SRE Weekly Issue #294 • 📖 [The CloudSecList] Issue 111 • [tl;dr sec] #107 - Supply Chain and CI/CD Security, Threat Modeling in HCL • AWS Security Hub adds support for cross-Region aggregation of findings to simplify how you evaluate and improve your AWS security posture • Amazon CloudWatch Application Insights - 11 updated methods • Amazon Connect Service - 2 new 3 updated methods • Amazon Elastic Compute Cloud - 2 updated methods • Amazon Rekognition - 1 updated methods • Forensic investigation environment strategies in the AWS Cloud • Migrate and secure your Windows PKI to AWS with AWS CloudHSM • Three ways to improve your cybersecurity awareness program • Correlate security findings with AWS Security Hub and Amazon EventBridge • textract: 2 new actions • logs: 1 updated action • cloudwatch: 1 new condition | 1 updated condition, 1 updated action • GitHub - rung/threat-matrix-cicd: Threat matrix for CI/CD Pipeline • Introducing Quiet Riot - Wes Ladd - Medium • 🛡️ Attacking and Securing CI/CD Pipelines <a href="https://twitter.com/rung" target="_blank">@rung</a>'s talk covers why CI/CD pipeline security is important, relevant breaches, several attack scenarios, and how to defend ATT&amp;CK-like matrix for CI/CD Pipelines. Repo 👇 <a href="https://t.co/8ATSle25iY" target="_blank">github.com/rung/threat-ma…</a> <a href="https://t.co/vyKItJfJBA" target="_blank">speakerdeck.com/rung/cd-pipeli…</a> • TTPs for compromising CI/CD pipelines, by <a href="https://twitter.com/rung" target="_blank">@rung</a> <a href="https://t.co/atxnCWn1Uy" target="_blank">github.com/rung/threat-ma…</a> • 🗡️ Awesome Linux <a href="https://twitter.com/hashtag/Rootkits" target="_blank">#Rootkits</a> Repo with links to source code of 10s of Linux rootkits Both user mode and kernel mode <a href="https://t.co/2UMttObNrP" target="_blank">github.com/milabs/awesome…</a> • AWS execs need to read this to see how users of other cloud providers don't have to deal with the limitations AWS has. • A new major release of AWS Secure Environment Accelerator (ASEA) is out (1.5), check out as there are some interesting new features, like the possibility to install it on top of AWS Control Tower. - <a href="https://t.co/JtCvID6wLN" target="_blank">github.com/aws-samples/aw…</a> • The entire training is under 700 words. <a href="https://t.co/fYlNAYGF25" target="_blank">learnsecurity.amazon.com/training/story…</a> • 🔥<a href="https://twitter.com/WesLadd" target="_blank">@WesLadd</a> dropped a new AWS security tool, Quiet Riot - unauthenticated enumeration and footprinting of AWS accounts that can validate AWS Account IDs and services in use (via existing service linked role names) at a rate of 1100 requests per second. <a href="https://t.co/KBV36jesqV" target="_blank">blog.traingrc.com/introducing-qu…</a> • Me: Asks a very, very specific question in an online forum related to cloud security **immediately receives 3 DMs from friends asking me what the hell I am up to** 😈 • Trick or treat? Pickles always chooses treat. Happy Halloween 🎃 • Reinvent presentations are like gas. To create them, they will take up as much time as you give them. • Amazon EC2 now supports sharing Amazon Machine Images across AWS Organizations and Organizational Units • Was billed 60k with a free tier? • AWS Toolbox 🧰 - A Collection of Awesome Tools and Scripts for Cloud Engineers • An improved Python AWS Lambda logging setup • Using Github Actions Open ID Connector to push to AWS ECR without Credentials - tedious ramblings • How I Cracked 70% of Tel Aviv’s Wifi Networks (from a Sample of 5,000 Gathered WiFi). • Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection • Announcing the New Balbix Connector for AWS - Security Boulevard • Balbix Extends Cyber Security Posture Automation to AWS - PRNewswire