A Review of the Best News of the Week on Cloud Security, DevOps, AppSec
AWS Network Firewall – New Managed Firewall Service in VPC (AWS News Blog, Nov 17 2020)
“Today, I am happy to announce AWS Network Firewall, a high availability, managed network firewall service for your virtual private cloud (VPC). It enables you to easily deploy and manage stateful inspection, intrusion prevention and detection, and web filtering to protect your virtual networks on AWS. Network Firewall automatically scales with your traffic, ensuring high availability with no additional customer investment in security infrastructure.”
Be Very Sparing in Allowing Site Notifications (Krebs on Security, Nov 17 2020)
“An increasing number of websites are asking visitors to approve “notifications,” browser modifications that periodically display messages on the user’s mobile or desktop device. In many cases these notifications are benign, but several dodgy firms are paying site owners to install their notification scripts and then selling that communications pathway to scammers and online hucksters.”
Hundreds of Tesla Powerwall Gateways Potentially Exposed to Hacker Attacks (SecurityWeek, Nov 17 2020)
Hundreds of Tesla Powerwall Backup Gateways may have been exposed to remote hacker attacks from the internet, but Tesla says it has taken steps to reduce risks.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Enterprises embrace Kubernetes, but lack security tools to mitigate risk (Help Net Security, Nov 13 2020)
Businesses increasingly embrace the moving of multiple applications to the cloud using containers and utilize Kubernetes for orchestration, according to Zettaset. However, findings also confirm that organizations are inadequately securing the data stored in these new cloud-native environments and continue to leverage existing legacy security technology as a solution. Businesses are faced with significant IT-related challenges as they strive to keep up with the demands of digital transformation.
How a move to the cloud can improve disaster recovery plans (Help Net Security, Nov 16 2020)
COVID-19 and the subsequent global recession have thrown a wrench into IT spending. Many enterprises have placed new purchases on hold. Gartner recently projected that global spending on IT would drop 8% overall this year — and yet dollars allocated to cloud-based services are still expected to rise by approximately 19 percent, bucking that downward trend.
Nearly Two Dozen AWS APIs Are Vulnerable to Abuse (Dark Reading, Nov 17 2020)
Attackers can conduct identity reconnaissance against an organization at leisure without being detected, Palo Alto Networks says.
Multi-cloud environments leaving businesses at risk (Help Net Security, Nov 18 2020)
Businesses around the globe are facing challenges as they try to protect data stored in complex hybrid multi-cloud environments, from the growing threat of ransomware, according to a Veritas Technologies survey. Only 36% of respondents said their security has kept pace with their IT complexity, underscoring the need for greater use of data protection solutions that can protect against ransomware across the entirety of increasingly heterogenous environments.
The Value of a Compromised Cloud Account (Infosecurity Magazine, Nov 18 2020)
A compromised Office 365 account is a coveted target for malicious actors
How to prevent expensive data breaches in the cloud (SC Media, Nov 18 2020)
Security has become a major concern for customers of cloud service storage providers as more organizations migrate sensitive data and services to the cloud. A recent Ermetic survey found that nearly 80 percent of companies had experienced at least one cloud data breach in the past 18 months, while 43 percent reported 10 or more…
Attackers can abuse a misconfigured IAM role across 16 Amazon services (SC Media, Nov 17 2020)
Researchers at Palo Alto’s Unit 42 have confirmed that they have compromised a customer’s AWS cloud account with thousands of workloads.
Centrally manage AWS WAF (API v2) and AWS Managed Rules at scale with Firewall Manager (AWS Security Blog, Nov 17 2020)
“Since AWS Firewall Manager was introduced in 2018, it has evolved with many more features and today also supports the newest version of AWS WAF, as well as the latest AWS WAF APIs (AWS WAFV2), and AWS Managed Rules for AWS WAF. (Note that the original AWS WAF APIs are still available and supported under the name AWS WAF Classic. Firewall Manager already supported AWS WAF Classic and continues to do so.) In this blog, we walk you through the steps of setting up Firewall Manager policies for AWS WAF and highlight some of the options available.”
Cloud Network Security 101: Azure Virtual Network Service Endpoints (Cloud Security Alliance, Nov 12 2020)
Microsoft Azure offers two similar but distinct services to allow virtual network (VNet) resources to privately connect to other Azure services. Azure VNet Service Endpoints and Azure Private Endpoints (powered by Azure Private Link) both promote network security by allowing VNet traffic to communicate with service resources without going over the internet, but there are some differences.
Self-Service Security for Developers Is the DevSecOps Brass Ring (Dark Reading, Nov 13 2020)
DevOps teams with full security integration and self-service capabilities are 80% more likely to fix critical vulnerabilities in under a day, according to the ninth annual “State of DevOps Report”
5 Irrefutable Reasons to Prioritize Software Security (Checkmarx, Nov 12 2020)
These days, technology is evolving at a pace like never before seen, forcing organizations into an “adapt or die” situation. And, as digital transformation accelerates, everyone is feeling the effects. DevOps leaders, AppSec managers, and developers are certainly no exception, as they’re being tasked with developing and deploying software at a faster rate to keep..