Release Date: 01/12/2024 | Issue: 266
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Permiso Security's CISO Guide to Detecting and Preventing Identity Attacks
This CISO guide address the key questions:
  • How much visibility does the security team have into human and non-human identity-related activities and potential threats within your organization?
  • What do cloud identity attacks look like across different cloud environments, and how do they differ from traditional on-premise identity attacks?
  • What best practice strategies are available for detecting, preventing, and remediating identity-based attacks?
  • Plus many more
Download the eBook

This week's articles


A Security Threat Model for eBPF
This document was commissioned by the eBPF Foundation to provide security information and guidance to large enterprises using or looking to adopt eBPF-based tools.   #defend   #explain   #monitor


How Tailscale's infra team stays small
How Tailscale infra team of just three engineers uses Tailscale to handle networking, secrets, and security.   #strategy


Stop Using Predictable Bucket Names: A Failed Attempt at Hacking Satellites
This blog discusses the security risks of S3 bucket namesquatting in AWS, where attackers could potentially exploit predictable bucket naming patterns.   #attack   #aws


Ephemeral resources in Terraform
Terraform (v1.10.0) introduced Ephemeral Resources, which are read anew during each phase of Terraform evaluation, and cannot be persisted to state storage.   #announcement   #terraform


Creating a Data Perimeter with Resource Control Policies (RCPs) and AWS KMS
Post which analyses Resource Control Policies, explains the benefits of RCPs vs SCPs, and gives 5 examples of how to use RCPs to build a multi-layered data perimeter to protect data.   #aws   #explain   #iam


How to use AWS Resource Control Policies
Another article, this time from Wiz, looking at the newly introduced RCPs.   #aws   #explain   #iam


Hands-On Security Tips For Centralize Root Access In AWS
AWS has recently introduced a centralized root access management feature for AWS Organizations. This blog covers why this is important, how it changes root access management, and tips for how to handle this new feature.   #aws   #explain   #iam

Tools


hidden-services-revealer
A tool to map hidden services in AWS. It does this by following the triggered events of a user's actions.


jwt-cli
A super fast CLI tool to decode and encode JWTs.


zizmor
A static analysis tool for GitHub Actions.


AWS Region Comparison Tool
This tool fetches the CloudFormation resource spec from each Region and compares them, allowing you to see differences in service parity.

From the cloud providers


#AWS   AWS Application Load Balancer introduces header modification for enhanced traffic control and security
This feature introduces three key capabilities: renaming specific load balancer generated headers, inserting specific response headers, and disabling server response header.


#AWS   Amazon EC2 now provides lineage information for your AMIs
Amazon EC2 now provides source details for your Amazon Machine Images (AMIs). With this lineage information, you can easily trace any copied or derived AMI back to their original AMI source.


#AWS   Amazon Cognito now supports passwordless authentication for low-friction and secure logins
Amazon Cognito now allows you to secure user access to your applications with passwordless authentication, including sign-in with passkeys, email, and text message.


#AWS   Amazon CloudWatch Logs announces field indexes and enhanced log group selection in Logs Insights
Now, you can index critical log attributes like requestId and transactionId to accelerate query performance and scan relevant indexed data.


#AWS   Improve your app authentication workflow with new Amazon Cognito features
A new developer-focused console experience, Introducing Managed Login, Passwordless login support, and More options on pricing tiers.


#AWS   Amazon S3 adds new functionality for conditional writes
Amazon S3 can now perform conditional writes that evaluate if an object is unmodified before updating it.


#AWS   Time-based snapshot copy for Amazon EBS
You can now specify a desired completion duration (15 minutes to 48 hours) when you copy an Amazon Elastic Block Store (Amazon EBS) snapshot within or between AWS Regions and/or accounts.


#AWS   Introducing new capabilities to AWS CloudTrail Lake to enhance your cloud visibility and investigations
Enhanced filtering options for CloudTrail events, Cross-account sharing of event data stores, plus AI support.


#AWS   Introducing a new experience for AWS Systems Manager
The new System Manager experience provides centralized visibility of all your managed nodes which include various infrastructure types.


#AWS   Secure root user access for member accounts in AWS Organizations
How you can centrally manage root credentials and perform tasks that previously required root credentials across member accounts in your organization.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini