Release Date: 05/01/2025 | Issue: 269
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.

This week's articles


The road to zero trust is paved with good intentions
Where is your organization really in your zero trust journey, and how much further do you have to do? Implementing a true zero trust architecture is more aspirational than achievable.   #defend   #process   #strategy


Security at scale: Plaid's journey to creating a key management system
Blog describing Plaid's journey of creating and leveraging a secure Key Management System to protect sensitive data, including design, architecture, usage, and challenges.   #build   #design


Vigilante Justice on GitHub
You can Graffiti other people's GitHub activity.   #attack   #ci/cd


From Detection to Enforcement: Migrating from IMDSv1 to IMDSv2
Concrete advice on approaching a migration to IMDSv2.   #aws   #defend   #process


The many ways to obtain credentials in AWS
Post exploring how AWS services provide IAM credentials, and teaching key risks and detection strategies to secure your cloud environment against credential misuse.   #aws   #defend   #iam


Escalating privileges to read secrets with Azure Key Vault access policies
Azure Key Vault Contributors are not allowed access to Key Vault keys, certificates, and secrets. But did you know they can still gain access to this sensitive data? This post will cover a privilege escalation vector to access data in key vaults using the access policy permissions model.   #attack   #azure


Threat actor MUT-1244 targets offensive actors, leaking hundreds of thousands of credentials
The attacker leverages several initial access techniques spread across a phishing campaign and dozens of trojanized GitHub repositories to deliver the same second-stage payload.   #attack   #ci/cd


Enhance build security and reach SLSA Level 3 with GitHub Artifact Attestations
This post breaks down the basics of SLSA, explains the importance of artifact attestations, and provides a step-by-step guide to securing a build process.   #build   #ci/cd   #supply-chain


Hat Trick: AWS introduced same RCE vulnerability three times in four years
Amazon has introduced the same dependency confusion issue at least on 3 separate occasions when adding new packages to the Neuron SDK registry.   #attack   #aws


Announcing OPA 1.0
After nearly 10 years, OPA reached version 1.0. The new version introduces mandatory syntax changes, including the use of if for rule definitions and contains for multi-value rules.   #announcement   #opa


The dark cloud around GCP service accounts
Why does this service account still have access even though I deleted its service account key?   #attack   #defend   #gcp

Tools


ConditionalAccess
A set of Conditional Access (CA) policies and PowerShell management tools for Microsoft Entra ID.


deciduous-vscode
A VSCode Extension that simplifies building decision trees to model adverse scenarios.


ciso-assistant
CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +70 frameworks worldwide with auto-mapping.


annotated-logger
A decorator to aid in annotating logs for easier reading and searching.


vpcshark
An open source Wireshark extcap to make ad hoc mirroring of AWS EC2 traffic easier.

From the cloud providers


#AWS   Enforce resource configuration to control access to new features with AWS
Post demonstrating an approach to giving users controlled flexibility within safe boundaries by allowing resource provisioning that uses only approved configurations.


#AWS   Introducing the AWS Network Firewall CloudWatch Dashboard
An overview of the dashboard and a step-by-step guide to deploy it in your environment.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini