The Inner Circle

Weekly Cloud and Security Watch Newsletter - September 13th, 2020

  • 1.  Weekly Cloud and Security Watch Newsletter - September 13th, 2020

    Posted Sep 20, 2020 03:01:00 AM
    Edited by Olivier Caleff 29 days ago

    Weekly Cloud and Security Watch Newsletter - September 7th to 13th, 2020

    ________________________________________
    Full Newsletter with links ⇒ CloudSecurityAlliance.fr/go/K9D/
    ________________________________________

    1 - CSA News and Updates - September 7th to 13th, 2020

    • Blog: Boardroom Excellence: Quantum Risk Management
    • Blog: Understanding the Complexities of Securing a Remote Workforce

    2 - Cloud and Security News Watch (over 70 links)

    • Must read
      • Monaco launches an AWS-based 'Sovereign Cloud': first of, let's read the documents and think on the meaning of what a 'Sovereign Cloud'...
      • Abusing Legitimate Cloud Monitoring Tools to Conduct Cyber Attacks (Intezer)
    • Attacks, Incidents, Leaks, Threats, Vulnerabilities, Outages
      • Attacks: APT28/Strontium (Microsoft) • Furthur 'Team TNT' analysis (Prevasio, Threatpost) • Massive Cryptomining Campaign (Aqua Security) • Overview of APTs on Linux (Kaspersky)
      • Vulnerabilities: Threat Hunting to find Misconfigured Docker Exploitation (Awake)
    • Best Practices, and Detection
      • Best Practices: Kubernetes (Sysdig) • Cloud security mistakes (CSO Online)
      • Detection: TTPs Matrix for Linux Cloud Servers (Intezer)
    • Cloud Services Providers, Solutions, and Tools
      • AWS: Building a Secure Amazon S3 Bucket (Fugue) • Identification of Vulnerabilities (XMCO)
      • Azure: Automatic VM Guest Patching • Announcements
      • GCP: Expanding Google Cloud's Confidential Computing portfolio • Encryption, Key Management, and Real Security
      • Oracle: Resiliency
      • Kubernetes: Protecting Against Kubernetes Threats (9th and final part by StackRox) • Application Access Control
      • Containers: Challenge of Persistence (Palo Alto Networks) • Container Security Terminology (Anchore)
      • Workloads: Protection (Intezer)
      • Tools: CloudBrute to Find a Company Cloud Infrastructure
    • Podcasts, Weekly 'Cloud and Security' Watch
      • Podcasts: Identity & Cross Account Access Management in AWS
      • Watch: TL;DR Security #51 • The Cloud Security Reading List #54
    • Miscellaneous
      • Privacy Shield: Nuageo's Viewpoint
      • Essential Microsoft Azure Books
      • Free Cloud Storage: What's the Catch?
      • Myths of Cloud Encryption: Christophe Parisel's Viewpoint

    3 - Agenda

    • 8 / 25 → CSA: 'SECtember Experience' Webinars
    • 23 / 24 → BIRP: Forum Sécurité@Cloud • Paris, Porte de Versailles

    4 - Link

    ________________________________________

    ________________________________________
    #Watch #Veille
    ________________________________________

    ------------------------------
    Olivier Caleff - CSA French Chapter - Chapter Leader - olivier.caleff@cloudsecurityalliance.fr - https://CloudSecurityAlliance.fr
    ------------------------------