Teri Radichel
@teriradichel.bsky.social
2nd Sight Lab. Cloud, SAAS, and App Pentesting. Security Research. AWS Security Hero . Author on Amazon. Former IANS, SANS faculty. GSE. Masters Software & Infosec.
Pinned
Cloud Security Class Slides
2nd Sight Lab cloud security training slides from 2020
medium.com
Finally got around to publishing my cloud security class slides. Used to charge a lot of money for this but focus on pentesting now. Still mostly relevant.
Cloud Security Class Slides:
2nd Sight Lab cloud security training slides from 2020
medium.com/cloud-securi...
Cloud Security Class Slides:
2nd Sight Lab cloud security training slides from 2020
medium.com/cloud-securi...
Just saw on the news last night that some residents are protesting an AI data center in Port Wentworth which is adjacent to Savannah. Interesting.
December 22, 2025 at 6:00 PM
Just saw on the news last night that some residents are protesting an AI data center in Port Wentworth which is adjacent to Savannah. Interesting.
All labs published including a pentesting lab (everyone’s favorite topic it seems) showing how to create a C2 channel on a vulnerable Wordpress instance that can run commands on the host OS and in your cloud if misconfigured.
medium.com/cloud-securi...
medium.com/cloud-securi...
Cloud Security Class Labs
Class Labs from Cloud Security Class Last Taught in 2020
medium.com
December 19, 2025 at 4:41 PM
All labs published including a pentesting lab (everyone’s favorite topic it seems) showing how to create a C2 channel on a vulnerable Wordpress instance that can run commands on the host OS and in your cloud if misconfigured.
medium.com/cloud-securi...
medium.com/cloud-securi...
Still… @bsky.app is the most difficult social media platform to post on because I have to spend time breaking up long posts into smaller bits. If you want to force smaller bits at least break it up for me when I enter a long post.
December 19, 2025 at 12:02 PM
Still… @bsky.app is the most difficult social media platform to post on because I have to spend time breaking up long posts into smaller bits. If you want to force smaller bits at least break it up for me when I enter a long post.
AI hallucinations again. I asked Google aimode for a certain product manufactured in USA and it gave me a company name. Sounded good.
December 19, 2025 at 12:00 PM
AI hallucinations again. I asked Google aimode for a certain product manufactured in USA and it gave me a company name. Sounded good.
People always ask me how to convince people security is important. Thats why I cover all the cloud breaches and threats on day one of this class. These are all still relevant but I would add others on my blog if I was writing this class today.
Finally got around to publishing my cloud security class slides. Used to charge a lot of money for this but focus on pentesting now. Still mostly relevant.
Cloud Security Class Slides:
2nd Sight Lab cloud security training slides from 2020
medium.com/cloud-securi...
Cloud Security Class Slides:
2nd Sight Lab cloud security training slides from 2020
medium.com/cloud-securi...
Cloud Security Class Slides
2nd Sight Lab cloud security training slides from 2020
medium.com
December 18, 2025 at 7:13 PM
People always ask me how to convince people security is important. Thats why I cover all the cloud breaches and threats on day one of this class. These are all still relevant but I would add others on my blog if I was writing this class today.
Beware WhatsApp users: GhostPairing Attacks: from phone number to full access in WhatsApp
www.gendigital.com/blog/insight...
www.gendigital.com/blog/insight...
GhostPairing Attacks: from phone number to full access in WhatsApp
When “verification codes” quietly hijack your account
www.gendigital.com
December 17, 2025 at 2:37 PM
Beware WhatsApp users: GhostPairing Attacks: from phone number to full access in WhatsApp
www.gendigital.com/blog/insight...
www.gendigital.com/blog/insight...
Microsoft will finally kill obsolete cipher that has wreaked decades of havoc - RC4 which is susceptible to Kerberoasting.
arstechnica.com/security/202...
arstechnica.com/security/202...
