This week's articles
Cloud Security Orienteering
#aws, #azure, #defend, #gcp, #strategy
A cloud and environment agnostic methodology for getting your bearings if tasked with securing a novel cloud environment.
Expanding Secrets Infrastructure to AWS Lambda
#aws, #build, #terraform
How Square extended their datacenter-based secrets infrastructure to enable a cloud migration supporting Lambda. They added SPIFFE compatibility to their secrets infrastructure and developed a Lambda secrets syncer that Square engineers can deploy via a Terraform module.
Hacking G Suite: The Power of Dark Apps Script Magic
#attack, #gcp, #gsuite
You’ve seen plenty of talks on exploiting, escalating, and exfiltrating the magical world of Google Cloud (GCP), but what about its buttoned-down sibling? This talk delves into the dark art of utilizing Apps Script to exploit G Suite (AKA Google Workspace).
Remediating AWS IMDSv1
#aws, #defend
An article on remediating IMDSv1 in AWS, a common server-side request forgery vector targeting lateral movement and persistence.
Introducing the Allstar GitHub App
#announcement, #ci/cd, #defend, #github
The Open Source Security Foundation announced Allstar, a GitHub app that provides automated continuous enforcement of security best practices for GitHub projects. With Allstar, owners can check for security policy adherence, set desired enforcement actions, and continuously enact those enforcements when triggered by a setting or file change in the organization or project repository.
Kubernetes 1.22: Reaching New Peaks
#announcement, #kubernetes
Kubernetes 1.22 has been released, and it contains breaking changes! Go check the CHANGELOG to avoid surprises at upgrade time.
|
|
Tools
whoc
A container image that extracts the underlying container runtime and sends it to a remote server. Poke at the underlying container runtime of your favorite CSP container platform.
KUR8
A visual overview of Kubernetes architecture and Prometheus metrics.
service-ca-operator
Controller to mint and manage serving certificates for Kubernetes services.
|
|
From the cloud providers
What's new: Incident advanced search is now public
By default, incident searches run across the Incident ID, Title, Tags, Owner, and Product name values only. Now, with the new Advanced search pane, you can scroll down the list to select one or more other parameters to search on.
|
|
Thanks for reading!
|
If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌 If you have questions, comments, or feedback, let me know on Twitter ( @lancinimarco / @CloudSecList), or at feedback.cloudseclist.com! Thanks, Marco
|
|
|