AWS Cloud Security Weekly

📣 The last issue of AWS Cloud Security Weekly is out! aws-cloudsec.com/p/issue-105 After today, all AWS Cloud Security Weekly subscribers will be automatically subscribed to AWS Security Digest (@AwsSecDigest) Thank you for all of your support. <3

AWS Cloud Security Weekly has moved to awssecuritydigest.com Make sure to follow @AwsSecDigest to get the latest issues and updates.

Highlights: - Blocking DDoS attacks with AWS WAF - Assessing application resilience across multiple AWS accounts - New SOC compliance reports covering 184 AWS services - Establishing a European trust service provider for the AWS European Sovereign Cloud

📣 Issue 104 is out. Big announcement: AWS Cloud Security Weekly is merging into AWS Security Digest (@AwsSecDigest). Read the issue to get all the details. aws-cloudsec.com/p/issue-104

📣 Issue 102 is out. Highlights: - AWS WAF now supports automatic application layer distributed denial of service (DDoS) protection. - AWS KMS adds support for post-quantum ML-DSA digital signatures. - AWS CloudTrail enhances logging for Amazon S3 DeleteObjects API. - Amazon S3 extends additional context for HTTP 403 Access Denied error messages to AWS Organizations. - Amazon to launch second Secret Cloud Region in 2025. aws-cloudsec.com/p/issue-102

📣 Issue 101 is out. Highlights: - Amazon VPC Route Server announces logging enhancements. - AWS Site-to-Site VPN introduces three new capabilities for enhanced security. - AWS KMS launches on-demand key rotation for imported keys. - AWS Network Firewall launches new monitoring dashboard. - Announcing ASN match support for AWS WAF. - Bruteforcing the phone number of any Google user. - Follow the Smoke, China-nexus Threat Actors Hammer At the Doors of Top Tier Targets. - FBI Advisory: Alert Number: I-060325-PSA on NFT Airdrop Defrauding Techniques. aws-cloudsec.com/p/issue-101

🎉 🎉 🎉 🎉 📣 Issue 100 is out.  🎉 🎉 🎉 🎉 ❤️ Thank You to all our readers! ❤️ aws-cloudsec.com/p/issue-99-and…

📣 Issue 98 is out. Highlights: - AWS Secrets Manager announces support for cost allocation tags for secrets. - AWS Organizations now supports Internet Protocol Version 6 (IPv6). - Amazon EC2 Mac instances now support configurable System Integrity Protection (SIP) settings. - Navigating the threat detection and incident response track at re:Inforce 2025. Link. - Elevate your AI security: Must-see re:Inforce 2025 sessions aws-cloudsec.com/p/issue-98

📣 Issue 97 is out. Highlights: - Amazon Elastic Container Registry (ECR) supports image replication between the AWS GovCloud (US) Region. - AWS CodeBuild adds support for new IAM condition keys. - Amazon Inspector enhances container security by mapping ECR images to running containers. - Amazon Cognito now supports OIDC prompt parameter. - Threat modeling Cloud Service providers in 2025 by Chris Farris - Root in prod: The most important security analysis you will never do on your AWS accounts by Daniel Grzelak. aws-cloudsec.com/p/issue-97

📣 Issue 96 is out. Highlights: - Amazon GuardDuty Malware Protection for EC2 now available in AWS GovCloud (US) Regions. - Amazon VPC adds CloudTrail logging for VPC resources created by default. - Tales from the cloud trenches: The Attacker doth persist too much, methinks by Martin McCloskey. - FBI PSA: Cyber Criminal Proxy Services Exploiting End of Life Routers - Wiz Cloud Hunting Games. - Microsoft: Top MSRC 2025 Q1 Security Researchers. aws-cloudsec.com/p/issue-96

📣 Issue 95 is out. Highlights: - Amazon Verified Permissions now supports policy store tagging. - Resource control policies (RCPs) are now available in the AWS GovCloud (US) Regions. - Why Recreating an IAM Role Doesn't Restore Trust: A Gotcha in Role ARN by Nick Frichette - FBI: Phishing Domains Associated with LabHost PhaaS Platform Users. - Datadog acquires Eppo. aws-cloudsec.com/p/issue-95

📣 Issue 94 is out. Highlights: - FBI Releases Annual Internet Crime Report. - Mandiant M-Trends 2025 report. - Amazon Cognito now supports refresh token rotation. - Amazon EBS now supports additional resource-level permissions for copying EBS snapshots. - AWS Account Management now supports IAM-based account name updates. aws-cloudsec.com/p/issue-94

📣 Issue 93 is out. Highlights: - AWS STS global endpoint now serves requests locally in regions enabled by default. - Amazon Verified Permissions now supports policy store deletion protection. - Amazon SES now supports logging email sending events through AWS CloudTrail. - CheatSheet: Amazon S3 Ransomware attack. - How to measure Well-Architected maturity? aws-cloudsec.com/p/issue-93

📣 Issue 92 is out: aws-cloudsec.com/p/issue-92

📣 Issue 91 is out: aws-cloudsec.com/p/issue-91

📣 Issue 89 & 90 is out: aws-cloudsec.com/p/issue-89-and…

📣 Issue 88 is out: aws-cloudsec.com/p/issue-88

📣 Issue 85 & 87 is out. aws-cloudsec.com/p/issue-86-and…

📣 Issue 85 is out. Highlights: - AWS WAF enhances Data Protection and logging experience. - AWS Network Firewall introduces automated domain lists and insights. - Certificate-Based Authentication is now available on Amazon AppStream 2.0 multi-session fleets. - Amazon Verified Permissions now supports the Cedar JSON entity format. - Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs by Tory Hunt. - An inside look at NSA (Equation Group) TTPs from China’s lense. - State of cloud remediation by Idan Perez, Michael St.Onge and Joseph Barringhaus. - Removing Jeff Bezos From My Bed by Dylan Ayrey and Jake King. - Secure RDS authentication using SSO and ephemeral login token. aws-cloudsec.com/p/issue-85

📣 Issue 84 is out. Highlights: - Amazon Inspector enhances the security engine for container images scanning. - AWS CloudTrail network activity events for VPC endpoints now generally available. - whoAMI: A cloud image name confusion attack by Seth Art. - Uncovering a Hidden CloudTrail Bug by Tracing AWS AssumeRole Chains in a Graph Database by Or Aspir. - Tool: Cloud Trail Discover cheat sheet. aws-cloudsec.com/p/issue-84