Cyber Security Shots

Cloud Security Weekly News – Week 36

Published by

armiar

on

AWS

  • Macie , Data security product has a new capability to create and use allow list. With allow list , you can define the pattern that wouldn’t be considered sensitive by Macie (Link)
  • Announcing new AWS IAM Identity Center APIs to manage users and groups at scale (Link)
  • AWS announces open-sourced credentials-fetcher to simplify Microsoft AD access from Linux containers(Link)
  • Amazon Inspector now supports Windows operating system (OS) (Server 2012, 2012 R2, 2016, and 2019, 2022 ) for continual software vulnerability scanning of EC2 workloads (Link)
  • AWS Config conformance pack templates can now be stored in and deployed from AWS Systems Manager documents (Link)

Azure

  • Now you can add entities to threat intelligence (Preview) (Link)
  • Suppress alerts based on Container and Kubernetes entities (Example, Container Image, Registry) (Link)
  • Generally available: Resource instance rules for access to Azure Storage. With resource instance rules, you can now configure your storage account to only allow access from specific resource instances.(Link)
  • Stream Analytics now allows you to use managed identities as an authentication mode when connecting to Azure Service Bus queues and topics (Link).
  • Public preview of Encrypting storage account with cross-tenant customer-managed keys (Link).

This week spotlight

  • New standard for testing the efficacy of IoT security solutions by Anti-Malware Testing Standards Organization (Link).
  • There is an increase in vulnerabilities in XIOT (Extended IoT), an increase of 57% between Jan and Jun compared to the previous six months (Link).
  • Increase in Linux-targeted cryptojacking, malware, and vulnerability exploits, there have 75% increase in ransomware attack targeting Linux system in first half of 2022 compared to same period last year (Link).
  • TeslaGun Primed to Blast a New Wave of ServHelper Backdoor Cyberattacks (Link).
  • Student Loan Breach Exposes 2.5M Records involving EdFinancial and the Oklahoma Student Loan Authority (Link)
  • Mirai Variant MooBot Targeting D-Link Devices based on Unit42 research(Link).
  • Vulnerability in TikTok Android app could lead to one-click account hijacking (Link).

Leave a comment

Hello,

I’m Ara

Welcome to Cloud Security Blog, my corner of the internet dedicated to Cloud and AI Security .

Let’s connect

Join the fun!

Stay updated with our latest tutorials and ideas by joining our newsletter.

Recent posts