Issue #42
Monday · October 25, 2021
π Reddit threads on r/aws
- AWS WAFβs Dangerous Defaults
- Profiling 25,000 S3 Buckets: The Billion Dollar Opportunity for Cloudflare R2
- Why We Chose AWS ECS and What We Learned
- AWS Fault Injection Simulator now injects Spot Instance Interruptions
- A rant about 2021 re:Invent session reservations β I'm honestly baffled at how the session reservation system passed QA this year. It looks a lot better compared to 2019 and I had high hopes that it wouldn't be a total cluster, and then reservations opened all to a giant "haha nope". You can cancel a reservation from the β¦
π Newsletters
π Top Links from Security Folks
- Attacking and Securing CI/CD Pipeline β ATT&CK-like Threat Matrix for CI/CD Pipeline on GitHub: https://github.com/rung/threat-matrix-cicd -------- Place: CODE BLUE 2021 OpenTalks at Tokyo Presenter: Hiroki SUEZAWA (https://www.suezawa.netβ¦
π r/netsec
- Microsoft no longer signs Windows drivers for Process Hacker
- Hi guys, we found a critical vulnerability (use after free in GPU) in Google Chrome. Google rewarded us $6K for it. We shared the story on how we found it from the blog post. Also, you can find the github repository if you want to check that out. Let me know your thoughts under here please!
π r/cloudsecurity
- Career Path / How did you land a job in cloud sec? β For those of you currently working a cloud security role, what path did you take to get there? Previous job titles/descriptions and what certifications? I'm very much interested in cloud security and trying to learn as much as I can. Currently Im a tier 2 engineer but get promoted to β¦
π "AWS Security" on Google News
π§ IAM permission changes
- elasticache: 1 updated condition β 1 updated condition: aws:TagKeys (type)
- elasticmapreduce: 3 new actions β 3 new actions: GetAutoTerminationPolicy (retrieve the auto-termination policy associated with a cluster), PutAutoTerminationPolicy (create or update the auto-termination policy associated with a cluster), RemoveAutoTerminationPolicy (remove the auto-termination policy associated with a cluster)
- ec2: 6 new actions, 2 new resources | 2 updated actions | 1 removed condition β 6 new actions: CancelCapacityReservationFleets (cancel one or more capacity reservation fleets), CreateCapacityReservationFleet (create a capacity reservation fleet), GetVpnConnectionDeviceSampleConfiguration (download an aws-provided sample configuration file to be used with the customer gateway device), GetVpnConnectionDeviceTypes (obtain a list of customer gateway devices for which sample configuration files can be provided), ModifyCapacityReservationFleet (modify β¦
πͺ API changes
- Amazon Appflow - 3 updated methods β Feature to add support for JSON-L format for S3 as a source.
- AWS Direct Connect - 4 new methods β This release adds 4 new APIS, which needs to be public able
- AWS Elemental MediaConvert - 7 updated methods β AWS Elemental MediaConvert SDK has added support for specifying caption time delta in milliseconds and the ability to apply color range legalization to source content other than AVC video.
- AWS Elemental MediaPackage - 4 updated methods β When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.
