Lex NevaAug 09
9
Monday August, 2021
SRE Weekly Issue #282
📖 [The CloudSecList] Issue 99
Marco from CloudSecListAug 08
[tl;dr sec] #95 - Preventing SSRF in AWS, Testing AuthN Flows
Clint at tl;dr secAug 05
AWS Notification Message
GuardDutyAnnouncementsAug 03
Auto Scaling - 2 updated methods
Aug 5
EC2 Auto Scaling adds configuration checks and Launch Template validation to Instance Refresh.
Amazon Lex Model Building V2 - 6 updated methods
Aug 5
Customers can now toggle the active field on prompts and responses.
Amazon Relational Database Service - 23 updated methods
Aug 4
This release adds AutomaticRestartTime to the DescribeDBInstances and DescribeDBClusters operations. AutomaticRestartTime indicates the time when a stopped DB instance or DB cluster is restarted automatically.
AWS Systems Manager Incident Manager - 1 updated methods
Aug 4
Documentation updates for Incident Manager.
redshift: 8 new actions, 1 new resource, 1 new condition
Aug 6
8 new actions: AssociateDataShareConsumer (associate a consumer to a datashare), AuthorizeDataShare (authorize the specified datashare consumer to consume a datashare), DeauthorizeDataShare (remove permission from the specified datashare consumer to consume a datashare), DescribeDataShares (describe datashares created and consumed by your clusters), DescribeDataSharesForConsumer (describe only datashares consumed by your clusters), DescribeDataSharesForProducer …
route53-recovery-cluster: 3 new actions, 1 new resource
Aug 6
3 new actions: GetRoutingControlState (get a routing control state), UpdateRoutingControlState (update a routing control state), UpdateRoutingControlStates (update routing control states); 1 new resource: routingcontrol ()
route53-recovery-readiness: 32 new actions, 4 new resources, 3 new conditions
Aug 6
32 new actions: CreateCell (create a new cell), CreateCrossAccountAuthorization (create a new cross account authorization), CreateReadinessCheck (create a new readiness check), CreateRecoveryGroup (create a recovery group), CreateResourceSet (create a new resource set), DeleteCell (delete an existing cell), DeleteCrossAccountAuthorization (delete a cross account authorization), DeleteReadinessCheck (delete an existing readiness check), DeleteRecoveryGroup …
Clint Gibler 🪣 Can your S3 buckets withstand ransomware? @0xdabbad00 describes: * Your two best options: s3 object locks and replication policies * How to use th…
Summit Route Ensuring your data in S3 buckets can withstand ransomware attacks or similar threats is not as trivial as you might expect. Here is my guidance. sum…
Clint Gibler @_ashishpatel @kmcquade3 @anderseknert @0xdabbad00 @norbemi @NSAGov @CISAgov @faraday @TriciaKicksSaaS @OpenPolicyAgent @matthewdfuller @Magoo @Dolos…
Scott Piper "Do I have tattoos of my favorite lyrics? Not yet, my mom doesn’t approve of tattoos, and she reads this newsletter. One day." 😂 @clintgibler is one …
Aidan W Steele A sad short story: * I read aws.amazon.com/about-aws/what… and thought it was neat. * Went to AWS console to check out the new APN resource types. …
rowan Just in time for some new registry types being made public aws.amazon.com/about-aws/what… Will have to add the coverage roadmap repo to the post too…
Scott Piper @0xdabbad00
You've seen his work before if you've ever done any reverse engineering. He's most well known for his work and expertise in file formats, but is also highly skilled in fuzzing, reverse engineering, and malware analysis. RT for signal boost.
👼 Ąż 杏 @angealbertini
I’m looking for a new position (remote work while being based in Germany or local, based near Bodensee).
Any pointers?
