This week TLDR i.e. 1 minutes version (For executives):
Amazon WorkSpaces supports certificate-based authentication on Web Access.
AWS Accounts discontinues the use of security challenge questions.
AWS Systems Manager now supports SSM Agent version update in the context of an Application and now also supports Ubuntu 23.04, Debian 12, MacOS 14, and SUSE SP5.
Amazon Connect launches granular access controls for historical metrics.
Trending in Cloud & Cyber Security (News, Blogs, Tweets etc):
AWS Security Blogs & Bulletins:
SentinelOne blog- ‘Session Cookies, Keychains, SSH Keys and More | 7 Kinds of Data Malware Steals from macOS Users’. Link.
The biggest cybersecurity and cyberattack stories of 2023 by Lawrence Abrams. Link.
SSH servers vulnerable to new Terrapin attacks. Link.
LastPass enforcing a minimum 12-character master password requirement, along with the PBKDF2. Link.
SentinelOne® to Expand Cloud Security Capabilities with Acquisition of PingSafe. Link.
Securing the Cloud: Migrating to IMDSv2 for AWS Compute Workloads by Ayush Priya. Link.
The top 10 AI security articles you must read in 2024 by Wiz team. Link.
This week Long i.e. 5 minutes version (For architects & engineers):
Amazon WorkSpaces has introduced support for certificate-based authentication specifically for Windows WorkSpaces utilizing WorkSpaces Streaming Protocol (WSP) bundles through WorkSpaces Web Access. This enhancement enables users to effortlessly authenticate themselves to WorkSpaces desktops by leveraging the single sign-on (SSO) capabilities of their SAML 2.0 identity provider directly from their web browser, eliminating the need for the installation of a native client application. Organizations opting for a web browser-centric experience will also benefit from the advantages of certificate-based authentication. By incorporating certificate-based authentication, organizations can place increased reliance on the authentication features provided by their SAML 2.0 identity provider, offering access to work resources, including the implementation of passwordless authentication. Link. The new feature is well explained in THIS blog.
Commencing January 5, 2024, AWS Accounts ceased to facilitate security challenge questions for accounts that have not yet activated this feature. As a result, customers will no longer have the option to incorporate new security challenge questions via the Accounts page in the AWS Management Console.
For those who have configured security challenge questions on their standalone AWS accounts or on the management account within their AWS Organization, the ability to utilize and modify them will persist until January 6, 2025. Subsequent to this date, as of January 6, 2025, AWS Accounts will discontinue support for security challenge questions for all remaining customers across all AWS Regions, encompassing the AWS GovCloud (US) Regions. For example. I didn’t have questions set on my AWS account and no longer observed the option:
The Application Manager, a feature within AWS Systems Manager, now offers support for automatic version updates of the AWS Systems Manager Agent (SSM Agent) within the context of an application. With the latest enhancement, customers can enable automatic updates for the SSM Agent version directly from the Instances tab in Application Manager. This feature ensures that all managed nodes within their application remain current with the latest SSM Agent version whenever it becomes available. Link. Additionally, there is another announcement that AWS Systems Manager now supports Ubuntu 23.04, Debian 12, MacOS 14, and SUSE SP5 Link1.
Amazon Connect has introduced detailed access controls, allowing users to apply resource tags for specifying visibility of historical metrics within the Amazon Connect UI. This means you can tag specific users, queues, and routing profiles with labels such as "Team:Compliance." Consequently, only the manager of the Compliance team will have access to the historical metrics associated with users carrying this particular tag. Link.
Thank You for reading! If you enjoyed this newsletter, I’d be grateful if you could forward it to your professional circle.
Thanks for reading AWS Cloud Security Weekly! Subscribe for free to receive new posts and support my work.