‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌

Monday,
February 05, 2024

Time to read: 3 minutes

📣️ State of AI Report 2024

The Critical State of AI in the Cloud and what 200,000+ cloud accounts revealed about the AI surge.

Over the past year and a half, generative AI has seen explosive growth among both end-users and businesses. But at what rate? In this new Wiz Research report, discover how many organizations are adopting managed AI services and what this could mean for your security teams.

You’ll learn:

An in-depth breakdown of generative AI’s impact on cloud landscapes

Statistics on the surge of AI services across major cloud providers

What this means to you: Rising costs and new security concerns

Be the first to get access to these exclusive insights – grab your free copy now.

🥗 Appetizer

Hey folks,

This week, AWS introduced a new charge for Public IPv4 usage.
I have some concerns regarding all these small moves AWS introduces along the way, with little business value costing AWS customers a lot.

To name a few:

1. Adding new AWS Config Resources support
2. Making usage of Public IPv4 a paid feature
3. Promoting the usage of KMS Key Rotation

Something interesting is ramping up in the CloudFormation space; they are preparing a new capability to generate a CloudFormation template from existing assets on your AWS Account.

Bon appétit! 🍽️
Victor

📋 Chef's Weekly selections

🍹 Monitor AWS Managed IAM Policies

Managed Policy changed since last week: 3

Weekly diff

🤖 Powered by MAMIP | 🚩 Sensitive IAM Actions included

📣️ How do you deal with unused assets on AWS? (Sponsor)

We simplifies your morning routine.

No more digging through Cost Explorer across various AWS accounts to spot issues. Get all the important info directly in your inbox or Slack/Teams channel.

It's the ease of push notifications over the hassle of pulling data.

Evaluate your AWS waste now.

🍔 AWS API Changes

🥣 Secret Sauce

Each week, we'll showcase your top AWS insights, focusing on AWS Security tricks and tips. Got a cool command-line hack, a clever console maneuver, or an awesome open-source tool? Send us your best tips for a shot at being featured in our upcoming issues.

Using HashiCorp Vault IAM Auth recipe to authenticate between containers. It is limited in capability (no authorization) but when capabilities are limited otherwise it is an OK approach and removes the need for additional authentication layer (like HMAC based).

InfraSec @ Bitstamp. Ping me at me@gregorratajc.com

🥗 AWS Security Blog

🧁 IAM Permission Changes

☕︎ CloudFormation Updates

🍪 Amazon Linux CVEs

This section will show you the latest (Important and Critical) CVEs on Amazon Linux.

Amazon Linux 2

ALASECS-2024-033 (important): runc - CVE-2024-21626

👾 r/aws

Security flair only.

🗯️ Enjoying our updates? Share your thoughts!

☆ ☆ ☆ ☆ ☆

🖊️ stay ahead of the game by subscribing

📢 Gain visibility for your brand by sponsoring our content

💌 If you have any suggestions for future topics, let us know