Summit Route @SummitRoute
Ensuring your data in S3 buckets can withstand ransomware attacks or similar threats is not as trivial as you might expect. Here is my guidance.
summitroute.com/blog/2021/08/0…
Scott Piper @0xdabbad00
If you worry about the security of your GSuite, this video is "mandatory" watching. Awesome work by @IAmMandatory.
Covers phishing, persistence, lateral movement, accessing data, and doing what is basically Word Macro malware in Google Docs.
youtube.com/watch?v=6AsVUS…
💉💉mandatory/Matthew Bryant @IAmMandatory
Will be giving the talk "Hacking G Suite: The Power of Dark Apps Script Magic" at DEF CON (Track 1) at 3:00 PM PST (start of this coming hour).
If the content seems interesting to you, stop by 👍.
Clint Gibler @clintgibler
🙌 Awesome OPA by @anderseknert et al
A curated list of awesome @OpenPolicyAgent related tools, frameworks and articles
* Language and Platform Integrations
* Datasource Integrations
* Tools and Utilities
* IDE and Editor Integrations
* ...
github.com/anderseknert/a…
rowan @elrowan
One of the biggest helpers for AWS IAM is using the Service Authorization Reference (SAR) docs.aws.amazon.com/service-author…
Not all service actions work on all a service's resources, and knowing what works with what is key to avoiding surprises!
Marco Lancini @lancinimarco
Super strong issue of CloudSecList.com just went out. I have to say I've been impressed with the quality of articles released this past week. From @SummitRoute, @jcfarris, @Square, @twilio, @RhinoSecurity, @HashiCorp and more
cloudseclist.com/issues/issue-9…
Brigid Johnson @bjohnso5y
Here you have it!❓I am doing an AMA...and by anything I mean anything AWS permissions❓I'll probably answer questions about Pickles🐴too. Looking forward to talking with the folks in @AWSUserGroupUK
meetup.com/AWSUGUK/events…
Summit Route @SummitRoute
Read about my concerns with the new Lightsail object storage and a security issue I discovered that has been fixed. Great work by the team there on resolving this so quickly. summitroute.com/blog/2021/08/0…
Scott Piper @0xdabbad00
It's been a while since I reported a security issue to AWS. Happy Friday AWS security team. 😀 (It's not too bad, you can wait until Monday to look at it).
Rhino Security Labs @RhinoSecurity
New Rhino Blog: Cloud Malware: Resource Injection in CloudFormation Templates
bit.ly/3jhABAy
Clint Gibler @clintgibler
🪣 Can your S3 buckets withstand ransomware?
@0xdabbad00 describes:
* Your two best options: s3 object locks and replication policies
* How to use them
* What to watch out for
summitroute.com/blog/2021/08/0…
DynamoDB outage?
Anyone else seeing issues with DynamoDB in east-1? Getting a ton of internal errors and cant list tables on the console.
Update 930 EDT: Confirmed issue from AWS (posted on PHD)
Dealing with DynamoDB Outages
In light of the outage yesterday, how does everyone mitigate outages like this? My databases are currently in RDS, but I've been exploring DynamoDB for future work. It seems like not using us-east-1 is a good first step. Jokes aside, would something like global tables with application level failover be …
xoto3: a Pythonic, functional library for DynamoDB transactions and atomic updates
I'm aware of some other solutions in this space, but I think this one has a few things going for it that others don't.
https://github.com/xoeye/xoto3/tree/develop/xoto3/dynamodb/write_versioned/README.md
The pitch? Don't ever write database mutations that look even remotely like talking to DynamoDB. Just write code that expresses your writes as though you're …
GCP COAT Vulnerable application to learn GCP Security
Hello everyone 📷 I am happy to be release my project that I am working for a long time https://gcpgoat.joshuajebaraj.com/index.html
- 🖊️ This newsletter was fwd to you? Subscribe here
- 💌 Want to suggest new content: contact me or reply to this email
- ⚡️ Powered by Mailbrew
- 🐦 Follow me on Twitter or hire me.
