Release Date: 12/05/2024 | Issue: 237
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

[5/22] Join Lacework for a CTF Challenge
Youโ€™ll have one hour to complete as many cloud security challenges as possible and the top 3 scorers will win a Valve Steam Deck. Due to popular demand, there is an additional session on May 22. Spots are limited, so register now.
Register now

This week's articles


AWS CloudQuarry: Digging for Secrets in Public AMIs
Money, secrets and mass exploitation: This research unveils a quarry of sensitive data stored in public AMIs. Digging through each AMI they managed to collect 500 GB of credentials, private repositories, access keys and more.   #attack   #aws


Unmasking Adversary Cloud Defense Evasion Strategies: Modify Cloud Compute Infrastructure
A post covering defense evasion strategies from MITRE's ATT&CK Matrix.   #defend   #monitor


Deja Vu or New View: Latest Okta Credential Stuffing Campaign
On April 26, 2024 Okta reported observing a large scale credential stuffing attack that shares infrastructure with a campaign previously reported by Cisco Talos.   #attack   #saas


Detecting Manual Actions in EKS Clusters with Terraform and SNS
How to set up audit alerts and monitoring for manual actions in EKS resources, such as ClusterRoleBinding or Secret creation or deletion.   #aws   #build   #kubernetes   #monitor


AWS Application Load Balancer mTLS with open-source cloud CA
A step-by-step guide on implementing mTLS for AWS Application Load Balancer using an open-source cloud CA.   #aws   #build

Tools


teisteanas
A small program that can be used to create and approve a Client Signing Request in a Kubernetes cluster and then create a new kubeconfig based on that approved certificate.


okta-terrify
Okta Verify and Okta FastPass Abuse Tool.


nxs-universal-chart
The Helm chart you can use to install any of your applications into Kubernetes/OpenShift.


cdncheck
A utility to detect various technology for a given IP address.


aws-amicleaner
A small utility that cleans up your AWS AMIs.

From the cloud providers


#AWS   AWS announces a new Amazon EC2 API to retrieve the public endorsement key from NitroTPM
AWS introduced a new EC2 API to retrieve the public endorsement key (EkPub) for the Nitro Trusted Platform Module (NitroTPM) of an Amazon EC2 instance.


#AWS   Creating an organizational multi-Region failover strategy
Four different high-level approaches for creating an organizational multi-Region failover strategy.


#GCP   Securing the AI Software Supply Chain
This paper explains Google's approach to securing their AI supply chain using provenance information and provides guidance for other organizations.


#GCP   Introducing Google Security Operations: Intel-driven, AI-powered SecOps
At RSA, Google announced AI innovations across the Google Cloud Security portfolio, including Google Threat Intelligence, and the latest release of Google Security Operations.


#GCP   Introducing Google Threat Intelligence: Actionable threat intelligence at Google scale
Google Threat Intelligence includes Gemini in Threat Intelligence, their AI-powered agent that provides conversational search across their vast repository of threat intelligence, enabling customers to gain insights and protect themselves from threats faster than ever before.


#AZURE   Hunting in Azure subscriptions
This blog post covers various strategies and methodologies to help understand the scope and complexity of how threat actors' manoeuvre within Azure subscriptions.


#AZURE   General availability: Customer-managed keys on existing accounts
You can now enable Customer Managed Keys (CMK) on existing Azure Cosmos DB accounts.

Sponsor CloudSecList in 2024

If you want to get your product in front of thousands of security professionals, ranging from engineers to CISOs and VCs, at companies ranging from small start-ups to Fortune500 and FAANG, take a look at:
๐Ÿ”— cloudseclist.com/sponsor

Business News

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini