Issue 45 of AWS Cloud Security Weekly

(This is just the summary of Issue 45 of AWS Cloud Security weekly @ https://aws-cloudsec.com/p/issue-45 << Subscribe to receive the full version in your inbox weekly).

What happened in AWS CloudSecurity & CyberSecurity last week May 13-May 22, 2024?

• Amazon QuickSight now allows connectivity to Redshift data sources using an IAM role through GetClusterCredentialswithIAM. This enhancement builds on the previously introduced Redshift RunasRole feature by making the Database user/Database Group parameters optional, effectively linking the temporary user identity directly to the IAM credentials.
• Amazon Detective adds support for EKS audit logs in Security Lake integration.
• AWS Security Hub now supports version 3.0 of the Center for Internet Security (CIS) AWS Foundations Benchmark which includes 37 security controls, with 7 new controls that are unique to version 3.0. Security Hub has met the criteria for the CIS Security Software Certification and has been certified for levels 1 and 2 of the CIS AWS Foundations Benchmark version 3.0.

Trending on the news & advisories (Subscribe to the newsletter for details):

• Amazon has a new CEO.
• Oracle goes vegan: Dumps Terraform for OpenTofu.
• Microsoft will require MFA for all Azure users.
• SEC: Financial orgs have 30 days to send data breach notifications.
• FedRAMP board launched to support safe, secure use of cloud services in government.
• Prison for cybersecurity expert selling private videos from inside 400,000 homes.
• Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets.
• CISA and ONCD Award the Winners of the Fifth Annual President’s Cup Cybersecurity Competition.
• Linguistic Lumberjack: Attacking Cloud Services via Logging Endpoints (Fluent Bit - CVE-2024-4323).
• Amazon S3 will no longer charge for several HTTP error codes.
• Microsoft will require MFA for all Azure users.