Weekly Cloud and Security Watch Newsletter - September 7th to 13th, 2020
________________________________________
Full Newsletter with links ⇒ CloudSecurityAlliance.fr/go/K9D/
________________________________________
1 - CSA News and Updates - September 7th to 13th, 2020
- Blog: Boardroom Excellence: Quantum Risk Management
- Blog: Understanding the Complexities of Securing a Remote Workforce
2 - Cloud and Security News Watch (over 70 links)
- Must read
- Monaco launches an AWS-based 'Sovereign Cloud': first of, let's read the documents and think on the meaning of what a 'Sovereign Cloud'...
- Abusing Legitimate Cloud Monitoring Tools to Conduct Cyber Attacks (Intezer)
- Attacks, Incidents, Leaks, Threats, Vulnerabilities, Outages
- Attacks: APT28/Strontium (Microsoft) • Furthur 'Team TNT' analysis (Prevasio, Threatpost) • Massive Cryptomining Campaign (Aqua Security) • Overview of APTs on Linux (Kaspersky)
- Vulnerabilities: Threat Hunting to find Misconfigured Docker Exploitation (Awake)
- Best Practices, and Detection
- Best Practices: Kubernetes (Sysdig) • Cloud security mistakes (CSO Online)
- Detection: TTPs Matrix for Linux Cloud Servers (Intezer)
- Cloud Services Providers, Solutions, and Tools
- AWS: Building a Secure Amazon S3 Bucket (Fugue) • Identification of Vulnerabilities (XMCO)
- Azure: Automatic VM Guest Patching • Announcements
- GCP: Expanding Google Cloud's Confidential Computing portfolio • Encryption, Key Management, and Real Security
- Oracle: Resiliency
- Kubernetes: Protecting Against Kubernetes Threats (9th and final part by StackRox) • Application Access Control
- Containers: Challenge of Persistence (Palo Alto Networks) • Container Security Terminology (Anchore)
- Workloads: Protection (Intezer)
- Tools: CloudBrute to Find a Company Cloud Infrastructure
- Podcasts, Weekly 'Cloud and Security' Watch
- Podcasts: Identity & Cross Account Access Management in AWS
- Watch: TL;DR Security #51 • The Cloud Security Reading List #54
- Miscellaneous
- Privacy Shield: Nuageo's Viewpoint
- Essential Microsoft Azure Books
- Free Cloud Storage: What's the Catch?
- Myths of Cloud Encryption: Christophe Parisel's Viewpoint
3 - Agenda
- 8 / 25 → CSA: 'SECtember Experience' Webinars
- 23 / 24 → BIRP: Forum Sécurité@Cloud • Paris, Porte de Versailles
4 - Link
________________________________________
________________________________________
#Watch #Veille________________________________________
------------------------------
Olivier Caleff - CSA French Chapter - Chapter Leader -
[email protected] -
https://CloudSecurityAlliance.fr------------------------------