Release Date: 25/05/2025 | Issue: 289
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

The Rise of Non-Human Identities: What Security Teams Can’t Afford to Miss
API keys, tokens, secrets, and service accounts run your apps, connect your services, and access your most sensitive data - but who’s watching them? The new NHI Masterclass by Clutch Security is a sharp, no-fluff video series that breaks down everything you need to know about Non-Human Identities:
  • What Non-Human Identities are
  • How they’re abused, and how to secure them
  • Why secret rotation isn’t enough
  • Why you need to embrace an “Assume Leak” mindset
  • How to apply Zero Trust principles to NHIs
Watch it now

This week's articles


Building Uber's Multi-Cloud Secrets Management Platform
How Uber built their own Secret Management Platform, solving key challenges and setting a new standard for secrets management.   #build   #strategy


Root in prod: The most important security analysis you will never do on your AWS accounts
This article outlines steps for identifying AWS accounts, determining which ones are truly production, and analyzing access levels, including finding users and roles with AdministratorAccess.   #aws   #explain   #iam


The obfuscation game: MUT-9332 targets Solidity developers via malicious VS Code extensions
Analysis of a threat actor campaign targeting Solidity developers via three malicious VS Code extensions.   #attack   #supply-chain


PowerUserAccess vs. AdministratorAccess from an attacker's perspective
The article highlights the dangers of using the AWS managed policy PowerUserAccess in complex environments by sharing an attacker's perspective on the matter.   #attack   #aws


Hunting for Bucket Traversals in Google's Client Libraries
A bucket traversal vulnerability arises when an application mishandles user input while interacting with cloud storage, allowing unauthorized access to storage objects.   #attack   #gcp


Disaster recovery strategies with Terraform
Post demonstrating how Terraform can be leveraged to automate, simplify, and reduce costs related to provisioning and managing infrastructure within your disaster recovery strategy.   #build   #terraform


Understanding Kubernetes Gateway API
The Kubernetes Gateway API introduces a standardized, Kubernetes-native framework for managing traffic.   #explain   #kubernetes

Sponsor

Datadog State of DevSecOps 2025
Read the State of DevSecOps report for data-driven insights on modern DevSecOps practices and application security risks and vulnerabilities including: - The impact of container image sizing on severe vulnerabilities - Critical vulnerabilities to prioritize based on runtime context - How deployment frequency impacts out-of-date dependencies
Read the Report

Tools


proxyblob
SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.


CloudPEASS
Cloud Privilege Escalation Awesome Script Suite.


arsenal
Arsenal is just a quick inventory and launcher for hacking programs.


Gato-X
A static analysis and exploit toolkit for GitHub Actions.


mcp-guardian
Manage / Proxy / Secure your MCP Servers.

From the cloud providers


#AWS   Centralize visibility of Kubernetes clusters across AWS Regions and accounts with EKS Dashboard
EKS Dashboard provides cloud architects and cluster administrators with a centralized view to monitor and govern Kubernetes clusters across multiple AWS Regions and accounts, offering insights into clusters, managed node groups, and EKS add-ons through a unified interface in the AWS Console.


#AWS   Amazon Inspector enhances container security by mapping Amazon ECR images to running containers
Amazon ECR image-to-container mapping that shows which images are actively running in containers and how widely they're deployed, and extended vulnerability scanning support for minimal base images including scratch, distroless, and Chainguard containers.


#AWS   How to automate incident response for Amazon EKS on Amazon EC2
Post showing the differences between Amazon EKS and Amazon EC2 resources, and how to handle EKS automation for incident response.


#AZURE   Microsoft extends Zero Trust to secure the agentic workforce
Microsoft introduced Microsoft Entra Agent ID, which extends identity management and access capabilities to AI agents.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present CloudSecList · Marco Lancini