Issue #144
Monday · February 19, 2024
🥖 Palate Cleanser
Hey folks,As 2023 draws to a close, this marks the final edition of the AWS Security Digest Newsletter for the year.
It's been a fantastic journey sharing the latest and most relevant AWS security updates with you all.
We'll be back in 2024, ready to serve another year of fresh, insightful content in the world of AWS security.
In the meantime, I wish you all a wonderful holiday season. May you enjoy memorable moments with your loved ones during Christmas 🎄.
Cheers!
Victor
📋 Chef's selections
🥗 AWS security blogs
- Four use cases for GuardDuty Malware Protection On-demand malware scan
- AWS Security Profile: Arynn Crow, Sr. Manager for AWS User AuthN
- Centralized Trust for Decentralized Uses: Revisiting Private Certificate Authorities
- Governance at scale: Enforce permissions and compliance by using policy as code
- Strengthening customer third-party due diligence with renewed AWS CyberGRX assessment
🍛 Reddit threads on r/aws
🧁 IAM permission changes
🍪 API changes
🍹 IAM managed policy changes
Managed Policy changed since last week: 11- AWSBackupServiceLinkedRolePolicyForBackup
- 🚩 AWSBackupServiceRolePolicyForBackup
- 🚩 AWSBackupServiceRolePolicyForRestores
- AWSElasticDisasterRecoveryNetworkReplicationPolicy
- AWSElasticDisasterRecoveryServiceRolePolicy
- 🚩 AmazonAthenaFullAccess
- 🚩 AmazonDataZoneGlueManageAccessRolePolicy
- CostOptimizationHubReadOnlyAccess
- IVSFullAccess
- 🚩 ROSAImageRegistryOperatorPolicy
- 🚩 SecurityAudit
🤖 Powered by MAMIP | 🚩 Sensitive IAM Actions included
☕ CloudFormation resource changes
🎮 Amazon Linux vulnerabilities
This section will show you the latest (Important and Critical) CVEs on Amazon Linux.- Amazon Linux 2023
- ALAS-2023-461 (important): kernel - CVE-2023-6111