Microsoft will finally kill obsolete cipher that has wreaked decades of havoc
The weak RC4 for administrative authentication has been a hacker holy grail for decades.
arstechnica.com
December 17, 2025 at 2:33 PM
Microsoft will finally kill obsolete cipher that has wreaked decades of havoc - RC4 which is susceptible to Kerberoasting.
arstechnica.com/security/202...
arstechnica.com/security/202...
When my agents went haywire yesterday I thought maybe they would just work in the a.m. They did not. I did some investigation and added some monitoring.
~~
Monitoring Autonomous AI Agents
~~
Is it running? What is it doing? Is my system overloaded?
medium.com/cloud-securi...
~~
Monitoring Autonomous AI Agents
~~
Is it running? What is it doing? Is my system overloaded?
medium.com/cloud-securi...
Monitoring Autonomous AI Agents
Is it running? What is it doing? Is my system overloaded?
medium.com
December 17, 2025 at 1:49 PM
When my agents went haywire yesterday I thought maybe they would just work in the a.m. They did not. I did some investigation and added some monitoring.
~~
Monitoring Autonomous AI Agents
~~
Is it running? What is it doing? Is my system overloaded?
medium.com/cloud-securi...
~~
Monitoring Autonomous AI Agents
~~
Is it running? What is it doing? Is my system overloaded?
medium.com/cloud-securi...
I got a question AWS security cert materials. The vendor certs show you know how to use specific tools. My class focused on concepts that apply to any security tool. Why is your security team asking for all those annoying things? 😉
medium.com/cloud-securi...
medium.com/cloud-securi...
Cloud Security Class Slides
2nd Sight Lab cloud security training slides from 2020
medium.com
December 16, 2025 at 6:36 PM
I got a question AWS security cert materials. The vendor certs show you know how to use specific tools. My class focused on concepts that apply to any security tool. Why is your security team asking for all those annoying things? 😉
medium.com/cloud-securi...
medium.com/cloud-securi...
Posted more class labs. The labs illustrate concepts. WHY they matter is in the slides.
No Paywall.
medium.com/cloud-securi...
No Paywall.
medium.com/cloud-securi...
Cloud Security Class Labs
Class Labs from Cloud Security Class Last Taught in 2020
medium.com
December 16, 2025 at 6:27 PM
Posted more class labs. The labs illustrate concepts. WHY they matter is in the slides.
No Paywall.
medium.com/cloud-securi...
No Paywall.
medium.com/cloud-securi...
I was in AI Nirvana for a bit yesterday and then hit a wall which I think had to do with session load and authentication issues. I’m sure that will be resolved soon. But the other thing is that AI agents start off great but then swing wildly like they are affected by some centripetal force. Why?
For today’s ai 🤖 experiment I have multiple agents competing with each other. I’ve combined deterministic methods with ai methods to check and improve the output. I couldn’t get kiro hooks to do that so I had to create my own hooks.
December 16, 2025 at 4:59 PM
I was in AI Nirvana for a bit yesterday and then hit a wall which I think had to do with session load and authentication issues. I’m sure that will be resolved soon. But the other thing is that AI agents start off great but then swing wildly like they are affected by some centripetal force. Why?
For today’s ai 🤖 experiment I have multiple agents competing with each other. I’ve combined deterministic methods with ai methods to check and improve the output. I couldn’t get kiro hooks to do that so I had to create my own hooks.
December 15, 2025 at 9:23 PM
For today’s ai 🤖 experiment I have multiple agents competing with each other. I’ve combined deterministic methods with ai methods to check and improve the output. I couldn’t get kiro hooks to do that so I had to create my own hooks.
I am running Kiro CLI in a locked down project directory and it is trying to download and run a crate called a stream v.0.6.21 which has nothing to do with anything I am doing. What is up with that?
December 15, 2025 at 8:15 PM
I am running Kiro CLI in a locked down project directory and it is trying to download and run a crate called a stream v.0.6.21 which has nothing to do with anything I am doing. What is up with that?
When I taught this cloud was a new to most. Security teams were unfamiliar with how developers work and developers were unfamiliar with why security teams wanted things. I had to provide content for both. It was also a lot of gound to cover in five days!
medium.com/cloud-securi...
medium.com/cloud-securi...
