Release Date: 07/07/2024 | Issue: 245
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Does your email security solution fit your alert budget?
Relying on built-in controls or traditional blockers will inevitably lead to more noise than your incident response team can handle.
Material Security takes a pragmatic approach to email security – stopping new flavors of phishing and pretexting attacks before they can reach the user’s mailbox, while searching through everyone else’s mailbox for similar messages in a campaign. What gets surfaced to your team are the highest-value cases to investigate, with all the context and reach consolidated into a single view.
Learn more about Material

This week's articles


Catching Compromised Cookies
How Slack automatically detects stolen session cookies.   #defend   #saas


Exploiting Client-Side Path Traversal to Perform Cross-Site Request Forgery
This research introduces the basics of Client-Side Path Traversal, presenting sources and sinks for Cross-Site Request Forgery.   #attack


regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server
The Qualys Threat Research Unit (TRU) has discovered a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH's server (sshd) in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387.   #attack


Who polices your policies? Azure policy abuse for privileges escalation and persistence
Azure Policy is a popular service to ensure compliance. But did you know attackers can also leverage it to backdoor cloud resources?   #attack   #azure


Grafana security update: Grafana Loki and unintended data write attempts to Amazon S3 buckets
The Grafana Loki Helm chart had a default configuration that could potentially lead to unintended requests to third-party S3 buckets under specific circumstances.   #attack   #saas


Review: Amazon GuardDuty Malware Protection for S3
A deep into Amazon GuardDuty Malware Protection for S3, covering: scan modes, mitigations, reporting, devex, and pricing.   #aws   #defend   #explain


History of Amazon Web Services
A page collecting the history of AWS service announcements and releases.   #aws


How I Built a Cybersecurity Digital Forensics and Incident Response Lab in AWS
A walk through of the implementation process of a DFIR lab in AWS.   #build   #monitor

πŸ“™ The CloudSec Engineer is out now!

The CloudSec Engineer is a practical guide on how to enter, establish yourself, and thrive in the Cloud Security industry as an individual contributor.

You can head over to engineer.cloudsecbooks.com to find more information about the book, its contents, and where to buy it.

Tools


image-automation-controller
GitOps Toolkit controller that patches container image tags in Git.


aws-whoami-golang
A tool to show what AWS account and identity you're using.


dotenvx
A better dotenv, from the creator of dotenv.


azure-activity-log-axe
A tool that simplifies the transactional log format provided by Microsoft.


bullfrog
Github Action for securing your Github workflows using egress policies.

From the cloud providers


#AWS   Implement an early feedback loop with AWS developer tools to shift security left
How to use AWS CodeCommit to securely host Git repositories, AWS CodePipeline to automate continuous delivery pipelines, AWS CodeBuild to build and test code, and Amazon CodeGuru Reviewer to detect potential code defects.


#AWS   AWS CloudShell now supports VPCs
This allows you to create CloudShell environments in a VPC, which enables you to use CloudShell securely within the same subnet as other resources in your VPC without the need for additional network configuration.


#AWS   Access AWS services programmatically using trusted identity propagation
With the introduction of trusted identity propagation, applications can now propagate a user's workforce identity from their identity provider (IdP) to applications running in AWS and to storage services backing those applications, such as S3 or Glue.


#AWS   Announcing initial services available in the AWS European Sovereign Cloud
AWS revealed an initial roadmap of services that will be available in the AWS European Sovereign Cloud.


#GCP   Announcing expanded Sensitive Data Protection for Cloud Storage
GCP's Sensitive Data Protection (SDP) discovery service now supports Cloud Storage, joining BigQuery, BigLake, and Cloud SQL.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! πŸ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
Β© 2019-present CloudSecList Β· Marco Lancini