SRE Weekly Issue #278 • 📖 [The CloudSecList] Issue 95 • [tl;dr sec] #91 - DOM Invader, Ransomware self-assessment tool • AWS Firewall Manager now supports central monitoring of VPC routes for AWS Network Firewall • Amplify Admin UI now supports importing existing Amazon Cognito User Pools and Identity Pools • Amazon DevOps Guru - 2 updated methods • Firewall Management Service - 2 updated methods • AWS MediaTailor - 1 new methods • AWS Outposts - 1 updated methods • Configure SAML single sign-on for Kibana with AD FS on Amazon Elasticsearch Service • Automate resolution for IAM Access Analyzer cross-account access findings on IAM roles • Automatically update AWS WAF IP sets with AWS IP ranges • Build an end-to-end attribute-based access control strategy with AWS SSO and Okta • Phishing for AWS credentials via AWS SSO device code authentication • sebastian-mora/awsssome_phish • Overview of Data Transfer Costs for Common Architectures | Amazon Web Services • 🔥New blog post🔥 "How to defend against DNS exfiltration in <a href="https://twitter.com/hashtag/AWS" target="_blank">#AWS</a>?" This time I'll try to answer when and how Route 53 Resolver DNS Firewall and GuardDuty services can help you block and detect suspicious traffic. <a href="https://t.co/yq8xGeYthr" target="_blank">rzepsky.medium.com/how-to-defend-…</a> • 🌎 New <a href="https://twitter.com/code" target="_blank">@code</a> extension: Remote Repositories <a href="https://twitter.com/BrigitMurtaugh" target="_blank">@BrigitMurtaugh</a> and <a href="https://twitter.com/eamodio" target="_blank">@eamodio</a> describe how it lets you quickly browse, search, edit, and commit to any remote GitHub repository directly from within VS Code No clone necessary! <a href="https://t.co/mwAlsO1nDN" target="_blank">code.visualstudio.com/blogs/2021/06/…</a> • 🔥 DOM Invader <a href="https://twitter.com/garethheyes" target="_blank">@garethheyes</a> describes a new <a href="https://twitter.com/Burp_Suite" target="_blank">@Burp_Suite</a> tool: an extension to the embedded browser * Easily track a site's sources/sinks -&gt; DOM XSS * Easily manipulate web messages &amp; spoof their origin <a href="https://twitter.com/hashtag/bugbountytips" target="_blank">#bugbountytips</a> <a href="https://twitter.com/hashtag/websecurity" target="_blank">#websecurity</a> <a href="https://t.co/9yGZSYpHU7" target="_blank">portswigger.net/blog/introduci…</a> • Summit Route is back open for business! If you're interested in AWS security training or other services, we should talk. <a href="https://t.co/3Hu9IAMNqs" target="_blank">summitroute.com/#contact</a> • A fresh look at Macie by <a href="https://twitter.com/jcfarris" target="_blank">@jcfarris</a>. I like the idea of limiting scans to public buckets and making account owners bear the cost as a way for security teams to incentivize account owners to not have public buckets. <a href="https://t.co/NJXuIYobCa" target="_blank">chrisfarris.com/post/revisitin…</a> • On June 30, AWS added section 39.3 to their terms and conditions, adding IoT SiteWise Edge to the list of services that should not be used for critical systems. Others are Pinpoint, Lumberyard, Alexa for Business, Location Service, and all AI and machine learning services. • David Okeyode (<a href="https://twitter.com/asegunlolu" target="_blank">@asegunlolu</a>) and Karl Fosaaen (<a href="https://twitter.com/kfosaaen" target="_blank">@kfosaaen</a>) will be presenting "An Introduction to Azure Offensive Security" <a href="https://t.co/Mfhlw9rql8" target="_blank">fwdcloudsec.org/speakers.html#…</a> • Today marks the #26 issue of my Newsletter dedicated to AWS Security. I would like to thanks, my 240+ readers and all of them who are sending me suggestions to keep this NL sharp! :raised If you are not yet subscribed: <a href="https://t.co/wIf4agSwVu" target="_blank">app.mailbrew.com/zoph/aws-secur…</a> • It’s 2021. We have dancing robots and self driving cars, but hospitals are STILL transferring X-ray scans over CDs. Blows my mind. • The CFP for fwd:cloudsec closes next Friday (July 16), so this is the last weekend to work on your talk proposal! <a href="https://t.co/PPhMKQSBzK" target="_blank">fwdcloudsec.org/cfp.html</a> We've got another batch of early acceptances to announce. 🧵 • Pentagon discards $10 billion JEDI cloud deal awarded to Microsoft • Behind the scenes of AWS Lambda • Interactive Examples of Real-World AWS Cloud Hacks and How They Happen • Ec2instances.info now has Spot pricing information, is there anything else you'd like to see? • Amazon EC2 adds Resource Identifiers and Tags for VPC Security Group Rules • A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE • A series of free interactive AWS security training modules that teach developers how to identify and mitigate security vulnerabilities in their AWS hosted cloud applications. • 1Strategy achieves AWS Security Competency status and validates expertise in delivering secure solutions - Help Net Security • Moving to AWS Lambda? Here’s what you need to know - Security Boulevard • 1Strategy Achieves AWS Security Competency Status - Business Wire