🔶 New AWS whitepaper: Security Overview of Amazon EKS Auto Mode

The whitepaper covers the core security principles of Amazon EKS Auto Mode, highlighting its unique approach to managing Kubernetes clusters.

https://aws.amazon.com/ru/blogs/security/new-aws-whitepaper-security-overview-of-amazon-eks-auto-mode/

(Use VPN to open from Russia)

#aws

🔶 Rubygems.org AWS Root Access Event – September 2025

This post details a September 2025 security incident where a former RubyGems.org maintainer retained AWS root access after removal. Ruby Central discovered unauthorized access, reset credentials, and found no evidence of data compromise.

https://rubycentral.org/news/rubygems-org-aws-root-access-event-september-2025/

#aws

🔶 AWS Transfer Family SFTP connectors now support VPC-based connectivity

AWS Transfer Family SFTP connectors now support VPC-based connectivity, allowing secure file transfers between Amazon S3 and remote SFTP servers through your existing VPC infrastructure without exposing endpoints to the internet.

https://aws.amazon.com/ru/blogs/aws/aws-transfer-family-sftp-connectors-now-support-vpc-based-connectivity/

#aws

🔶 Introducing Amazon EBS Volume Clones: Create instant copies of your EBS volumes

AWS launched Amazon EBS Volume Clones, a new capability that allows users to create instant point-in-time copies of EBS volumes within the same Availability Zone with a single API call, eliminating the previous multi-step process of taking snapshots and creating volumes from them.

https://aws.amazon.com/ru/blogs/aws/introducing-amazon-ebs-volume-clones-create-instant-copies-of-your-ebs-volumes/

#aws

🔶 Amazon EC2 instance attestation

Learn how to use NitroTPM for attestation to verify the integrity of your EC2 instances.

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm-attestation.html

(Use VPN to open from Russia)

#aws

🔶 ECS on EC2: Covering Gaps in IMDS Hardening

The article discusses securing ECS on EC2 by blocking IMDS access. IMDSv2 with hop limit 1 only blocks access in bridge mode but not in awsvpc or host modes. Different networking modes require specific configurations to protect against privilege escalation attacks like ECScape.

https://www.latacora.com/blog/2025/10/02/ecs-on-ec2-covering-gaps-in-imds-hardening/

(Use VPN to open from Russia)

#aws

🔴 What’s new in Cloud Armor: Innovations to boost security posture, threat protection

New capabilities in Cloud Armor offer more comprehensive security policies and granular network configuration controls.

https://cloud.google.com/blog/products/identity-security/cloud-armor-named-strong-performer-in-forrester-wave-new-features-launched/

#gcp

🔶 Using AWS Secrets Manager Agent with Amazon EKS

AWS Secrets Manager Agent for Amazon EKS provides a language-agnostic HTTP interface that runs locally within containers. It improves application availability by fetching secrets from local cache instead of direct API calls, and implements post-quantum cryptography protection via ML-KEM key exchange.

https://aws.amazon.com/ru/blogs/security/using-aws-secrets-manager-agent-with-amazon-eks/

(Use VPN to open from Russia)

#aws

🔶 Advancing Our Chef Infrastructure: Safety Without Disruption

Slack's engineering team has enhanced its Chef infrastructure to improve deployment safety and reliability without causing disruption to service owners. Instead of a complex migration to Chef Policyfiles, they focused on practical improvements to their existing EC2 and Chef frameworks.

https://slack.engineering/advancing-our-chef-infrastructure-safety-without-disruption/

#aws

🔶🔷🔴 Vulnerabilities in LUKS2 disk encryption for confidential VMs

Trail of Bits is disclosing vulnerabilities in confidential computing systems that use LUKS2 for disk encryption. These vulnerabilities allow attackers with access to storage disks to extract confidential data and modify contents.

https://blog.trailofbits.com/2025/10/30/vulnerabilities-in-luks2-disk-encryption-for-confidential-vms/

#aws #azure #gcp

🔶 Querying Terraform state with AWS Athena

How to use AWS Athena to query Terraform state files stored in S3, enabling SQL queries across organizational infrastructure resources.

https://awsteele.com/blog/2025/10/26/querying-terraform-state-with-aws-athena.html

#aws

🔴 A practical guide to Google Cloud's Parameter Manager

Google Cloud Parameter Manager is designed to reduce unnecessarily sharing key cloud configurations, and it works with many types of data formats.

https://cloud.google.com/blog/products/identity-security/a-practical-guide-to-google-clouds-parameter-manager/

#gcp

🔶 Crimson Collective: A New Threat Group Observed Operating in the Cloud

Rapid7 has observed increased activity of a new threat group attacking AWS cloud environments, Crimson Collective, who recently claimed to have stolen private repositories from Red Hat's GitLab.

https://www.rapid7.com/blog/post/tr-crimson-collective-a-new-threat-group-observed-operating-in-the-cloud/

#aws

🔴 How Google Does It: Threat modeling, from basics to AI

Google's threat modeling process follows four key questions: identifying scope, enumerating potential threats using STRIDE methodology and threat libraries, operationalizing mitigations through defensive controls and offensive red team activities, and continuously updating models through review processes and AI-powered automation with Gemini.

https://cloud.google.com/transform/how-google-does-it-threat-modeling-from-basics-to-ai/

#gcp

🔶 Migrating from Open Policy Agent to Amazon Verified Permissions

Post exploring the process of migrating from OPA and Rego to Verified Permissions and Cedar, including policy translation strategies, software development and testing approaches, and deployment considerations.

https://aws.amazon.com/ru/blogs/security/migrating-from-open-policy-agent-to-amazon-verified-permissions/

(Use VPN to open from Russia)

#aws