Release Date: 19/11/2023 | Issue: 214
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Prioritize Your Most Harmful Cloud Security Risks
Rapid changes in the cloud without automated security create a perfect stormβ€”a proliferation of misconfigurations and vulnerabilities that generate excessive security alerts. Without the context, security professionals waste time assessing and addressing low-level risks, leaving the organization vulnerable. Eliminate alert noise:
  • Break down data silos
  • Cross-correlate data
  • Highlight the most critical risk
  • Act fast and decisively
Know which risks matter. Download the tip sheet

This week's articles


State of Cloud Security
Datadog analyzed data from thousands of organizations to understand the latest trends in cloud security posture.   #aws   #azure   #explain   #gcp


Phishing Slack for persistence and lateral movement
Post demonstrating how to phish via Slack to gain persistence and move laterally.   #attack   #saas


The Chain Reaction: New Methods for Extending Local Breaches in Google Workspace
Bitdefender discovered new attack methods in Google Workspace, escalating from a single compromised endpoint to a network-wide breach.   #attack   #gsuite


The Spelling Police: Searching for Malicious HTTP Servers by Identifying Typos in HTTP Responses
A study from NCC designed to uncover potentially malicious servers by proactively searching for spelling mistakes in HTTP response headers.   #attack


Mistaken Identity: Extracting Managed Identity Credentials from Azure Function Apps
The article discusses a security vulnerability in Azure Function Apps, where Linux containers use an encrypted startup context file that can be decrypted to expose sensitive data, including Managed Identity certificates.   #attack   #azure


Bolstering Security & Automating Management of Target Australia's EKS clusters
How Bottlerocket, Fargate & Karpenter helped Target Australia enhance their security posture and simplify Kubernetes usage.   #build   #defend   #kubernetes


Lambda Extensions: Exploring Misuse Scenarios and Stratus Red Team Module Development
Post analyzing a well-known attack vector and then showing how to build a module for Stratus Red Team, a self-contained binary we can use to detonate offensive attack techniques against a live cloud environment easily.   #attack   #aws   #defend


The Cloud & App Security List
A list of the best Cloud Security tools on the market based on hands on use with clear categorization of when to use cloud native, open source, or commercial tools.   #build


Kubernetes Removals, Deprecations, and Major Changes in Kubernetes 1.29
A list of deprecations and removals for Kubernetes v1.29.   #announcement   #kubernetes

Sponsor CloudSecList

If you want to get your product or job ad in front of thousands of security professionals, ranging from engineers to CISOs and VCs, at companies ranging from small start-ups to Fortune500 and FAANG, you can reach out at
πŸ“¨ [email protected] πŸ“¨

Tools


kubescape v3.0.0
Kubescape, an open-source Kubernetes security platform, released its version 3.0.0.


org-kickstart
Kickstart and manage your AWS Organization via Terraform.


terraform-docs
Generate documentation from Terraform modules in various output formats.


aws-load-balancer-controller
A Kubernetes controller for Elastic Load Balancers.


codepipeline-cost-compare
Compare the costs of V1 and V2 CodePipeline types based on historic usage.

From the cloud providers


#AWS   AWS Audit Manager introduces framework for generative AI on Amazon Bedrock
AWS Audit Manager customers can now access a prebuilt standard framework to help gain visibility into how their generative AI implementation on Amazon Bedrock is working against AWS recommended best practices.


#AWS   Introducing CloudFront Security Dashboard, a Unified CDN and Security Experience
Amazon announced the availability of the CloudFront security dashboard, a unified experience that brings AWS WAF visibility and controls directly to your CloudFront distribution.


#AWS   New - Block Public Sharing of Amazon EBS Snapshot
You now have the ability to disable public sharing of new, and optionally existing, Amazon Elastic Block Store (Amazon EBS) snapshots on a per-region, per-account basis.


#AWS   Building sensitive data remediation workflows in multi-account AWS environments
A solution that provides you with visibility into sensitive data residing across a fleet of AWS accounts through a ChatOps-style notification mechanism using Microsoft Teams, which also provides contextual information needed to conduct security investigations.


#AWS   Automate and enhance your code security with AI-powered services
Amazon CodeWhisperer, Amazon CodeGuru and Amazon Inspector not only aids in early risk identification and mitigation, it empowers your development and security teams, leading to more efficient and secure business outcomes.


#AWS   New - Multi-account search in AWS Resource Explorer
Starting today, you can also search across accounts within your organization.


#GCP   Protecting your remote workforce with context-aware data loss rules and URL filtering
New Data Loss Prevention (DLP) rules with Context-Aware conditions can provide the ability to control sensitive information transfers based on user and device attributes.


#GCP   Tips on building a network security policy in Google Cloud
Implementing a secure network in Google Cloud means designing it to use tools like IAM, VPC, and a variety network security services.


#AZURE   Public Preview: Azure Monitor Agent JSON log collection
Azure Monitoring Agent now supports collection of JSON for ingestion into Log Analytics.


#AZURE   Public Preview: Azure Monitor Alerts integration with Event Grid for Azure Key Vault system events
Azure Monitor alerts as a destination in Event Grid event subscriptions allow you to receive notification of critical events via action groups as Short Message Service (SMS), email, push notification, and more.


#AZURE   Public preview: Confidential containers on Azure Kubernetes Service (AKS)
AKS now lets you run individual pods in their own trusted execution environment (TEE).


#AZURE   Public preview: Confidential temp disk encryption for confidential VMs
Confidential temp disk encryption is now available for all confidential VMs.

Business News

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! πŸ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
Β© 2019-present CloudSecList Β· Marco Lancini