CloudSec Wine

🔶 Set IMDSv2 as default for all new instance launches in your account You can now set all new Amazon EC2 instance launches in your account to use Instance Metadata Service Version 2 (IMDSv2) by default. https://aws.amazon.com/ru/about-aws/whats-new/2024/03/set-imdsv2-default-new-instance-launches/ #aws

🔶 Use Amazon Verified Permissions for fine-grained authorization at scale How you can apply 2 techniques (bulk authorization and response caching) when listing authorized resources and actions and loading multiple components on webpages. https://aws.amazon.com/ru/blogs/security/use-amazon-verified-permissions-for-fine-grained-authorization-at-scale/ #aws

🔶 Ultimate guide to secrets in Lambda This post compares Systems Manager, Secrets Manager, Key Management Service, and environment variables for handling your secrets in Lambda. https://aaronstuyvenberg.com/posts/ultimate-lambda-secrets-guide #aws

🔶 DynamoDB now supports resource-based policies. But is that a good idea? While it simplifies cross-account access to DynamoDB tables, eliminating the need to assume IAM roles. It still begs the question: Is cross-account data access even a good idea? https://theburningmonk.com/2024/03/dynamodb-now-supports-resource-based-policies-but-is-that-a-good-idea/ #aws

🔴 Introducing stronger default Org Policies for our customers Google Cloud is releasing an updated and stronger set of security defaults that can be implemented with Organizational Policies. https://cloud.google.com/blog/products/identity-security/introducing-stronger-default-org-policies-for-our-customers/ #gcp

👩‍💻 Microsoft Copilot for Security: General Availability details Microsoft announced the general availability of Microsoft Copilot for Security (Copilot) on April 1st. https://techcommunity.microsoft.com/t5/microsoft-security-copilot-blog/microsoft-copilot-for-security-general-availability-details/ba-p/4079970 #azure

🔴 How to set compliance controls for your Google Cloud Organization Assured Workloads can help you ensure comprehensive data protection and regulatory compliance with folders that support your compliance requirements. https://cloud.google.com/blog/products/identity-security/how-to-set-compliance-controls-for-your-google-cloud-organization/ #gcp

👩‍💻 Azure Deployment Scripts: Assuming User-Assigned Managed Identities Attackers may get access to a role that allows assigning a Managed Identity to a resource. Depending on the permissions of the Managed Identity, this can be used for privilege escalation. https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-user-assigned-managed-identities-via-deployment-scripts/ #azure

🔶 Tales from the cloud trenches: Using malicious AWS activity to spot phishing campaign How the tracking of AWS Simple Notification Service (SNS) enumeration activity across multiple customer environments led to the takedown of a phishing site that was impersonating the French government. https://securitylabs.datadoghq.com/articles/tales-from-the-cloud-trenches-aws-activity-to-phishing/ #aws

🔶👩‍💻 CloudGrappler CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known threat actors in popular cloud environments such as AWS and Azure. You can also refer to the companion blog post. https://github.com/Permiso-io-tools/CloudGrappler #aws #azure

🔴 Use customer-managed encryption keys How to use a Cloud Key Management Service (Cloud KMS) encryption key with Dataflow. https://cloud.google.com/dataflow/docs/guides/customer-managed-encryption-keys #gcp

🔶 How we sped up AWS CloudFormation deployments with optimistic stabilization Post discussing the new optimistic stabilization strategy to shorten stack deployment times and improve visibility into resource provisioning. https://aws.amazon.com/ru/blogs/devops/how-we-sped-up-aws-cloudformation-deployments-with-optimistic-stabilization/ #aws

🔴 Introducing Security Command Center Enterprise Security Command Center Enterprise is the first multicloud risk management solution that fuses AI-powered SecOps with cloud security. https://cloud.google.com/blog/products/identity-security/introducing-security-command-center-enterprise #gcp

🔶 The Missing Guide to AWS API Gateway Access Logs Learn the what, why, and how of API Gateway access logs. https://www.alexdebrie.com/posts/api-gateway-access-logs/ #aws

🔶 Introducing the AWS WAF traffic overview dashboard Post introducing the new dashboards and delve into a few use cases to help you gain better visibility into the overall security of your applications using AWS WAF and make informed decisions based on insights from the dashboards. https://aws.amazon.com/ru/blogs/security/introducing-the-aws-waf-traffic-overview-dashboard/ #aws

Яндекс делает закрытую вечеринку от команды информационной безопасности Yet Another Security Night 27 марта в 18:00 Только офлайн в Москве и в Питере Мы приглашаем к себе в гости в офис на Льва Толстого в Москве и атмосферную локацию на набережной в Питере, где: ▫️Эксперты Яндекса расскажут про: - Яндекс in-house: один день из жизни инженера СИБ, Спартак Свасян - Уязвимости бизнес-логики, которые могут стоить вам миллионы, Азиз Алимов ▫️Бизнес игра - погружение во внутренние процессы команды в комфортном режиме ▫️Много нетворкинга и знакомств с нашими экспертами ▫️Афтерпати с DJ-сетом, крафтовыми напитками и настольным футболом Получите приглашение - регистрация открыта! Реклама. ООО "Яндекс", ИНН 7736207543 #advertising

🔶 The AWS S3 Denial of Wallet amplification attack If you publicly host large data files on AWS S3 and pay for AWS transfer costs, you may be vulnerable to a "Denial of Wallet" amplification attack. https://blog.limbus-medtec.com/the-aws-s3-denial-of-wallet-amplification-attack-bc5a97cc041d (Use VPN to open from Russia) #aws

👩‍💻 The mystery of the EnrichedOffice365AuditLogs solved With Global Secure Access enabled access to the Microsoft 365 services such as SharePoint/OneDrive will be recorded in the EnrichedOffice365AuditLogs. https://www.invictus-ir.com/news/the-mystery-of-the-enrichedoffice365auditlogs-solved #azure

👩‍💻 Meet Silver SAML: Golden SAML in the Cloud Semperis researchers have discovered Silver SAML: a new application of Golden SAML that can be exploited in Entra ID and without AD FS. https://www.semperis.com/blog/meet-silver-saml/ #azure

🔴 From Lighthouse to Loran - Navigating GCP Security Auditing Tools Set sail on a secure journey through Google Cloud Platform with built-in and open-source auditing tools. https://alexmorgan.uk/blog/from-lighthouse-to-loran---navigating-gcp-security-auditing-tools/ #gcp