This issue is sponsored by Invary. Check out Invary's ability to detect hidden rootkits, a task that modern threat detection solutions fail in action » HERE.

This week TLDR i.e. 1 minute version (For executives):

1. Amazon Neptune is authorized for DoD Impact Level 4 and 5.

2. AWS WAF now supports larger request body inspections for regional resources.

3. Amazon SES now offers support for headers when sending email.

4. AWS Wickr achieves FedRAMP High authorization.

5. AWS X-Ray now supports data events in AWS CloudTrail.

Trending in Cloud & Cyber Security (Security Blogs, articles, news, advisories etc):

1. AWS Security Blogs & Bulletins:

   • AWS CloudHSM architectural considerations for crypto user credential rotation. Link.

   • How to access AWS resources from Microsoft Entra ID tenants using AWS Security Token Service. Link.

2. General security blogs, articles & reports:

   • Introducing the newest Heroes of the year – March 2024. Link.

   • AWS Prescriptive Guidance: Crawl, walk, run: Accelerating security maturity in the AWS Cloud. Link.

3. Trending on the news & advisories:

   • Microsoft released an Update on the attack by Nation State Actor Midnight Blizzard via the 8-K/A (an amandement to previous 8K). Link.

   • CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices. Link.

   • NSA- Advancing Zero Trust Maturity Throughout the Network and Environment Pillar. Link.

   • Ex-Google engineer charged with stealing AI trade secrets while working with Chinese companies. Link.

   • CrowdStrike to Acquire Flow Security to Expand its Data Security Posture Management (DSPM). Link.

This week Long i.e. 3-5 minutes version (For architects & engineers):

1. Amazon Neptune has obtained authorization for Department of Defense Cloud Computing Security Requirements Guide Impact Levels 4 and 5 (DoD SRG IL4 and IL5) within the AWS GovCloud (US-East and US-West) Regions. Link.

2. AWS WAF now allows the examination of up to 64KB of the content in incoming HTTP/S requests for Amazon API Gateway, Cognito user pools, App Runner, and AWS Verified Access regional resources. The default inspection size has been adjusted from 8KB to 16KB. Link. (Please note: Support for increased body limits for Application Load Balancers and App Sync is currently not available and you will be charged extra for each additional 16KB analyzed beyond the default body inspection limit). Here’s my WAF ACL rule sample for AWS Cognito (default body size limit) setting:

   

3. Amazon Simple Email Service (SES) has introduced a new capability that allows you to define custom headers while utilizing SES v2 sending APIs for email transmission. The flexibility to set headers can be used for example for incorporating one-click unsubscribe functionality by appending list-unsubscribe headers to their emails. Link. Check THIS blog out for details. (Note: The change was in response to Gmail and Yahoo Mail announcing a new set of requirements for senders effective from February 2024.) For example, I set the Unsubscribe option header for emails I send using python script below and could observe the “Unsubscribe” one-click option:

   

   

4. Wickr on AWS has secured FedRAMP High authorization within the AWS GovCloud (US-West) Region. Now, you have the capability to employ Wickr to safeguard communications that fall under the FedRAMP High requirements. Link.

5. AWS X-Ray has introduced support for logging eight new data and one additional management event APIs within AWS CloudTrail. You can now capture all AWS X-Ray API activities related to both data and management events through AWS CloudTrail, like PutTraceSegments and GetTraceSummaries, as well as management events such as GetSamplingStatisticSummaries. Link. Here’s my data event for X-Ray: