Release Date: 20/04/2025 | Issue: 284
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Secure your cloud workspace before, during and after a breach
Your Google Workspace or Microsoft 365 platform is where your company works, communicates, and collaborates. Protecting it with a patchwork of native security and point solutions leaves gaps with the biggest being visibility after an attacker has made it inside your cloud workspace.
Material detects and stops more threats, responds faster to attacks, and protects data even after a breach, all without disrupting workflows or slowing your employees down.
See the Material Difference

This week's articles


Kube-Policies: Guardrails for Apps Running in Kubernetes
How the Square Security team built Kubernetes security guardrails using OPA, ensuring innovation stays fast, flexible, and secure at scale.   #defend   #kubernetes   #opa


How to use the new CloudTrail network activity events for AWS VPC Endpoints
How AWS VPC Endpoint CloudTrail logs can help you troubleshoot endpoint policies and strengthen your network's security against data exfiltration.   #aws   #defend   #monitor


IAM Role Trust Policies: Misconfigurations Hiding in Plain Sight
Even small misconfigurations in role trust policies can unintentionally create critical privilege escalation risks in AWS, such as allowing low-privileged users to assume admin roles.   #aws   #defend   #iam


AWS SNS Abuse: Data Exfiltration and Phishing
Post diving into publicly known SNS abuse attempts and Elastic's knowledge of the data source to develop detection capabilities.   #aws   #monitor


Path Traversal Vulnerability in AWS SSM Agent's Plugin ID Validation
A Path Traversal vulnerability found in the AWS Systems Manager (SSM) Agent, specifically within the ValidatePluginId function of the pluginutil.go file.   #attack   #aws


Living-off-the-land Dynamic DNS for Route 53
Making a dynamic DNS client with aws and jq CLI, with a least-privilege IAM role and a SystemD service.   #aws   #iam


Gaining Long-Term AWS Access with CodeBuild and GitHub
Another example of how attackers can abuse legitimate AWS services for persistence.   #attack   #aws   #ci/cd

Sponsor

Your CSPM isn’t built to fix cloud problems
Improving cloud posture is full of manual work: from coordinating with developers to rolling out fixes safely. As a result, companies are constantly out of compliance and dealing with excess risk. Fix by Resourcely is the only purpose-built tool for improving cloud security posture quickly. It takes the heavy lifting out of manual work that causes security engineers’ toil. With it, security teams improve their cloud posture in fractions of the time, and security leaders get visibility into compliance and risk progress.
Tell us what you think

Tools


chartdb
Database diagrams editor that allows you to visualize and design your DB with a single query.


gmailctl
Declarative configuration for Gmail filters.


gitdiagram
Free, simple, fast interactive diagrams for any GitHub repository.


dAWShund
A suite of tools to enumerate, evaluate and visualise the access conditions between different resources.


mcp-scan
A security scanning tool for MCP servers.

From the cloud providers


#AWS   Automate security compliance and remediation across organizations
Post covering topics such as centralized security tooling, automated AWS Config rule deployment, custom remediation using Lambda and AWS Systems Manager, tagging-based exception handling, and comprehensive compliance reporting and visibility.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present CloudSecList · Marco Lancini