Overscoped Role? No, It's the Children Who Are Wrong
AWS Morning Brief
English - September 14, 2023 10:00 - 3 minutes - 5.12 MB - ★★★★★ - 76 ratingsTech News News Business News cloud aws amazon devops last week in aws Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Why Your CPU-Based Utilization Metric Is Absolute Nonsense
Next Episode: Seeing the Benefits of a Cloud Career
Last week in security news: Corey reported an over-scoped role to AWS security, The bad LastPass breach got even worse, How to enforce DNS name constraints in AWS Private CA, and more!
Links:
I reported an over-scoped role to AWS security; the response from the SageMaker Canvas team was that it's working as intended.The bad LastPass breach that continues to get worse once again somehow got worse.Microsoft has published a rather thorough postmortem about how their signing key was leaked.A security newsletter features a scam that I reported via Twitter.Google has gone from paragon of security to apparently now sharing aspects of your browsing history with websites in Chrome,Establishing a data perimeter on AWS: Allow access to company data only from expected networks How to enforce DNS name constraints in AWS Private CA Tool of the week: ThreatMapper hunts for threats in your production platforms, and ranks these threats based on their risk-of-exploit.