AWS Outage - What is impacted?

AWS Outage - What is impacted?

Cloud Security News this week 8 December 2021

  • If you use AWS, you may have noticed some issues with your services this week. AWS reported on Tuesday morning that they were seeing impacts to multiple APIs in the US-East 1 region. The issues were impacting their monitoring and incident response tooling impacting their ability to provide timely updates. A bit later they reported that they had identified the root cause of the issue causing service API and console issues. Root logins for consoles in all AWS regions were affected by this issue, however customers could login to consoles other than US-EAST-1 by using an IAM role for authentication. Services impacted include: EC2, Connect, DynamoDB, Glue, Athena, Timestream, and Chime. Most of the services have now recovered and all updates can be viewed here
  • Recently McAfee and FireEye announced the availability of new cloud security capabilities on Amazon Web Services (AWS) as well as integration with the Amazon Inspector vulnerability management service. According to McAfee Enterprise and FireEye, their behavior analysis and machine-learning extended detection and response (XDR) capabilities combined with Amazon Inspector promises to deliver AWS customers greater visibility and protection of cloud-based applications and data.
  • The research team at LightSpin discovered that the Jupiter Notebook instance of SageMaker could reach the Notebook Instance metadata endpoint. For context, having access to the metadata endpoint and requesting access tokens from an over-permissive IAM Role is a very well known SSRF vulnerability in AWS. In this case, the research team reported their finding to AWS and this has been resolved since. You can learn more about this here
  • Zscaler, an American cloud-based information security company known for their Zscaler private and internet access and now the creators of Zero Trust Exchange platform have now announced the general availability of its new Workload Communications solution, which is part of the Zscaler Zero Trust Exchange. This extends Zero Trust security to workloads and applications hosted in public cloud to eliminate attack surfaces, prevent lateral threat movement, inhibit compromise of workloads, and stop data loss. It also helps IT teams simplify multi-cloud workload connectivity by moving away from traditional IP-based routing and VPNs between cloud environments to expedite enterprises' cloud transformation initiatives. You can learn more about this here.

Episode Show Notes on Cloud Security Podcast Website.

Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

Instagram - Cloud Security News

If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:

- Cloud Security Podcast:

- Cloud Security Academy:

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(40)

Vulnerabilities discovered in AWS, GCP and Azure

Vulnerabilities discovered in AWS, GCP and Azure

Cloud Security News this week 26 Jan 2023 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) In...

26 Jan 20237min

Amazon S3 encrypts by default and The CircleCI Breach

Amazon S3 encrypts by default and The CircleCI Breach

Cloud Security News this week 14 Jan 2023 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) In...

14 Jan 20236min

New Cloud Vulnerability Database + Another Misconfigured S3 Bucket

New Cloud Vulnerability Database + Another Misconfigured S3 Bucket

Cloud Security News this week 14 July 2022 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) I...

14 Juli 20225min

Dell Embraces Multi-cloud + Hackers use stolen OAuth

Dell Embraces Multi-cloud + Hackers use stolen OAuth

Cloud Security News this week 11 May 2022 Brought to you this week by JupiterOne To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - C...

11 Maj 20226min

AWS Security Hub releases 5 new controls + Latest with Spring4shell

AWS Security Hub releases 5 new controls + Latest with Spring4shell

Cloud Security News this week 12 April 2022 Brought to you this week by Teleport To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - C...

13 Apr 20225min

What is Spring4shell? + Should we be concerned?

What is Spring4shell? + Should we be concerned?

Cloud Security News this week 30 March 2022 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) ...

7 Apr 20224min

Latest with Okta/Lapsus$ + Return of Log4J

Latest with Okta/Lapsus$ + Return of Log4J

Cloud Security News this week 30 March 2022 Brought you by - JupiterOne - Find out more about them at www.jupiterone.com/csp To read more about this week's stories head to https://cloudsecuritypodcast...

30 Mars 20226min

All you need to know about the Okta and Microsoft breach

All you need to know about the Okta and Microsoft breach

Cloud Security News this week 23 March 2022 Brought you by - JupiterOne - Find out more about them at www.jupiterone.com/csp - Hunters - Find out more about them at www.hunters.ai To read more about t...

23 Mars 20225min

Populärt inom Politik & nyheter

aftonbladet-krim
svenska-fall
tv4-nyheterna-story
p3-krim
rss-krimstad
motiv
de-fyras-gang
spar
flashback-forever
aftonbladet-daily
rss-expressen-dok
rss-sanning-konsekvens
rss-krimreportrarna
rss-flodet
rss-vad-fan-hande
politiken
rss-frandfors-horna
krimmagasinet
kungligt
svd-dokumentara-berattelser-2