This week TLDR i.e. 1 minute version (For executives):

1. AWS WAF Console adds new Top Insights Visualizations.

2. AWS Security Hub now integrates with Amazon Route 53 Resolver DNS Firewall.

Trending in Cloud & Cyber Security:

1. AWS Security Blogs & Bulletins:

   • Securing a city-sized event: How Amazon integrates physical and logical security at re:Invent. Link.

   • How to monitor, optimize, and secure Amazon Cognito machine-to-machine authorization. Link.

   • New AWS Skill Builder course available: Securing Generative AI on AWS. Link.

2. General security blogs, articles, reports & trending news/advisories:

   • How to create (Sign Up for) an AWS commercial & Gov Account with just one CLI command? Link.

   • Tool: Policy Tester, a test harness for AWS IAM Policies. Link.

   • Fast Unauthenticated Role Scanning by Ryan Gerstenkorn. Link.

   • Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C by Halcyon Research Team. Link.

   • Defining Security Invariants by Chris Farris. Link.

   • AWS Lambda Security Best Practices by Noureldin Ehab. Link.

   • Master Secure File Uploads to AWS S3 in Node.js with Express and Multer by Benson Macharia. Link.

   • Backdooring Your Backdoors - Another $20 Domain, More Governments by Benjamin Harris, Aliz Hammond. Link.

   • Recruitment Phishing Scam Imitates CrowdStrike Hiring Process. Link.

   • MacOS System Integrity Protection bypass through kernel extensions. Link.

   • Mandiant: Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation. Link.

   • Hacking Kerio Control via CVE-2024-52875: from CRLF Injection to 1-click RCE. Link.

   • PowerSchool SIS Data Breach - Verification and Audit Steps. Link.

   • Green Bay Packers store breach notification. Link.

   • SonicWall, SonicOS Affected By Multiple Vulnerabilities. Link.

   • Incident Report for Proton Services. Link.

   • Malware detection prevents Docker Desktop to start on Mac. Fix steps HERE.

   • Hacker Broke into ‘Path of Exile 2’ Admin Account, Hijacked Wave of Characters by Joseph Cox. Link.

   • Darktrace announces proposed acquisition of Cado Security, a cloud investigation and response specialist. Link.

This week Long i.e. 3-5 minutes version (For architects & engineers):

1. The AWS WAF console dashboard now offers enhanced visualizations, providing detailed insights into the primary sources of traffic. Customers using CloudWatch logging destinations can access a new "top insights" section within the all-traffic dashboard. Link. I don’t have any findings but here’s a sample of the new console.

   

2. AWS Security Hub now integrates with Amazon Route 53 Resolver DNS Firewall, enabling you to receive security findings related to DNS queries from Amazon VPCs for domains flagged as potentially malicious or low-reputation. Link.

   

   

   Subscribe

   Share