Release Date: 11/08/2024 | Issue: 250
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

The 2024 Gartner® Market Guide for Cloud Native Application Protection Platforms (CNAPP) is out! Organizations are shifting towards consolidated security platforms as traditional tools focusing on static risks are inadequate for today's dynamic cloud threats.
→ Download the guide here to read why a CNAPP is essential for consolidating security tools, reducing complexity, cutting costs, and enhancing agility.

This week's articles


SSRF: A complete guide to exploiting advanced SSRF vulnerabilities
This article provides a comprehensive guide on Server-Side Request Forgery (SSRF) vulnerabilities, covering detection, exploitation techniques, and mitigation strategies. It explores advanced SSRF scenarios and offers practical examples for security professionals and developers.   #attack   #defend


Reusable workflow is good... Until you realize your identity is also reusable by anyone
This article warns about security risks in GitHub Actions reusable workflows. It demonstrates how attackers can exploit OIDC to access sensitive repository data, emphasizing the need for careful configuration and access control.   #attack   #ci/cd   #defend


Splitting the email atom: exploiting parsers to bypass access controls
How to turn email parsing discrepancies into access control bypasses and even RCE.   #attack


Detection as Code: A Maturity Framework
Post explaining how breaking Detection as Code down into functional areas (programming language, testing, integration & automation, and monitoring) can help assessing your current maturity and pinpoint areas for improvement.   #microsoft   #strategy


Creating Cost-Effective, Scalable Detections
Streamlining the alert and detection flow of Security Information and Event Management system.   #monitor   #strategy


Identify and prevent abuse of Managed Identities with Federated Credentials from unauthorized entities
Options to identify, monitor and avoid persistent access on Managed Identities privileges by adding federated credentials on User-Assigned Managed Identities (UAMI) from malicious or unauthorized entities.   #azure   #defend


Why You Should Disable Your Unauthenticated GKE Read-only Ports
Google recommends organizations proactively disable their unauthenticated GKE read-only port 10255. Read more about why this is important and how to ensure all read-only ports are disabled.   #defend   #gcp   #kubernetes

Tools


multiplier
Code auditing productivity multiplier.


Installomator
Installation script to deploy standard software on Macs.


dockerc
Container image to single executable compiler.


aws-mine
AWS honey token manager.


kubectl-cond
Kubectl plugin to print Kubernetes resource conditions.

CloudSecDocs


Setup Google Workspace
Step-by-step instructions (with screenshots) on how to setup Google Workspace for your domains.

From the cloud providers


#AWS   How AWS tracks the cloud's biggest security threats and helps shut them down
This article discusses AWS's approach to tracking and mitigating major cloud security threats.


#AWS   SaaS authentication: Identity management with Amazon Cognito user pools
Various ways Amazon Cognito user pools can enable multi-tenant identity for SaaS solutions.


#AWS   Federated access to Amazon Athena using AWS IAM Identity Center
How to use the Athena JDBC driver to connect to Athena from third-party SQL client tools.


#AWS   Tenant portability: Move tenants across tiers in a SaaS application
Key considerations include maintaining consistent identities, staying compliant, reducing downtime and automating the process.


#GCP   Level up your Kubernetes security with the CIS GKE Benchmarks
To make Kubernetes-driven compliance easier to manage, Google updated the CIS Google Kubernetes Engine benchmarks. Here's what's new.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present CloudSecList · Marco Lancini