Release Date: 19/11/2023 | Issue: 214
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.

If you received it, you either subscribed or someone forwarded it to you. If you fit in the latter camp and want to subscribe, then you can click on this button:
Sign Up

Prioritize Your Most Harmful Cloud Security Risks
Rapid changes in the cloud without automated security create a perfect stormβ€”a proliferation of misconfigurations and vulnerabilities that generate excessive security alerts. Without the context, security professionals waste time assessing and addressing low-level risks, leaving the organization vulnerable. Eliminate alert noise:
  • Break down data silos
  • Cross-correlate data
  • Highlight the most critical risk
  • Act fast and decisively
Know which risks matter. Download the tip sheet

This week's articles

State of Cloud Security   #aws, #azure, #explain, #gcp
Datadog analyzed data from thousands of organizations to understand the latest trends in cloud security posture.

Phishing Slack for persistence and lateral movement   #attack, #saas
Post demonstrating how to phish via Slack to gain persistence and move laterally.

The Chain Reaction: New Methods for Extending Local Breaches in Google Workspace   #attack, #gsuite
Bitdefender discovered new attack methods in Google Workspace, escalating from a single compromised endpoint to a network-wide breach.

The Spelling Police: Searching for Malicious HTTP Servers by Identifying Typos in HTTP Responses   #attack
A study from NCC designed to uncover potentially malicious servers by proactively searching for spelling mistakes in HTTP response headers.

Mistaken Identity: Extracting Managed Identity Credentials from Azure Function Apps   #attack, #azure
The article discusses a security vulnerability in Azure Function Apps, where Linux containers use an encrypted startup context file that can be decrypted to expose sensitive data, including Managed Identity certificates.

Bolstering Security & Automating Management of Target Australia's EKS clusters   #build, #defend, #kubernetes
How Bottlerocket, Fargate & Karpenter helped Target Australia enhance their security posture and simplify Kubernetes usage.

Lambda Extensions: Exploring Misuse Scenarios and Stratus Red Team Module Development   #attack, #aws, #defend
Post analyzing a well-known attack vector and then showing how to build a module for Stratus Red Team, a self-contained binary we can use to detonate offensive attack techniques against a live cloud environment easily.

The Cloud & App Security List   #build
A list of the best Cloud Security tools on the market based on hands on use with clear categorization of when to use cloud native, open source, or commercial tools.

Kubernetes Removals, Deprecations, and Major Changes in Kubernetes 1.29   #announcement, #kubernetes
A list of deprecations and removals for Kubernetes v1.29.


kubescape v3.0.0
Kubescape, an open-source Kubernetes security platform, released its version 3.0.0.

Kickstart and manage your AWS Organization via Terraform.

Generate documentation from Terraform modules in various output formats.

A Kubernetes controller for Elastic Load Balancers.

Compare the costs of V1 and V2 CodePipeline types based on historic usage.

Sponsor CloudSecList

If you want to get your product or job ad in front of thousands of security professionals, ranging from engineers to CISOs and VCs, at companies ranging from small start-ups to Fortune500 and FAANG, you can reach out at
πŸ“¨ [email protected] πŸ“¨

From the cloud providers

AWS Icon  AWS Audit Manager introduces framework for generative AI on Amazon Bedrock
AWS Audit Manager customers can now access a prebuilt standard framework to help gain visibility into how their generative AI implementation on Amazon Bedrock is working against AWS recommended best practices.

AWS Icon  Introducing CloudFront Security Dashboard, a Unified CDN and Security Experience
Amazon announced the availability of the CloudFront security dashboard, a unified experience that brings AWS WAF visibility and controls directly to your CloudFront distribution.

AWS Icon  New - Block Public Sharing of Amazon EBS Snapshot
You now have the ability to disable public sharing of new, and optionally existing, Amazon Elastic Block Store (Amazon EBS) snapshots on a per-region, per-account basis.

AWS Icon  Building sensitive data remediation workflows in multi-account AWS environments
A solution that provides you with visibility into sensitive data residing across a fleet of AWS accounts through a ChatOps-style notification mechanism using Microsoft Teams, which also provides contextual information needed to conduct security investigations.

AWS Icon  Automate and enhance your code security with AI-powered services
Amazon CodeWhisperer, Amazon CodeGuru and Amazon Inspector not only aids in early risk identification and mitigation, it empowers your development and security teams, leading to more efficient and secure business outcomes.

AWS Icon  New - Multi-account search in AWS Resource Explorer
Starting today, you can also search across accounts within your organization.

GCP Icon  Protecting your remote workforce with context-aware data loss rules and URL filtering
New Data Loss Prevention (DLP) rules with Context-Aware conditions can provide the ability to control sensitive information transfers based on user and device attributes.

GCP Icon  Tips on building a network security policy in Google Cloud
Implementing a secure network in Google Cloud means designing it to use tools like IAM, VPC, and a variety network security services.

Azure Icon  Public Preview: Azure Monitor Agent JSON log collection
Azure Monitoring Agent now supports collection of JSON for ingestion into Log Analytics.

Azure Icon  Public Preview: Azure Monitor Alerts integration with Event Grid for Azure Key Vault system events
Azure Monitor alerts as a destination in Event Grid event subscriptions allow you to receive notification of critical events via action groups as Short Message Service (SMS), email, push notification, and more.

Azure Icon  Public preview: Confidential containers on Azure Kubernetes Service (AKS)
AKS now lets you run individual pods in their own trusted execution environment (TEE).

Azure Icon  Public preview: Confidential temp disk encryption for confidential VMs
Confidential temp disk encryption is now available for all confidential VMs.

Business News

  • SentinelOne Launches PinnacleOne Strategic Advisory Group (source)
  • Cyber risk management leader Vulcan Cyber raises $55m in latest investment (source)
  • Wiz adds AI security to its cloud protection line (source)
  • Cloud Security Alliance launches industry-first 'Certificate of Competence in Zero Trust (source)
  • Zip Security clinches $7.7m for enhanced cyber defense for firms (source)

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! πŸ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at!

Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
Β© 2019-present, CloudSecList by Marco Lancini.