This week's articles
Incident report: Spotting an attacker in GCP
#attack, #defend, #gcp
A walk through of how an attacker gained access to a customer's GCP environment, Expel's investigative process, and some key takeaways for securing your organization.
Introducing Gitsign
#announcement, #supply-chain
The Sigstore project has created a new tool called Gitsign, which aims to bring the best of Sigstore to Git with "keyless" signing and transparency log support, making it easy to get started with signing without the need to generate and manage long-term keys.
Public Travis CI Logs (Still) Expose Users to Cyber Attacks
#attack, #ci/cd
The Aqua Security team found that tens of thousands of user tokens are exposed via the Travis CI API, which allows anyone to access historical clear-text logs. More than 770 million logs of free tier users are available, from which you can easily extract tokens, secrets, and other credentials associated with popular cloud service providers such as GitHub, AWS, and Docker Hub.
|
|
Tools
mirrord
mirrord lets you easily mirror traffic from your production environment to your development environment.
socless
SOCless is a serverless framework built to help security teams easily automate their incident response and operations workflows.
|
|
Sponsor
Is your team drowning in container vulnerability noise? According to CISA, new vulnerabilities reported each year have nearly tripled. In this new blog, learn how to reduce vulnerability noise by up to 95%, by eliminating the noise from vulnerabilities that pose no immediate risk. Find, focus and fix the threats that matter to prevent breaches. Read the blog to learn how!
|
|
|
From the cloud providers
Upcoming changes required for AWS Config
On July 5, 2022, the AWS managed policy AWSConfigRole will be deprecated. It will continue working for all currently attached users, groups, and roles. However, after July 5, 2022, the AWSConfigRole managed policy can't be attached to any new users, groups, or roles.
Data Perimeter Workshop
This workshop takes you through some of the best practices and available AWS services and features for creating a boundary around your resources in AWS.
|
|
Thanks for reading!
|
If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐ If you have questions, comments, or feedback, let me know on Twitter ( @lancinimarco / @CloudSecList), or at feedback.cloudseclist.com! Thanks, Marco
|
|
|