This issue is sponsored by Invary. Check out Invary's ability to detect hidden rootkits, a task that modern threat detection solutions fail in action » HERE.

This week TLDR i.e. 1 minute version (For executives):

1. AWS Artifact now supports enhanced search capability for reports.

2. AWS IAM Identity Center adds independent 90-days session duration for Amazon Q Developer.

3. AWS Private CA now supports ARM architecture in Kubernetes

Trending in Cloud & Cyber Security (Security Blogs, articles, news, advisories etc):

1. AWS Security Blogs & Bulletins:

   • Bulletin: Issue with AWS Client VPN - CVE-2024-30164, CVE-2024-30165. Link.

   • Bulletin: Issue with PyTorch TorchServe - CVE-2024-35198 and CVE-2024-35199. Link.

   • How to use the AWS Secrets Manager Agent? Link.

2. General security blogs, articles & reports:

   • Amazon is now a CVE Numbering Authority (CNA) for all Amazon and AWS products and vulnerabilities in third party software discovered by Amazon/AWS. Link.

   • AWS IAM Identity Center (previously known as AWS SSO) Terraform Module. Link.

   • NO_WILDCARD: How I discovered the Organization ID of any AWS Account

     by Sam Cox. Link.

   • AWS VP of AI and data on computer vision research at Amazon. Link.

   • AWS Control Tower Customization with CloudFormation and CodePipeline by Oleksii Bebych. Link.

   • Audit of Cloud Native Buildpacks by Mihail Kirov, Sébastien Rolland. Link.

   • Container Breakouts: Escape Techniques in Cloud Environments by Yosef Yaakov and Bar Ben-Michael. Link.

   • Using S3 as a container registry a.k.a. Waiter, there's a whale in my bucket! by Adolfo Ochagavía Link.

   • An Opinionated Ramp Up Guide to AWS Pentesting by Lizzie Moratti. Link.

3. Trending on the news & advisories:

   • CrowdStrike update crashes Windows systems and caused outages worldwide & has released the fix. Link. AWS has recovery steps Link.

   • Suspected Scattered Spider hacker linked to MGM attack arrested in the UK. Link.

This week Long i.e. 3-5 minutes version (For architects & engineers):

1. AWS Artifact Reports console now features improved search functionality, enabling quick access to compliance reports. Some improvements include: locate specific reports by conducting targeted searches across various columns such as report title, category, series, description, and ARN. For instance, if you're looking for SOC (System and Organization Controls) reports, you can search the "Title" column using the "contains" operator with the keyword "SOC". Link. For example, here’s my search using a Title:

   

2. In AWS IAM Identity Center, you now customize the session duration specifically for Amazon Q Developer, independent of other integrated applications within IAM Identity Center and the AWS access portal, allowing yo to maintain session in the integrated development environment (IDE) for up to 90 days without needing to re-authenticate. Previously, session durations for Q Developer in the IDE were aligned with those of other IAM Identity Center integrated applications and the AWS access portal, ranging from 15 minutes to 90 days. Link. For example, this is my setting for the Amazon Q developer session:

   

3. AWS Private Certificate Authority (AWS Private CA) now supports ARM architecture in Kubernetes environments, enabling the use of the AWS Private CA Connector for Kubernetes with AWS Graviton instances in AWS or ARM-based hosts on premises. The connector facilitates the issuance of private certificates from AWS Private CA, a managed CA backed by hardware security modules (HSMs), ensuring robust security for TLS-based authentication and encryption across Kubernetes containers, applications, and service meshes.This capability extends to clusters deployed via Amazon Elastic Kubernetes Service (Amazon EKS), on-premises setups, or other infrastructure environments. Link. Github Link.