Security Newsletter - 533 million Facebook users' data leaked. PHP backdoor attempt. Github Actions used for coinmining. Minimal issue.
Dieter Van der StockApr 05
5
Monday April, 2021
SRE Weekly Issue #264
Lex NevaApr 05
📖 [The CloudSecList] Issue 81
Marco from CloudSecListApr 04
[tl;dr sec] #77 - Hidden OAuth attack vectors, Networking Fundamentals
Clint at tl;dr secApr 01
AWS WAF now supports Labels to improve rule customization and reporting
aws.amazon.comApr 4
AWS WAF now lets you generate labels and customize your WAF rules based on those labels. With this feature, you can configure WAF to add descriptive labels to web requests when a WAF rule matches the request, regardless of the action associated with the rule. You can also check for …
AWS Firewall Manager now supports centralized deployment of the new AWS WAF Bot Control across your organization
aws.amazon.comApr 4
AWS Firewall Manager now enables security administrators to deploy the recently launched AWS WAF Bot Control across accounts in their organization, from a central administrator account. AWS WAF Bot Control is a new managed rule group that gives you visibility and control over common and pervasive bot traffic to your …
AWS Firewall Manager now supports centralized management of Amazon Route 53 Resolver DNS Firewall
aws.amazon.comApr 4
AWS Firewall Manager now supports Amazon Route 53 Resolver DNS Firewall, making it easy for security administrators to identify the set of DNS Firewall rules they wish to use and deploy across their organization, from a central place. AWS recently launched Amazon Route 53 Resolver DNS Firewall, a managed firewall …
Announcing AWS WAF Bot Control for visibility and control over common and pervasive bots
aws.amazon.comApr 4
AWS WAF announces the launch of AWS WAF Bot Control, which gives you visibility and control over common and pervasive bots that consume excess resources, skew metrics, cause downtime, or perform other undesired activities. With Bot Control, you can easily monitor, block, or rate-limit pervasive bots, such as scrapers, scanners, …
7 ways to improve security of your machine learning workflows
Annalyn NgMar 31
In this post, you will learn how to use familiar security controls to build more secure machine learning (ML) workflows. The ideal audience for this post includes data scientists who want to learn basic ways to improve security of their ML workflows, as well as security engineers who want to …
Rhino Security Labs krebsonsecurity.com/2021/03/whistl…
Christophe RT @cyb3rops: #UbiquitiBreach Let me translate that for you krebsonsecurity.com/2021/03/whistl…
Matt Fuller The more I read about the situation leading up to this incident, the more I think "maybe AWS could have been a bit more proactive here". Too much hid…
Troubleshoot Boot and Networking Issues with New EC2 Serial Console | Amazon Web Services
Fixing production issues is one of the key responsibilities of system and network administrators. In fact, I’ve always found it to be one of the …
Clint Gibler @clintgibler
📈 Networking Fundamentals: From Zero to HTTP
Great intro and overview by @TomNomNom, covering topics like:
* MAC addresses
* ARP
* Hubs, switches
* Subnets, CIDR
* Routing, TCP/IP, DNS
* Load balancers, NAT, etc.
📖 tomnomnom.com/talks/networki…
📺 youtube.com/watch?v=9uebak…
129
41Mar 30 · 5:00 PM
Scott Piper @0xdabbad00
This is big! Using this will mitigate a common exfil path when people attempt to setup isolated networks on AWS or otherwise attempt to restrict network egress.
I described the DNS exfil trick here: summitroute.com/blog/2020/03/3…
AWS Blog Unofficial. @AWSBlogUnreal
The AWS News Blog #AWSNews
aws.amazon.com/blogs/aws/how-…
By: Channy Yun
7517Apr 01 · 5:23 AM Clint Gibler @clintgibler
📚 tl;dr sec 77
* @artsploit New OAuth attacks
* @TomNomNom Networking fundamentals
* @mikepsecuritee Career advice
* @trailofbits Audit of NYT's SecureDrop Workstation
* @DanielMiessler Consumer Authn Strength Maturity Model
tldrsec.com/blog/tldr-sec-…
5118Apr 01 · 5:00 PM
Marco Lancini @lancinimarco
Just blogged: "Kubernetes Lab on Baremetal" - My personal approach to deploy my own #Kubernetes Lab on baremetal, and on an Intel NUC in particular. marcolancini.it/2021/blog-kube…
4011Mar 30 · 12:11 PM Matt Fuller @matthewdfuller
"Getting access to an instance’s console is a privileged operation that should be tightly controlled, which is why EC2 Serial Console access is not permitted by default at the account level..."
AWS is learning (how to keep new things disabled by default)!
aws.amazon.com/blogs/aws/trou…
325Mar 31 · 12:32 AM
Aidan W Steele @__steele
It's good to know that this IAM policy is just as confused as I am.
281Mar 30 · 2:42 AM
Kinnaird McQuade💥☁️ @kmcquade3
In case anyone is rolling out AWS Service Control Policies (SCPs) for proactive security guardrails: you gotta have a way to make exceptions. Otherwise you’ll break things.
Try using these condition keys to make exceptions.👇 you’ll roll SCPs out faster
Kinnaird McQuade💥☁️ @kmcquade3
@ben11kehoe @mchancloud 😊 The best ways to make exceptions in AWS SCPs are via these global condition keys:
- aws:PrincipalAccount (account level exceptions)
- aws:PrincipalOrgPaths (environment/OU level exceptions)
- aws:PrincipalArn (user/role level exceptions, but kinda limited b/c no * support)
235Apr 01 · 3:01 AM
Jim Scharf @jim_scharf
Helpful recap of AWS Organizations features that have come out in the last ~quarter: aws.amazon.com/blogs/mt/the-l… @AWSIdentity
178Mar 30 · 4:36 PM
Practice Cloud Security
Hello folks,
As I continue the journey of learning Cloud Security, I found myself wanting to put what I’ve learned to practice but I’m not sure where to go from here.
Is there a platform (paid or free) that allows you to practice cloud security concepts? For example, if I …
- 🖊️ This newsletter was fwd to you? Subscribe here
- 💌 Want to suggest new content: contact me or reply to this email
- ⚡️ Powered by Mailbrew