Release Date: 11/02/2024 | Issue: 224
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Join our upcoming CNAPP CTF bootcamp to master the art of integrating security into your development lifecycle. Get the latest in cloud security through our exclusive short virtual workshops designed to deepen your understanding with hands-on experience. Learn why organizations are shifting from DevOps to DevSecOps.
Reserve your spot today

This week's articles


CIEM Part 3: Mastering privilege management for developers
How to determine the right point in time to harden a role which results in guidance on where to invest your time.   #aws   #iam


Conditional Love for AWS Metadata Enumeration
How would you feel if an attacker could read your AWS resource tags? Turns out they can!   #attack   #aws


The Crow Flies at Midnight - Exploring Red Team Persistence via AWS Lex Chatbots
A post looking at using an AWS Lex Service chatbot as a persistence method for a red teamer.   #attack   #aws


New EKS Access Management and Pod Identity features: a security analysis
The Wiz research team unpacks the security implications of the new EKS access and identity management features and recommends best practices when using them.   #aws   #iam   #kubernetes


Security Analytics with Wiz and Snowflake
If you're looking for a high value, low effort way to boost your security program, analytics on cloud risk data is a fantastic contender. If you have Snowflake and you use Wiz then look no further.   #strategy


The Nine Lives of Commando Cat: Analysing a Novel Malware Campaign Targeting Docker
Commando Cat is a novel cryptojacking campaign exploiting Docker for Initial Access. The campaign deploys a credential stealer payload, targeting Cloud Service Provider credentials (AWS, GCP, Azure).   #attack   #aws   #azure   #gcp


Azure HDInsight Privilege Escalation and Denial of Service Vulnerabilities
The Orca Security Research Pod discovered three vulnerabilities in Azure HDInsight that could lead to privilege escalation and denial of service.   #attack   #azure


The separation of work and play
Mixing work and personal contexts can provide a better employee experience and increased security risk. Here we look at specific scenarios, risks, and available controls to help startups find balance.   #saas   #strategy

Sponsor

Tired of Auth0 price hikes and outdated architecture?
SlashID Access is the leading user onboarding and access management platform. We help customers increase their conversion rate and reduce support tickets while staying compliant with data protection and residency laws around the world. Our native serverless and multi-region architecture allows you to serve multiple regions out of the box without any scalability concerns.
Learn more here

Tools


octoherd
Octoherd allows you to run a script against multiple repositories in parallel.


kubeconform
A Kubernetes manifests validator, with support for Custom Resources.


terraform-aws-atlantis
Terraform module to deploy Atlantis on AWS Fargate.


simulator
Kubernetes Security Training Platform - focusing on security mitigation.


smimesign
An S/MIME signing utility for use with Git.

From the cloud providers


#AWS   AWS Free Tier now includes 750 hours of free Public IPv4 addresses, as charges for Public IPv4 begin
Amazon updated the AWS Free Tier for Amazon Elastic Compute Cloud, 12 month free, to include 750 hours of public IPv4 address usage per month.


#AWS   Generative AI Meets AWS Security
A Case Study Presented by CodeWhisperer Customizations.


#AWS   How to migrate asymmetric keys from CloudHSM to AWS KMS
How to import an asymmetric key into AWS KMS from CloudHSM by using the CloudHSM CLI.


#GCP   H1 2024 Threat Horizons Report
This iteration of the Google Cloud Threat Horizons Report explores top cloud threats and security concerns for 2024, including credential abuse, cryptomining, ransomware, and data theft.


#GCP   Setting up a FedRAMP Aligned Three-Tier Workload on Google Cloud
This solution guide covers the process and the guidelines to deploy a FedRAMP-aligned three-tier workload on Google Cloud using Assured Workloads.


#AZURE   Azure WAF guided investigation Notebook using Microsoft Sentinel for automated false positive tuning
A notebook that guides you through an investigation experience to understand the Azure WAF incidents in Microsoft Sentinel, identify false positives, and automatically apply exclusions to WAF rules to address the false positives.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini