This week TLDR i.e. 1 minute version (For executives):

1. The AWS Management Console now supports simultaneous sign-in for multiple AWS accounts.

Trending in Cloud & Cyber Security:

1. AWS Security Blogs & Bulletins:

   • Security Bulletin: Issue with Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV (CVE-2025-0500 and CVE-2025-0501). Link.

   • Safeguard your generative AI workloads from prompt injections. Link.

   • Preventing unintended encryption of Amazon S3 objects. Link.

   • How to implement IAM policy checks with Visual Studio Code and IAM Access Analyzer. Link.

2. General security blogs, articles, reports & trending news/advisories:

   • New Star Blizzard spear-phishing campaign targets WhatsApp accounts. Link.

   • Ransomware in AWS S3: SSE-C AND Understanding RCPs and SCPs in AWS: Choosing the Right Policy for your Security Needs by Jason Kao. Link1 and Link2.

   • Rsync contains six vulnerabilities. Link.

   • Researchers recognized in Microsoft Researcher Recognition Program. Link.

   • Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service by Quentin Bourgue, Grégoire Clermont and Sekoia TDR. Link.

   • Tracking cloud-fluent threat actors - Part two: Behavioral cloud IOCs by Merav Bar, Gili Tikochinski. Link.

   • Getting Started with AWS Security: Attacking and Auditing by Aleksandra Drobnjak. Link.

   • Record-breaking 5.6Tbps DDoS attack & global DDoS trends for 2024. Link.

   • Fake Homebrew Google ads target Mac users with malware. Tweet Link.

     

This week Long i.e. 3-5 minutes version (For architects & engineers):

1. AWS introduced multi-session support in the AWS Management Console, allowing you to access multiple AWS accounts simultaneously. You can sign in to up to five sessions within a single browser, combining root accounts, IAM roles, or federated roles across different accounts or within the same account. Link. For example, this is my option to enable the session. (No need to use browser containers anymore).

   

   

   Subscribe

   Share