AWS Outage - What is impacted?

Cloud Security News this week 8 December 2021

• If you use AWS, you may have noticed some issues with your services this week. AWS reported on Tuesday morning that they were seeing impacts to multiple APIs in the US-East 1 region. The issues were impacting their monitoring and incident response tooling impacting their ability to provide timely updates. A bit later they reported that they had identified the root cause of the issue causing service API and console issues. Root logins for consoles in all AWS regions were affected by this issue, however customers could login to consoles other than US-EAST-1 by using an IAM role for authentication. Services impacted include: EC2, Connect, DynamoDB, Glue, Athena, Timestream, and Chime. Most of the services have now recovered and all updates can be viewed here
• Recently McAfee and FireEye announced the availability of new cloud security capabilities on Amazon Web Services (AWS) as well as integration with the Amazon Inspector vulnerability management service. According to McAfee Enterprise and FireEye, their behavior analysis and machine-learning extended detection and response (XDR) capabilities combined with Amazon Inspector promises to deliver AWS customers greater visibility and protection of cloud-based applications and data.
• The research team at LightSpin discovered that the Jupiter Notebook instance of SageMaker could reach the Notebook Instance metadata endpoint. For context, having access to the metadata endpoint and requesting access tokens from an over-permissive IAM Role is a very well known SSRF vulnerability in AWS. In this case, the research team reported their finding to AWS and this has been resolved since. You can learn more about this here
• Zscaler, an American cloud-based information security company known for their Zscaler private and internet access and now the creators of Zero Trust Exchange platform have now announced the general availability of its new Workload Communications solution, which is part of the Zscaler Zero Trust Exchange. This extends Zero Trust security to workloads and applications hosted in public cloud to eliminate attack surfaces, prevent lateral threat movement, inhibit compromise of workloads, and stop data loss. It also helps IT teams simplify multi-cloud workload connectivity by moving away from traditional IP-based routing and VPNs between cloud environments to expedite enterprises' cloud transformation initiatives. You can learn more about this here.

Episode Show Notes on Cloud Security Podcast Website.

Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

Instagram - Cloud Security News

If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:

- Cloud Security Podcast:

- Cloud Security Academy: