AWS Security
- AWS is working on migration to NIST 800-53 Revision 5 (Link) currently AWS meets Rev 4.
- Now its possible to be up to date with AWS security hub announcements via SNS (Link)
- AWS Firewall Manager now supports AWS managed rules for AWS Network Firewall (Link)
- AWS WAF Fraud Control – Account takeover prevention is now available for Amazon CloudFront. It is provided as a part of AWS managed rules. Once you add it to the existing web ACL or New ACL you would be able to protect Amazon CloudFront resources.
Azure Security
- Microsoft Threat Intelligence Center and MS 365 Defender research team has identified Threat actor MERCURY exploiting Log4j vulnerabilities in SysAid application against organization in Israel (Link). About Log4j
- Organization Policy custom constraints has been launched in public preview (Link)
Spotlight this week
- LastPass has been hacked. As per DarkReading, Source code has been stolen.
- Group-IB reports over 130 organizations have been compromised.
- Ransomware attack increased in July compared to June, based on nccgroup report
Cyber Security Shots 
Leave a comment