This issue is Sponsored by Invary- Check out Invary's ability to detect hidden rootkits, a task that modern threat detection solutions fail in action » HERE.

This week TLDR i.e. 1 minute version (For executives):

1. AWS Security Hub now supports PCI DSS v4.0.1 standard.

2. IAM Roles Anywhere credential helper now supports TPM 2.0.

Trending in Cloud & Cyber Security:

1. AWS Security Blogs & Bulletins:

   • Bulletin: Issue with DynamoDB local - CVE-2022-1471. Link.

   • Enhanced version of the AWS Secrets Manager transform. Link.

   • AWS Securing the future: building a culture of security. Link.

   • Introducing the AWS Network Firewall CloudWatch Dashboard. Link.

   • Generative AI adoption and compliance: Simplifying the path forward with AWS Audit Manager. Link.

   • AWS KMS: How many keys do I need? Link.

   • Enforce resource configuration to control access to new features with AWS. Link.

2. General security blogs, articles, reports & trending news/advisories:

   • Top AWS re:Invent Announcements for Security Teams in 2024 by Scott Piper. Link.

   • Securing Your Cloud Data: Unencrypted Resources in AWS by Jason Kao. Link.

   • GitHub: AWS resource-control-policy-examples by Swara Gandhi. Link.

   • AWS Control Tower Migration: Managing Existing Accounts by Tigran Gevorgyan. Link.

   • CISA: BOD 25-01: Implementing Secure Practices for Cloud Services. Link.

   • Bedrock Slip: Sysdig TRT Discovers CloudTrail Logging Missteps

     by Alessandro Brucato. Link.

   • Getting a taste of your own medicine: Threat actor MUT-1244 targets offensive actors, leaking hundreds of thousands of credentials by Christophe Tafani-Dereeper, Matt Muir and Adrian Korn. Link.

   • The dark cloud around GCP service accounts by Dave Bogle. Link.

   • Escalating privileges to read secrets with Azure Key Vault access policies by Katie Knowles. Link.

   • Security Research Team Discovers Microsoft Azure MFA Bypass By Tal Hason. Link.

This week Long i.e. 3-5 minutes version (For architects & engineers):

1. AWS IAM Roles Anywhere has released version 1.4.0 of its credential helper, which now includes native support for Trusted Platform Module (TPM) 2.0. This update allows the credential helper to directly access X.509 certificates and their corresponding private keys stored in TPMs on both Windows and Linux systems. The keys remain securely stored within the TPM hardware. Link. GitHub Link.

2. AWS Security Hub now offers automated security checks that are aligned with the Payment Card Industry Data Security Standard (PCI DSS) v4.0.1, a compliance framework that outlines rules and guidelines for the secure handling of credit and debit card information. v4.0.1 includes 144 automated controls. Link.

   

   

   Subscribe

   Share