Dieter Van der StockApr 28
1
Monday May, 2023
📣 Sponsor
Fire your siloed security tools and specialist-only access control! Integrate security into everyone's workflows with a cloud agnostic, simple, and integrated solution: Cloud Access Management Toolkit.
CAMT provides access analyzers, policy generators, and integrations with delivery & operational workflows, so you can make security everyone's job!
#CIEM #CAMT #SilolessSecurity
🐿 In a nutshell
Following the inconvenience caused by the Twitter API modification, I am currently facing a new challenge with the mailbrew engine that I utilize to create this newsletter.
It appears that the engine is experiencing issues, as confirmation emails are no longer being dispatched. Consequently, I will need to find an alternative tool to manage and distribute this newsletter within the next few weeks.
If you have any suggestions, kindly direct message me.
📢 MAMIP (Monitor AWS Managed IAM Policies)
Policies changed since last week (18):
- AWSApplicationMigrationFullAccess
- AWSBackupServiceLinkedRolePolicyForBackup
- AWSBackupServiceRolePolicyForBackup
- AWSBackupServiceRolePolicyForRestores
- AWSWellArchitectedDiscoveryServiceRolePolicy
- AmazonCodeCatalystFullAccess
- AmazonCodeCatalystReadOnlyAccess
- AmazonCodeCatalystSupportAccess
- AmazonEMRServerlessServiceRolePolicy
- AmazonOpenSearchIngestionFullAccess
[...]
AWS Notification Message
GuardDutyAnnouncementsApr 27
[tl;dr sec] #179 - BSidesSF Summaries, Attacking Kubernetes
Clint at tl;dr secApr 27
Amazon Elastic Compute Cloud - 7 updated methods
Apr 27
This release adds support for AMD SEV-SNP on EC2 instances.
Amazon EMR Containers - 1 new methods
Apr 27
This release adds GetManagedEndpointSessionCredentials, a new API that allows customers to generate an auth token to connect to a managed endpoint, enabling features such as self-hosted Jupyter notebooks for EMR on EKS.
Amazon GuardDuty - 1 new 2 updated methods
Apr 27
Added API support to initiate on-demand malware scan on specific resources.
📣 Sponsor
Are you struggling with the high costs of your Cloud Service Provider due to unused assets that are left active?
unusd.cloud, aims to solve this problem by providing daily notifications of unused resources and potential cost-saving opportunities.
By using our service, you can not only save money but also reduce your attack surface and lower your carbon footprint.
Issue With IAM Supporting Multiple MFA Devices
aws@amazon.comApr 25
Initial Publication Date: 04/25/2023 10:00AM EST
A security researcher recently reported an issue with AWS’s recently-released (November 16th, 2022) support for multiple multi-factor authentication (MFA) devices for IAM user principals. The reported issue could have potentially arisen only when the following three conditions were met: (1) An IAM user had …
AWS Security Profile: Tatyana Yatskevich, Principal Solutions Architect for AWS Identity
Maddie BaconApr 28
In the AWS Security Profile series, I interview some of the humans who work in AWS Security and help keep our customers safe and secure. In this profile, I interviewed Tatyana Yatskevich, Principal Solutions Architect for AWS Identity. How long have you been at AWS and what do you do in …
AWS achieves an AAA Pinakes rating for Spanish financial entities
Daniel FuertesApr 25
Amazon Web Services (AWS) is pleased to announce that we have achieved an AAA rating from Pinakes. The scope of this qualification covers 166 services in 25 global AWS Regions. The Spanish banking association Centro de Cooperación Interbancaria (CCI) developed Pinakes, a rating framework intended to manage and monitor the …
kafka: 9 new actions, 1 new resource, 1 new condition | 3 updated actions
Apr 29
9 new actions: CreateVpcConnection (Grants permission to create a MSK VPC connection), DeleteClusterPolicy (Grants permission to delete a cluster resource-based policy), DeleteVpcConnection (Grants permission to delete a MSK VPC connection), DescribeVpcConnection (Grants permission to describe a MSK VPC connection), GetClusterPolicy (Grants permission to describe a cluster resource-based policy), ListClientVpcConnections (Grants …
guardduty: 1 new action
Apr 29
1 new action: StartMalwareScan (Grants permission to initiate a new malware scan)
connect: 14 new actions, 2 new resources | 3 updated actions
Apr 29
14 new actions: ActivateEvaluationForm (Grants permission to activate an evaluation form in the specified Amazon Connect instance. After the evaluation form is activated, it is available to start new evaluations based on the form), CreateEvaluationForm (Grants permission to create an evaluation form in the specified Amazon Connect instance. The form …
Beware of Broken macOS servers (mac1.metal) on AWS EC2!
Currently, getting a dedicated mac1.metal server on Amazon EC2 is a pay-to-win Gacha game. The ones that can run macOS 13 has a Rarity Level SR.
A few days ago, I rented a bare-metal Mac computer on AWS (Dedicated Host, type mac1.metal) for software testing on macOS, but unexpectedly, I …
Anyway to get $5k/$10k AWS credits for startups in 2023?
Just applied aws activate here https://aws.amazon.com/activate/ and it shows only $1k credit. But people just talking about 5k/10k credits couple months ago here : https://www.reddit.com/r/aws/comments/wtbvtr/how_was_your_experience_with_aws_activate_program/ and https://www.reddit.com/r/aws/comments/yp7nfq/aws_activate_founders_credits/
So did they lower the aws credits to $1k last month? Is there any other way to get that $5k/10k credit?
- 🖊️ Don't miss out on the latest industry insights - stay ahead of the game by subscribing
- 📢 Gain visibility for your brand by sponsoring our content
- 💌 If you have any suggestions for future topics, let us know
