(This is just the highlight of Issue 51 of AWS Cloud Security weekly @ https://aws-cloudsec.com/p/issue-51 << Subscribe to receive the full version in your inbox weekly for free!!).
What happened in AWS CloudSecurity & CyberSecurity last week June 20-July 02, 2024?
Amazon GuardDuty EC2 Runtime Monitoring eBPF security agent now extends its support to Amazon Elastic Compute Cloud (EC2) workloads running on Ubuntu (versions 20.04 and 22.04) and Debian (versions 11 and 12) operating systems. If you utilize GuardDuty EC2 Runtime Monitoring with automated agent management, the security agent for your Amazon EC2 instances will be upgraded automatically. However, if you do not use automated agent management, you are responsible for manually upgrading the agent.
AWS has launched Amazon Virtual Private Cloud (VPC) support for AWS CloudShell, enabling creation of CloudShell environments within a VPC. This allows you to securely use CloudShell alongside other resources within the same subnet of your VPC without requiring additional network setup. Before this release, there was no method to control network traffic for CloudShell to the internet.
Amazon CodeCatalyst now integrates support for using source code repositories hosted on GitLab.com within CodeCatalyst projects, allowing you to leverage GitLab.com repositories with CodeCatalyst’s features, including its cloud IDE (Development Environments). You can initiate CodeCatalyst workflows in response to GitLab.com events, monitor the status of CodeCatalyst workflows directly within GitLab.com, and enforce blocking of GitLab.com pull request merges based on CodeCatalyst workflow statuses.
Amazon DocumentDB (with MongoDB compatibility) now includes support for cluster authentication using AWS Identity and Access Management (IAM) users and roles ARNs. This enhancement allows users and applications connecting to an Amazon DocumentDB cluster for data operations such as reading, writing, updating, or deleting to authenticate using AWS IAM identities. This means that the same AWS IAM user or role can be used consistently across connections to different DocumentDB clusters and other AWS services. For applications deployed on AWS EC2, AWS Lambda, AWS ECS, or AWS EKS, there is no longer a need to manage passwords within the application for authentication to Amazon DocumentDB. Instead, these applications retrieve their connection credentials securely through environment variables associated with an AWS IAM role, thereby establishing a passwordless authentication mechanism.
AWS CodeBuild now offers the ability to extend their build timeout to up to 36 hours, a significant increase from the previous limit of 8 hours. This enhancement allows you to set the maximum duration before CodeBuild terminates a build request if it remains incomplete. With this update, organizations managing workloads that demand extended timeouts, such as extensive automated test suites or builds involving embedded machines, can effectively utilize CodeBuild’s capabilities.
Trending on the news & advisories (Subscribe to the newsletter for details):
GitLab critical patch which could allow an attacker to trigger a pipeline as another user.
CISA: Exploring Memory Safety in Critical Open Source Projects.
Grafana security update: Grafana Loki and unintended data write attempts to Amazon S3 buckets.
TeamViewer breached in alleged APT hack.
Russian National Charged for Conspiring with Russian Military Intelligence to Destroy Ukrainian Government Computer – Systems and Data.
Microsoft- Toward greater transparency: Unveiling Cloud Service CVEs.
Geisinger provides notice of Nuance’s data security incident.
regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server.
Rapid7 Agrees to Acquire Cyber Asset Attack Surface Management Company, Noetic Cyber.
