Issue 59 of AWS Cloud Security Weekly

aws-cloudsec

AJ

Posted on August 28, 2024

Issue 59 of AWS Cloud Security Weekly

(This is just the highlight of Issue 59of AWS Cloud Security weekly @ https://aws-cloudsec.com/p/issue-59 << Subscribe to receive the full version in your inbox weekly for free!!)

What happened in AWS CloudSecurity & CyberSecurity last week August 20- August 27, 2024?

  • AWS CloudHSM introduced hsm2m.medium instance type, which supports both FIPS 140-3 Level 3 and non-FIPS CloudHSM clusters, with increased key capacity and elliptic curve performance. Additionally, backups from hsm1.medium-based CloudHSM clusters are compatible with the new hsm2m.medium. The hsm2m.medium also supports Mutual Transport Layer Security (mTLS) for secure communication between the CloudHSM client SDKs and the CloudHSM cluster.
  • AWS IAM now supports AWS PrivateLink across all commercial AWS Regions, allowing you to establish a private connection between VPC and IAM, minimizing public internet exposure to meet security & compliance requirements.
  • AWS Lambda announced support for encryption of filter criteria for event source mappings, which allows you to encrypt the data included under filter criteria using CMK.
  • AWS now supports Federated and SSO sign-in process for the AWS Console Mobile App. If you use Federated or SSO authentication, with the AWS Console Mobile App, you can now choose the sign-in URL from a list of recently used URLs when setting up a new identity to access the account.
  • Amazon S3 now provides more detailed information in HTTP 403 Access Denied errors for requests made to resources, within the same AWS account. The enhanced context includes details such as the type of policy that denied access, the reason for the denial, and information about the AWS IAM user or role that made the request. This added context helps you troubleshoot access issues, pinpoint the cause of access denied errors, and correct access control problems by adjusting the relevant policies. You can also find this additional context in AWS CloudTrail logs.

Trending on the news & advisories (Subscribe to the newsletter for details):

  • Argentinian Authorities Arrest Russian National for Laundering the Crypto Proceeds of Illicit Activity.
  • Top US oilfield firm Halliburton hit by cyberattack.
  • Telegram founder arrested in France.
  • Report- Notification of Concerns Identified in the FBI’s Investigation’s Inventory & storage.
💖 💪 🙅 🚩
aws-cloudsec
AJ

Posted on August 28, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related