Release Date: 12/01/2025 | Issue: 270
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Is your cloud data secure?
A simple phishing attack can put everything at risk and prevention alone isn’t enough to protect against attacks. Cyberattacks are guaranteed. Is your recovery?
With Rubrik, you can gain complete data visibility, reducing data exfiltration risk and allowing you to confidently recover from cyber incidents and operational disruptions quickly.
Master Cyber Resilience in the Cloud with Rubrik

This week's articles


Avoiding mistakes with AWS OIDC integration conditions
Post exploring some common missteps in securing your AWS OIDC.   #aws   #build   #ci/cd   #iam


Implementing Security Invariants in an AWS Management Account
Chris Farris discusses the implementation of security invariants within an AWS management account, specifically the payer account where organizational policies do not apply.   #aws   #defend   #iam


Container capabilities: a short tour
Post running through the various permutations of the root user and the --privileged flag.   #containers   #explain


Navigating PCI DSS 4.0: The Challenge of Non-Human Identities
A post that looks into the specific challenges companies face regarding non-human identities in PCI DSS v4.0, and explores strategies to overcome them.   #defend


AWS CodeBuild: Self-Hosted GitHub Action Runners
How to set up AWS CodeBuild for GitHub Action Runners, including configuration steps and integration advantages.   #aws   #build   #ci/cd


Hijacking Azure Machine Learning Notebooks (via Storage Accounts)
A (now remediated) vulnerability allowed the Reader role on the AML service to gain write access to these Storage Accounts to ultimately get code execution through Jupyter notebooks.   #attack   #azure


Using rekor-monitor to Scan Your Transparency Logs
Using a reusable monitoring workflow, rekor-monitor can periodically and automatically verify both the consistency of a log and search for any found identities.   #ci/cd   #defend   #supply-chain

Tools


Chatbot-to-help-security-teams-perform-vulnerability-assessments
This chatbot functions as an illustration of the capabilities of Amazon Bedrock to convert natural language into Amazon Athena queries and to process and utilize complex data sets.


iam-simulate
An IAM Simulator that outputs detailed explains of how a request was evaluated.


etcd-k8s-extract
Etcd-k8s-extract takes in an etcd data directory or db file used in kubernetes, extracts the kubernetes resources and then writes the resources to disk in yaml format.


ghostty
A fast, feature-rich, and cross-platform terminal emulator that uses platform-native UI and GPU acceleration.

From the cloud providers


#AWS   New AWS Skill Builder course available: Securing Generative AI on AWS
This new course is designed to help security professionals, architects, and artificial intelligence and machine learning (AI/ML) engineers understand and implement security best practices for generative AI applications and models in the AWS Cloud.


#AWS   Customize the scope of IAM Access Analyzer unused access analysis
How to tailor your unused access analyzer to your needs by excluding specific accounts and IAM roles.


#AWS   Get to know Amazon GuardDuty Runtime Monitoring for Amazon EC2
A deep dive into Amazon GuardDuty Runtime Monitoring for EC2 instances and key capabilities that are part of the feature.


#AWS   How to share security telemetry per OU using Amazon Security Lake and AWS Lake Formation
How to extract OU structure and account metadata from your organization and use it to securely share Security Lake data on a per-OU basis across your organization.


#GCP   How Google Does It: Modernizing threat detection
Get an inside look at Google's approach to modern threat detection and response, part of their new "How Google Does It" series.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! πŸ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
Β© 2019-present CloudSecList Β· Marco Lancini