The Inner Circle

Weekly Cloud and Security Watch Newsletter - August 23th, 2020

  • 1.  Weekly Cloud and Security Watch Newsletter - August 23th, 2020

    Posted 22 days ago
    Edited by Olivier Caleff 21 days ago

    Weekly Cloud and Security Watch Newsletter - August 23th, 2020

    ________________________________________
    Full Newsletter with links ⇒ CloudSecurityAlliance.fr/go/K8N/
    ________________________________________

    1 - CSA News and Updates - August 17th to 23th, 2020

    • Fill in the new CSA survey on Cloud Adoption in 2020
    • CCSK training in French and English end of August : You can still register !
    • Publication: "CSA's Perspective on Cloud Risk Management"
    • Press Release: CSA and ISACA Announce Strategic Partnership on CCAK
    • Conference: Feedback on the 'CSA CloudCon 2020'

    2 - Cloud and Security News Watch (over 130 links)

    • Must Read
      • Team TNT, a Cryptomining Botnet Steals AWS Credentials (Cado Security)
      • The State of Vulnerability Management in the Cloud and On-Premises (IBM X-Force & Ponemon)
    • Attacks, Incidents, Leaks, Threats, Vulnerabilities, Outages
      • Attacks: Team TNT (AWS) • Containers visés (Aqua Security)
      • Threats: Embedded Cryptominer Found in AWS Community AMI (Mitiga) • Insecure S3 buckets (CERT-EU) • Règles dans O365 (SANS, Martin Rothe)
      • Vulnérabilities: Lateral Movement from Azure to On-Prem AD (SpecterOps) • Potential Security Flaw in Kubernetes (Cyberark)
      • Outages: Slack on august 19th, GCP and Gmail on 20th
    • Reports, Surveys, Studies
      • Reports: '2020 Container Security Snapshot' (Sysdig) • 'The State of Vulnerability Management in the Cloud and On-Premises' (IBM X-Force & Ponemon) • Blackblaze Quarterly Stats
      • Surveys: '2020 Enterprise Cloud Trend' (2nd Watch)
    • Market, Acquisitions
      • Acquisitions : Amazon in talks with Rackspace
    • Cloud Services Providers, Solutions
      • AWS: Défense in Depth • Meta-data Leaks • Miscellaneous
      • Azure: Security licenses and Microsoft 365 Cmopliance • AzureAD • AzureAD Connect APIs • Azure PowerShell in a Docker Container • Controls • Résilience with Kubernetes
      • GCP: Logging & Log Storage • APIs to Manage Cloud Identity Groups
      • Docker: Images Retention Policy Changes at Docker Hub
      • Kubernetes: articles on RBAC
    • Podcasts, Weekly 'Cloud and Sécurité' Watch
      • Podcasts: Secure Environments in GCP
      • Watch: TL;DR Security #48, The Cloud Security Reading List #51
    • Miscellaneous
      • Cloud Threat Hunting
      • Threat Modeling in a Container Environmente
      • Privacy in the Cloud
      • NIST SP 800-207 document on Zero Trust Architecture

    3 - Agenda

    • August 2020
      • 31 → End of the call for papers for the CSA EMEA 2020 Congress
      • 31 → CCSK / CCSK Plus trainings in frnech
    • September 2020
      • 8 / 25 → CSA : 'SECtember Experience' Webinars
      • 23 / 24 → BIRP : Forum Sécurité@Cloud • Paris, Porte de Versailles

    4 - Link

    ________________________________________
    #Watch
    ________________________________________

    ------------------------------
    Olivier Caleff - CSA French Chapter - Chapter Leader - olivier.caleff@cloudsecurityalliance.fr - https://CloudSecurityAlliance.fr
    ------------------------------​