Richard Fan's Avatar

Richard Fan

@richardfan.xyz

AWS Security Hero | Security Engineer | OSCP

123
Followers 90
Following 105
Posts 31.10.2024
Joined
Posts Following

Latest posts by Richard Fan @richardfan.xyz

What is EC2 Instance Attestation Richard’s blogs on Cloud Security

#AWS introduced EC2 Instance Attestation in October

I have created a demo project to showcase how we can use it to achieve verifiable software deployment

πŸ“ Blog post: blog.richardfan.xyz/2025/12/18/w...

#EC2 #NitroTPM #Cybersecurity #CloudSecurity #TEE #ZeroTrust #NitroEnclaves

18.12.2025 09:32 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

Werner keynote ready to go
#AWSreInvent

04.12.2025 22:54 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

25 announcements in 10 minutes

#AWSreInvent

02.12.2025 18:03 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Running Gemini on Amazon Bedrock

#AWSreInvent

02.12.2025 16:33 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

AWS Builders Loft at #AWSreInvent

01.12.2025 23:00 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
PyPI and Shai-Hulud: Staying Secure Amid Emerging Threats - The Python Package Index Blog Shai-Hulud is a great worm, not yet a snake. Attack on npm ecosystem may have implications for PyPI.

There's a nasty #OpenSource #SupplyChain worm going around named Shai-Hulud. It's also capable of exposing some projects' long-lived PyPI API Tokens. Read more on what's happening, and what you can do to protect your projects.

TL,DR: Adopt Trusted Publishing πŸ”πŸš€πŸ“¦

blog.pypi.org/posts/2025-1...

26.11.2025 21:02 πŸ‘ 26 πŸ” 18 πŸ’¬ 1 πŸ“Œ 2
Preview
A terraform stack to enable Amazon Inspector in all AWS accounts in all regions A terraform stack to enable Amazon Inspector in all AWS accounts in all regions - enable-amazon-inspector.tf

I can't overstate how significant the new #AWS Organization Inspector policy is

πŸ”— Example code: gist.github.com/richardfan11...

With a simple terraform stack, we can enable Amazon Inspector in all accounts, in all regions

πŸ“ More example policy: docs.aws.amazon.com/organization...

#CloudSecurity

25.11.2025 05:06 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

This is my most favourite announcement so far: #AWS issued-JWT
πŸ”— docs.aws.amazon.com/IAM/latest/U...

With sts:GetWebIdentityToken, we can now request JWT from AWS, with context inside that can be logged by external service.

#AWSCloud #Security #CloudSecurity #CloudSecurity #IAM #OIDC

20.11.2025 02:54 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Breaking change on GitHub Actions pull_request_target Richard’s blogs on Cloud Security

There is an upcoming change on #GitHubActions Pull Request workflow starting from Dec 8

Let me explain what's going on and how you can check if your workflow is affected

πŸ‘‰ blog.richardfan.xyz/2025/11/17/g...

#GitHub #Security #CloudSecurity #CICD #DevOps

17.11.2025 15:23 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Microsoft in court for allegedly misleading millions of Australians over Microsoft 365 subscriptions The ACCC has commenced proceedings in the Federal Court against Microsoft Australia and its US-based parent company Microsoft Corporation for allegedly misleading approximately 2.7 million Australian ...

If you use #Microsoft365, check your subscription

If you don't need its AI, you can switch back to the Classic plan, and #Microsoft never told you in the email

#LegalTech #ConsumerLaw #MisleadingConduct #Subscriptions

www.accc.gov.au/media-releas...

10.11.2025 03:15 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Can anyone tell me what is the difference between this M365 Copilot app and the Excel app?

If the Copilot app have all the full Word, Excel and Powerpoint feature, then why I need to install 3 more apps?

#Microsoft #MicrosoftOffice #MicrosoftM365 #M365 #Copilot #MicrosoftCopilot

27.10.2025 06:24 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
I never understood why you can't go faster than light - until now!
I never understood why you can't go faster than light - until now! YouTube video by FloatHeadPhysics

The mysterious YouTube algorithm brought me to yet another niche video
This time, it's "Why you can't go faster than light"

But surprisingly, this channel gave me the most intuitive explanation ever to this question πŸ˜„

youtu.be/Vitf8YaVXhc?...

26.10.2025 16:11 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

I always hear news reporters say β€œQUOTE” when quoting someone

But I seldom hear them say β€œunquote”

So when do the quotes end?

An I the only one wondering?

22.10.2025 17:15 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Good luck to anyone hosting #aws identity center in us-east-1

20.10.2025 07:38 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

You should ask the cabin crew next time

09.10.2025 01:23 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

How do they read the punctuation?

09.10.2025 01:22 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Unofficial AWS re:Invent Session Planner 2025 Easily browse sessions, create a personalized schedule, and get recommendations to make the most of your AWS re:Invent experience.

