DEV Community

Cover image for Issue 43 of AWS Cloud Security Weekly
AWS Community Builders profile image AJ
AJ for AWS Community Builders

Posted on • Originally published at aws-cloudsec.com

Issue 43 of AWS Cloud Security Weekly

#security #aws #newsletter #news

(This is just the summary of Issue 43 of AWS Cloud Security weekly @ https://aws-cloudsec.com/p/issue-43 << Subscribe for FREE to receive the full version in your inbox weekly).

What happened in AWS CloudSecurity & CyberSecurity last week April 30-may 06, 2024?

  • AWS has launched a new EC2 API GetInstanceTPMEkPub that allows you to fetch the public endorsement key (EkPub) for the Nitro Trusted Platform Module (NitroTPM) in your Amazon EC2 instance.

  • Now, with Route 53 Resolver DNS Firewall, you can automatically skip inspecting domains that are part of a domain redirection chain, like Canonical Name (CNAME) and Delegation Name (DNAME), eliminating the need to explicitly add every domain in the chain to your Route 53 DNS Firewall allow-list. Previously, when you created allow-lists for domains, Route 53 DNS Firewall checked each DNS query from your VPC against the allow-list tied to a DNS Firewall rule. If a query pointed to a domain in a redirection chain (like a CNAME) that wasn't included in your allow-list, the DNS Firewall would block the query, requiring you to manually add each domain in the chain to your allow-list. With this update, you can now set your DNS Firewall rules to automatically cover all domains within a redirection chain, like CNAME or DNAME, without the need to list each one individually.

Trending on the news & advisories (Subscribe to the newsletter for details):

  • CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory Traversal Vulnerabilities.
  • Read Satya Nadella’s Microsoft memo on putting security first.
  • Former NSA Employee Sentenced to Over 21 Years in Prison for Attempted Espionage.
  • Former Cybersecurity Consultant Arrested For $1.5 Million Extortion Scheme Against IT Company.
  • White House Press Release: National Cyber Director Encourages Adoption of Skill-Based Hiring to Connect Americans to Good-Paying Cyber Jobs.
  • Dropbox filed SEC Form 8-K Filing and confirmed unauthorized access.
  • Change Healthcare hacked using stolen Citrix account with no MFA.

Top comments (0)

Read next

saumya27 profile image

Best Game Development Frameworks: A Comparison Of Unity, Unreal Engine, Cocos2D-X, Godot, & Gamemaker Studio

Saumya -

mishmanners profile image

Release Radar · April 2024 Edition: Major updates from the open source community

Michelle Mannering -

vkazulkin profile image

Data API for Amazon Aurora Serverless v2 with AWS SDK for Java - Part 6 Comparing cold and warm starts between Data API and JDBC

Vadym Kazulkin -

automq profile image

AutoMQ vs Apache Kafka: A Real AWS Cloud Bill Comparison

AutoMQ -