Cloud Security Class Slides
2nd Sight Lab cloud security training slides from 2020
medium.com
December 15, 2025 at 3:17 PM
When I taught this cloud was a new to most. Security teams were unfamiliar with how developers work and developers were unfamiliar with why security teams wanted things. I had to provide content for both. It was also a lot of gound to cover in five days!
medium.com/cloud-securi...
medium.com/cloud-securi...
I introduced automation on the first day of my cloud security class and explain why. Day 1 included a sample lab on GCP Azure and AWS. I hosted the lab code in a git repo so people unfamiliar with that could learn how and why to use it.
medium.com/cloud-securi...
medium.com/cloud-securi...
Cloud Security Class Labs
Class Labs from Cloud Security Class Last Taught in 2020
medium.com
December 15, 2025 at 2:53 PM
I introduced automation on the first day of my cloud security class and explain why. Day 1 included a sample lab on GCP Azure and AWS. I hosted the lab code in a git repo so people unfamiliar with that could learn how and why to use it.
medium.com/cloud-securi...
medium.com/cloud-securi...
One of the first things I learned when I started researching cloud security was its impact on jurisdiction and why location matters. It’s in the first day of my class materials.
www.slideshare.net/slideshow/2n...
www.slideshare.net/slideshow/2n...
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
2nd Sight Lab ~ Day 1 - Cloud Security Strategy and Planning ~ 2020.
AWS, GCP, and Azure cloud security class. This content is now released and free for anyone to use. Some of the material is outdated but a lot of the core concepts are still relevant. - Download as a PDF or view online for free
www.slideshare.net
December 15, 2025 at 2:52 AM
One of the first things I learned when I started researching cloud security was its impact on jurisdiction and why location matters. It’s in the first day of my class materials.
www.slideshare.net/slideshow/2n...
www.slideshare.net/slideshow/2n...
Reposted by Teri Radichel
🤖 AI Agents in Sandboxes 🤖
Limiting agent blast radius while vibe coding and in applications
medium.com/cloud-securi...
Limiting agent blast radius while vibe coding and in applications
medium.com/cloud-securi...
AI Agents in Sandboxes
Limiting agent blast radius while vibe coding and in applications
medium.com
December 7, 2025 at 10:40 PM
🤖 AI Agents in Sandboxes 🤖
Limiting agent blast radius while vibe coding and in applications
medium.com/cloud-securi...
Limiting agent blast radius while vibe coding and in applications
medium.com/cloud-securi...
I was just reading about Kiro autonomous agent to see how it is different than the framework I wrote for Q/Kiro CLI running in sandboxes. Here’s the crucial bit:
Runs tasks in isolated sandbox environments and opens pull requests for review.
kiro.dev/autonomous-a...
Runs tasks in isolated sandbox environments and opens pull requests for review.
kiro.dev/autonomous-a...
Autonomous agent
Kiro autonomous agent is a frontier agent that autonomously handles development work, maintains comprehensive understanding of your codebase and patterns, and learns from your code reviews to improve ...
kiro.dev
December 14, 2025 at 9:02 PM
I was just reading about Kiro autonomous agent to see how it is different than the framework I wrote for Q/Kiro CLI running in sandboxes. Here’s the crucial bit:
Runs tasks in isolated sandbox environments and opens pull requests for review.
kiro.dev/autonomous-a...
Runs tasks in isolated sandbox environments and opens pull requests for review.
kiro.dev/autonomous-a...
FTR @bsky.app is one of the hardest social media platforms to post on. Posts are too short. Critical parts get buried. At least you can edit posts unlike X with its time limits and quote unlike Mastodon. Also for some reason thumbnails are not showing up on Mastodon. LinkedIn mangles URLs. Oh well
I started by introducing the Golum Project which got people to register their own computers in exchange for crypto currency to explain concepts like shared infrastructure, distributed computing, and considerations for applications running on cloud architectures.
December 14, 2025 at 6:41 PM
FTR @bsky.app is one of the hardest social media platforms to post on. Posts are too short. Critical parts get buried. At least you can edit posts unlike X with its time limits and quote unlike Mastodon. Also for some reason thumbnails are not showing up on Mastodon. LinkedIn mangles URLs. Oh well
Day 1 of my cloud security class starts with what is cloud…something which I tend to think of differently than a lot of other security people who say is just “someone else’s computer.”
Day 1 starts here:
www.slideshare.net/slideshow/2n...
Day 1 starts here:
www.slideshare.net/slideshow/2n...
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
2nd Sight Lab ~ Day 1 - Cloud Security Strategy and Planning ~ 2020.
AWS, GCP, and Azure cloud security class. This content is now released and free for anyone to use. Some of the material is outdated but a lot of the core concepts are still relevant. - Download as a PDF or view online for free
www.slideshare.net
December 14, 2025 at 6:06 PM
Day 1 of my cloud security class starts with what is cloud…something which I tend to think of differently than a lot of other security people who say is just “someone else’s computer.”
Day 1 starts here:
www.slideshare.net/slideshow/2n...
Day 1 starts here:
www.slideshare.net/slideshow/2n...
Finally got around to publishing my cloud security class slides. Used to charge a lot of money for this but focus on pentesting now. Still mostly relevant.
Cloud Security Class Slides:
2nd Sight Lab cloud security training slides from 2020
medium.com/cloud-securi...
Cloud Security Class Slides:
2nd Sight Lab cloud security training slides from 2020
medium.com/cloud-securi...
Cloud Security Class Slides
2nd Sight Lab cloud security training slides from 2020
medium.com
December 13, 2025 at 10:17 PM
Finally got around to publishing my cloud security class slides. Used to charge a lot of money for this but focus on pentesting now. Still mostly relevant.
Cloud Security Class Slides:
2nd Sight Lab cloud security training slides from 2020
medium.com/cloud-securi...
Cloud Security Class Slides:
2nd Sight Lab cloud security training slides from 2020
medium.com/cloud-securi...
Reposted by Teri Radichel
Coupang data breach traced to ex-employee who retained system access #cybersecurity #hacking #news #infosec #security #technology #privacy
Coupang data breach traced to ex-employee who retained system access
A data breach at Coupang that exposed the information of 33.7 million customers has been tied to a former employee who retained access to internal systems after leaving the company.
www.bleepingcomputer.com
December 13, 2025 at 4:28 AM
Coupang data breach traced to ex-employee who retained system access #cybersecurity #hacking #news #infosec #security #technology #privacy
AWS Support Center Console now supports screen sharing for troubleshooting support cases [TR: Hey security teams…be aware and check out how this works.] aws.amazon.com/about-aws/wh...
AWS Support Center Console now supports screen sharing for troubleshooting support cases - AWS
Discover more about what's new at AWS with AWS Support Center Console now supports screen sharing for troubleshooting support cases
aws.amazon.com
December 12, 2025 at 3:37 PM
AWS Support Center Console now supports screen sharing for troubleshooting support cases [TR: Hey security teams…be aware and check out how this works.] aws.amazon.com/about-aws/wh...
Do not copy and paste URLs when logging into Azure. This highlights a possible phishing attack on any similar login mechanism.
cybersecuritynews.com/consentfix-a...
cybersecuritynews.com/consentfix-a...
New ConsentFix Attack Let Attackers Hijack Microsoft Accounts by Leveraging Azure CLI
New phishing method, “ConsentFix,” uses fake OAuth consent and ClickFix-style prompts to hijack Microsoft accounts without passwords or MFA.
cybersecuritynews.com
December 12, 2025 at 1:25 PM
Do not copy and paste URLs when logging into Azure. This highlights a possible phishing attack on any similar login mechanism.
cybersecuritynews.com/consentfix-a...
cybersecuritynews.com/consentfix-a...
Autonomous robot trying to navigate tourists in Miami. Right before this video some tourists were jumping in front of it and messing with it, 😆
December 12, 2025 at 1:52 AM
Autonomous robot trying to navigate tourists in Miami. Right before this video some tourists were jumping in front of it and messing with it, 😆