🔶 Tales from the cloud trenches: Unwanted visitor

A cloud attack targeting Amazon SES, persistence, and a malicious AWS account ID.

https://securitylabs.datadoghq.com/articles/tales-from-the-cloud-trenches-unwanted-visitor/

#aws

🔴 Locking down Cloud Run: Inside Commerzbank's adoption of Custom Org Policies

Commerzbank has adopted Google Cloud's Custom Org Policies to enhance security for its Cloud Run environments, addressing the critical need for robust security in financial services.

https://cloud.google.com/blog/topics/financial-services/commerzbank-cloud-run-custom-org-policies/

#gcp

🔶 A practical guide to getting started with policy as code

Post detailing the concepts, processes, and steps to get started with policy as code (PaC) and adopt this into your software development lifecycle.

https://aws.amazon.com/ru/blogs/infrastructure-and-automation/a-practical-guide-to-getting-started-with-policy-as-code/

(Use VPN to open from Russia)

#aws

🔶 AWS Network Firewall Geographic IP Filtering launch

Geographic IP Filtering is a new feature of Network Firewall that you can use to filter traffic based on geographic location and meet compliance requirements.

https://aws.amazon.com/ru/blogs/security/aws-network-firewall-geographic-ip-filtering-launch/

(Use VPN to open from Russia)

#aws

🔴 Improve your security posture with expanded Custom Org Policy

Administrators can use custom organization policies to set granular resource configurations in order to enhance security posture, address regulatory requirements, and increase operational efficiencies, all without impacting development velocity.

https://cloud.google.com/blog/products/identity-security/announcing-expanded-custom-org-policy-portfolio-of-supported-products/

#gcp

🔶 A small digest of AWS news:

1️⃣ AWS Control Tower launches managed controls using declarative policies

These policies are a set of new optional controls that help you consistently enforce the desired configuration for a service.

2️⃣ AWS Config now supports a service-linked recorder

AWS Config added support for a service-linked recorder, a new type of AWS Config recorder that is managed by an AWS service and can record configuration data on service-specific resources, such as the new Amazon CloudWatch telemetry configurations audit.

(Use VPN to open from Russia)

#aws

🙂 Dear friends,
this year we have already become more than 2000 people. And this is very cool.

Only thanks to you we will make even cooler content. Thank you very much.

🎉 Happy New Year 2025! We wish you success in your personal life and career. Let's make the new year much better than 2024 together!

#HappyNewYear

🔶 hidden-services-revealer

A tool to map hidden services in AWS. It does this by following the triggered events of a user's actions.

https://github.com/tenable/hidden-services-revealer

#aws

🔶🔴 cloudranger

Go library for mapping IP address ranges to cloud provider regions (currently: AWS and GCP).

https://github.com/planetscale/cloudranger

#aws #gcp

🔶 safer-scps

Safer AWS Service Control Policies (SCPs) deployments via real-time error monitoring.

https://github.com/matthewdfuller/safer-scps

#aws

🔴 The dark cloud around GCP service accounts

Why does this service account still have access even though I deleted its service account key?

https://redcanary.com/blog/threat-detection/gcp-service-accounts/

#gcp

🔶 Hat Trick: AWS introduced same RCE vulnerability three times in four years

Amazon has introduced the same dependency confusion issue at least on 3 separate occasions when adding new packages to the Neuron SDK registry.

https://giraffesecurity.dev/posts/amazon-hat-trick/

#aws

🔶 From Detection to Enforcement: Migrating from IMDSv1 to IMDSv2

Concrete advice on approaching a migration to IMDSv2.

https://securitylabs.datadoghq.com/articles/from_detection_to_enforcement_migrating_from_imdsv1_to_imdsv2/

#aws

🔶 The many ways to obtain credentials in AWS

Post exploring how AWS services provide IAM credentials, and teaching key risks and detection strategies to secure your cloud environment against credential misuse.

https://www.wiz.io/blog/the-many-ways-to-obtain-credentials-in-aws

#aws

🔶 Avoiding mistakes with AWS OIDC integration conditions

Post exploring some common missteps in securing your AWS OIDC.

https://www.wiz.io/blog/avoiding-mistakes-with-aws-oidc-integration-conditions

#aws

🔶 Implementing Security Invariants in an AWS Management Account

Chris Farris discusses the implementation of security invariants within an AWS management account, specifically the payer account where organizational policies do not apply.

https://www.chrisfarris.com/post/payer-invariants/

#aws

🔶 AWS CodeBuild: Self-Hosted GitHub Action Runners

How to set up AWS CodeBuild for GitHub Action Runners, including configuration steps and integration advantages.

https://kieranlowe.io/implementing-self-hosted-github-action-runners-using-aws-codebuild

#aws