vulnerabilities: ...Probably should have lead with the fact that the exploit involved an toy that is more targeted towards adults... <INSERT EGGPLANT EMOJI HERE>
6.  BitCoin mining rig found in Production: A security lesson to monitor ALL regions regardless if you are using them or not! Sadly the private keys were invalidated, it would have been worth a lot right now!
7.  Playing Apache Pong and Gource with one of the busiest sites on the Internet: ....Then watching it drop to nothing as the paywall was implemented!
8.  Using Facebook links to wind up the Web Developers with XSS: A warning to all developers to sanitise your inputs and not to trust anything, including the URL variable!
9.  Migrating Successfully to the Cloud so well we brought the original malware along too: A promotion for rebuilding into the cloud instead of straight migration - finding out you have pulled malware that has been living on your DC system to the Cloud is not the best surprise, but a funny experience!
10. Always Staying in the wrong hotel: If you know the story here, you know about the fun and games. Sadly, this one cannot be discussed!

Wrap up!

I hope you have enjoyed a quick look down some of the fun shenanigans as much as I have over the years, maybe throughout this blog you will find other references to some of the above, but as well, don't be afraid to reach out and get in contact!