The Inner Circle

Weekly Cloud and Security Watch Newsletter #83 - September 27th, 2020

  • 1.  Weekly Cloud and Security Watch Newsletter #83 - September 27th, 2020

    Posted 17 days ago

    Weekly Cloud and Security Watch Newsletter - September 21st to 27th, 2020

    ________________________________________
    Full Newsletter with links ⇒ CloudSecurityAlliance.fr/go/K9R
    ________________________________________

    1 - CSA News and Updates - September 21st to 27th, 2020

    • Important Call for Comments: 'Cloud Controls Matrix v4'
    • Annual General Meeting for CSA's UK Chapter
    • Announcement: 'Top Threats to Cloud Computing: Egregious Eleven, Deep Dive'
    • Presentation at the 'Forum Securité@Cloud'
    • Blog: 'CCSK Success Stories: From the Head of IT at a Financial Services Company'
    • Blog: 'A "New" Threat in the Security Landscape'

    2 - Cloud and Security News Watch (over 110 links)


    • Must read
      • Microsoft Detects and Disrupts Nation-State Attacks in the Cloud
      • Cybersecurity and the Cloud
      • Digital Operational Resilience Act (DORA) Puts Cloud SLAs Under Scrutinity
    • Attacks, Incidents, Leaks, Threats, Vulnerabilities, Outages
      • Threats: PaaS Malware (CyberZone) • Internet Exposure of rsync (Rapid7)
      • Vulnerabilities: Google Patched Privilege Escalation Vulnerability in Cloud Service • Azure Account hijackings
      • Outages: Long-lasting Outage for AWS SNS
    • Reports, Surveys, Studies, Publications
      • Reports: State of Container and Kubernetes Security (StackRox) • Google Cloud Buckets Exposed in Rampant Misconfiguration (CompariTech)
      • Studies: Compliance Benchmarks
    • Cloud Services Providers, Solutions, and Tools
      • AWS: AWS IAM Explained • AWS perspectives • AWS WAF, SSO and AAD, Secrets Management, Forensics, Lambda Handbook...
      • Azure: Microsoft Defender for 365 and Azure Cloud • Azure IoT • Azure AD
      • GCP: Chronicle Detect, a new Threat-Detection Service • Kubernetes Ingress
      • Kubernetes: Best Pracices • Misconfigurations
      • Docker: Worm in Python • Image Security in Less than 5 Minutes
    • Podcasts, Weekly 'Cloud and Security' Watch
      • Podcasts: 'What is Security Chaos Engineering?'
      • Newsletters: TL;DR Security #53 • The Cloud Security Reading List #56
    • Market, Acquisitions
      • Acquisitions: Preempt Security by Crowdstrike
    • Miscellaneous
      • The rise of a European soverign Cloud
      • Quantum Computing
      • Passwordless Information Sharing

    3 - Agenda

    • Up to September 30th → CSA : 'SECtember Experience' Webinars

    4 - Link

    ________________________________________

    ------------------------------
    Olivier Caleff - CSA French Chapter - Chapter Leader - olivier.caleff@cloudsecurityalliance.fr - https://CloudSecurityAlliance.fr
    ------------------------------