Session reservation for #AWSreInvent is opening soon, still struggling to plan your schedule among 2000+ sessions?

Use this planner made by @raphaelmanke.bsky.social to discover sessions you are interested in.

πŸ‘‰Link: reinvent-planner.cloud

#AWS #AWSCommunity #TechConference

04.10.2025 13:44 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

The internet this week #sora2

03.10.2025 11:46 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
AWS announces EC2 instance attestation - AWS Discover more about what's new at AWS with AWS announces EC2 instance attestation

After facing countless of limitation on #AWS #NitroEnclaves, the same feature is now available on normal EC2 instance.

The coming month must be a busy month for me to try it out

#ConfidentialComputing #AWSCloud

aws.amazon.com/about-aws/wh...

30.09.2025 03:06 πŸ‘ 5 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image Post image Post image

Totally worth a trip to #AWSCommunityDay #Warsaw

What a massive and successful community day

#aws #awscloud #awscommunity #networking #tech

18.09.2025 18:44 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

Heading to #AWSCommunityDay #Warsaw

#aws #awscloud #awscommunity #networking #tech

18.09.2025 05:41 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

#fwdcloudsec EU is happening soon

Can’t make it? No worry
πŸ“Ή Livestream is also available on YouTube: fwdcloudsec.org/conference/e...

#cybersecurity #security #cloudsecurity

15.09.2025 06:39 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

After 14 hours of flight, finally arrived in Berlin,

What brings me here?
It’s #fwdcloudsec, a conference I always learn a lot from cloud security all-stars

Can’t make it? No worry
πŸ“Ή Livestream is also available on YouTube: fwdcloudsec.org/conference/e...

#cybersecurity #security #cloudsecurity

13.09.2025 16:16 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
fwd:cloudsec Europe 2025 | fwd:cloudsec fwd:cloudsec is a non-profit conference on cloud security. At this conference you can expect discussions about all the major cloud platforms, both attack and defense research, limitations of security...

There are still tickets available for the upcoming #fwdcloudsec EU in Berlin

The speaker lineup is all-star level. Don't miss it if you love to learn practical cloud security.
fwdcloudsec.org/conference/e...

#cybersecurity #security #cloudsecurity

20.08.2025 12:56 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
AWS Community Day 2025 | HONG KONG Join us on 2 Nov 2025 at Dorsett Kai Tak for the first Hong Kong AWS Community Day β€” where cloud professionals and tech enthusiasts unite for a full day of innovation, learning, and networking.

☁️ Hong Kong’s First AWS Community Day is here! ☁️
πŸ”— Event Site awscommunity.hk
πŸ”— Apply to speak: sessionize.com/aws-communit...

#AWS #AWSCommunityDay #AWSCommunity #CloudComputing #CloudTech #CloudInnovation
#TechEvents #TechCommunity #HongKongTech #HKTech #AWSUserGroup #AWSUGHK #DeveloperCommunity

18.08.2025 03:59 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

If you created a new #AWS account with #FreeTier

DO NOT follow the console recommendation to create IAM Identity Center with AWS Organization, it will EXPIRE all your free credit ❗❗❗

If you want to use IAM Identity Center, create it on account instance!

#AWSCloud #CostOptimization #AWSFreeTier

02.08.2025 15:04 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

TIL, you only need write access on a #GitHub repo to manage variables and secrets, even under environment. No admin access required🫨

It's just that it can't be accessed via UI, you need to use API or gh cli

cli.github.com/manual/gh_va...
cli.github.com/manual/gh_se...

#devops #cicd #githubactions

23.07.2025 13:27 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

I saw this debate on an Instagram post: www.instagram.com/reel/DI6SN7k...

Here's my solution, simple and clear
Why Americans love writing essay on traffic signs?

#RoadDesign #HighwayDesign #RoadSafety #SignDesign #RoadSign #TrafficSign

30.06.2025 07:13 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

They have mention it in the credit section, the end of the README

But they also removed the previous versions from the CHANGELOG, making it looks like their release is the first version

Whether this is considered β€œCredit” is debatable but it just looks cheeky to me

21.06.2025 07:17 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Be more transparent about this project being a fork from other repo Β· Issue #65 Β· opentofu/vscode-opentofu Description This project is a fork of https://github.com/gamunu/vscode-opentofu But this is only being vaguely mentioned at the end of the README Credit section Most of the other famous forked proj...

Copying the entire repo of another project and publishing it as your own project, and just vaguely mentioning the original project at the end of the README

Is it a standard and good-faithful way of open-source projects???

#OpenSource #OpenTofu #GitHub #DevOps

github.com/opentofu/vsc...

21.06.2025 04:50 πŸ‘ 4 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0