Issue 57 & 58 of AWS Cloud Security Weekly

(This is just the highlight of Issue 57 and 58 of AWS Cloud Security weekly @ https://aws-cloudsec.com/p/issue-57-and-58 << Subscribe to receive the full version in your inbox weekly for free!!).

What happened in AWS CloudSecurity & CyberSecurity last week August 06- August 20, 2024?

• Currently, when Signed URLs are used, the full URL with the signature is logged in CloudFront's access logs. Starting October 1, 2024, the following changes will apply to how Signed URLs are logged: A If the signature is valid and successfully verified, the "Signature=" part of the URL will be redacted and replaced with "Signature=REDACTED-VERIFIED." B. If the signature is invalid and not successfully verified, the "Signature=" part will be redacted and replaced with "Signature=REDACTED-INVALID-," where details the specific verification failure, such as a missing or malformed policy or missing keys. These changes only affect the logging of the signature portion in CloudFront’s standard access logs and do not alter the functionality of the Signed URLs.
• AWS Config expands support for 124 resource types across 29 AWS Regions.
• Amazon Verified Permissions has made it easier for developers to implement fine-grained authorization when using third-party identity providers like Okta, CyberArk, and Transmit Security. Developers can now manage user permissions based on attributes and group memberships through their own OpenID Connect (OIDC) compliant identity provider.
• Amazon Cognito has upgraded Advanced Security Features (ASF) to better meet enterprise requirements and now supports preventing users from reusing their previous passwords, aiding in compliance efforts. Additionally, you can stream security events from ASF to an Amazon S3 bucket, Amazon Kinesis Firehose, or CloudWatch Insights. This capability enables you to integrate ASF events with security data from other AWS and third-party tools, providing deeper insights and enhancing overall security. Additionally, ASF now detects risks like "impossible travel," where a user logs in from two locations within a timeframe that makes travel between them unrealistic. Furthermore, ASF has improved its ability to identify risks in custom authentication flows. By enabling risk detection and adaptive authentication, you can enhance the security of applications that use custom authentication factors.

Trending on the news & advisories (Subscribe to the newsletter for details):

• Azure- Announcing mandatory multi-factor authentication for sign-in.
• Microsoft Bounty Program Year in Review: $16.6M in Rewards.
• MSRC 2024 Most Valuable Security Researchers!
• Critical vulnerabilities in 6 AWS services disclosed at Black Hat USA.
• Wiz achieves FedRAMP Moderate authorization. Link and now a CVE Numbering Authority (CNA)