Release Date: 28/04/2024 | Issue: 235
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Get more out of your email security budget
You (hopefully) get funds for anti-phishing tools. But the threat landscape extends beyond the inbox. With more sophisticated attack flavors at higher volumes than ever, email security must also encompass insider risk scenarios, account takeover protection, and data loss prevention.

See why Material Security is the preferred choice for organizations looking to protect more areas of their Microsoft 365 or Google Workspace footprint under a unified toolkit… and a single line item in the budget.
Meet Material at RSA

This week's articles


Our Journey Migrating to AWS IMDSv2
Slack moved their entire fleet and tools to IMDSv2. In this article, they discuss the pitfalls of using IMDSv1 and their journey towards fully migrating to IMDSv2.   #aws   #explain   #iam


Fun with Kubernetes Authorization Auditing - multiple authz plugins
How you audit permissions in Kubernetes clusters with multiple authorizers? The only way to effectively do it is to review each authorization system that's in place in the cluster, and look at the permissions granted in each one.   #iam   #kubernetes


AWS Monitoring with EventBridge
When it comes to AWS monitoring, you probably think of Amazon CloudWatch first. That's right, but there is another source of information about the health of your cloud infrastructure: Amazon EventBdrige.   #aws   #explain   #monitor


Using an Undocumented Amplify API to Leak AWS Account IDs
Writeup for a technique that allowed to leak an AWS account ID from an Amplify app.   #attack   #aws


Kubernetes security fundamentals: Authentication
A look at how authentication works in Kubernetes.   #explain   #kubernetes


Image signing validation on K8s
How to use the sigstore Policy-controller to validate images in Kubernetes via an admission controller.   #build   #defend   #kubernetes

Sponsor

Studying for an AWS cert? We've got you
Few things are better for your career and your company than achieving more expertise in the cloud. Security goes up, compensation goes up, employee retention goes up.

Panoptica, a cloud native application platform from Cisco, has partnered with AWS to get our hands on some AWS skillsbuilder licenses (a $449/yr value).
The first 50 people to signup for a free Panoptica account will get an AWS skillsbuilder license to access dozens of AWS' best in class material.

Get your free AWS skillsbuilder license

Tools


contributors
GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.


openai-security-bots
Slack bots integrated with OpenAI APIs to streamline security team's workflows.


AHHHZURE
AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts to brush up their cloud sec skills.


poutine
A security scanner that detects misconfigurations and vulnerabilities in the build pipelines of a repository.


npk
A mostly-serverless distributed hash cracking platform.

From the cloud providers


#AWS   Introducing Amazon Route 53 Profiles
AWS announced Amazon Route 53 Profiles, a new offering that allows you to define a standard DNS configuration, in the form of a Profile, that may include Route 53 private hosted zone (PHZ) associations, Route 53 Resolver forwarding rules, and Route 53 Resolver DNS Firewall rule groups, and apply this configuration to multiple VPCs in the same AWS Region.


#GCP   Direct VPC egress on Cloud Run is now generally available
Direct VPC egress for Cloud Run, now GA, lets Cloud Run resources send traffic directly to a VPC network without proxying it through Serverless VPC Access connectors.


#AZURE   New Microsoft Incident Response guide helps simplify cyberthreat investigations
Microsoft Incident Response experts have created a guide on using Windows Internals for forensic investigations.


#AZURE   General availability: Application Gateway WAF inspection limit & size enforcement
Azure's regional Web Application Firewall (WAF) running on Application Gateway now supports greater control over request body inspection, and maximum size limits for request bodies and file uploads.


#AZURE   General availability: Virtual network flow logs
Gain visibility of IP traffic flowing through your virtual networks.

Business News

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present CloudSecList · Marco Lancini