Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/azures-terrible-security-posture-comes-home-to-roost/ Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the...
Jan 12, 2022•9 min•Ep 331•Transcript available on Metacast AWS Morning Brief for the week of January 10, 2021 with Corey Quinn.
Jan 10, 2022•7 min•Ep 330•Transcript available on Metacast Links: “Tokyo police lose 2 floppy disks containing personal info on 38 public housing applicants”: https://mainichi.jp/english/articles/20211227/p2a/00m/0na/072000c LastPass may have suffered a breach: https://news.ycombinator.com/item?id=29705957 “Worst AWS Data Breaches of 2021”: https://securityboulevard.com/2021/12/worst-aws-data-breaches-of-2021/ D.W. Morgan: https://www.hackread.com/logistics-giant-d-w-morgan-exposed-clients-data/ SEGA Europe: https://vpnoverview.com/news/sega-europe-suff...
Jan 06, 2022•5 min•Ep 329•Transcript available on Metacast Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/the-aws-service-i-hate-the-most Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to hel...
Jan 05, 2022•9 min•Ep 328•Transcript available on Metacast AWS Morning Brief for the week of January 3, 2021 with Corey Quinn.
Jan 03, 2022•6 min•Ep 327•Transcript available on Metacast Links: “Cloud Security Breaches and Vulnerabilities”: https://blog.christophetd.fr/cloud-security-breaches-and-vulnerabilities-2021-in-review/ S3 Bucket Negligence Award: https://mytechdecisions.com/audio/sennheiser-responds-after-customer-data-from-2018-was-exposed-online/ Granted the role its support teams use to access customer accounts access to S3 objects: https://Twitter.com/0xdabbad00/status/1473448889948598275?s=12 S3 Bucket Negligence Award: https://www.modernghana.com/news/1127205/repo...
Dec 30, 2021•6 min•Ep 326•Transcript available on Metacast Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/last-year-in-aws Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to help lower your AW...
Dec 29, 2021•8 min•Ep 325•Transcript available on Metacast AWS Morning Brief for the week of December 27, 2021 with Corey Quinn.
Dec 27, 2021•7 min•Ep 324•Transcript available on Metacast Links: Has its own vulnerability that’s actively under exploit: https://arstechnica.com/information-technology/2021/12/patch-fixing-critical-log4j-0-day-has-its-own-vulnerability-thats-under-exploit/ Google Project Zero deep dive into the NSO group’s iMessage exploit: https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html Three flaws: https://thehackernews.com/2021/12/hackers-begin-exploiting-second-log4j.html How to customize behavior of AWS Managed Rules for WAF: h...
Dec 23, 2021•6 min•Ep 323•Transcript available on Metacast Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/overstating-awss-free-tier-generosity Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group ...
Dec 22, 2021•7 min•Ep 322•Transcript available on Metacast AWS Morning Brief for the week of December 20, 2021 with Corey Quinn.
Dec 20, 2021•6 min•Ep 321•Transcript available on Metacast Links: The internet is now on fire: https://www.engadget.com/log4shell-vulnerability-log4j-155543990.html Blog post: https://blog.cloudflare.com/exploitation-of-cve-2021-44228-before-public-disclosure-and-evolution-of-waf-evasion-patterns/ Expecting to be down for weeks: https://www.darkreading.com/attacks-breaches/kronos-suffers-ransomware-attack-expects-full-restoration-to-take-weeks- Update for the Apache Log4j2 Issue: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ Log4Shell...
Dec 16, 2021•7 min•Ep 320•Transcript available on Metacast Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/lessons-in-trust-from-us-east-1 Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to hel...
Dec 15, 2021•8 min•Ep 319•Transcript available on Metacast AWS Morning Brief for the week of December 13, 2021 with Corey Quinn.
Dec 13, 2021•9 min•Ep 318•Transcript available on Metacast Links: Cyber-security insurance providers are increasing their requirements to be insurable: https://Twitter.com/SwiftOnSecurity/status/1467879429707866112 “Why the C-suite doesn’t need access to all corporate data”: https://www.darkreading.com/vulnerabilities-threats/why-the-c-suite-doesn-t-need-access-to-all-corporate-data “Amazon S3 Object Ownership can now disable access control lists to simplify access management for data in S3”: https://aws.amazon.com/about-aws/whats-new/2021/11/amazon-s3-...
Dec 09, 2021•6 min•Ep 317•Transcript available on Metacast Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/how-aws-measures-its-customers Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to help...
Dec 08, 2021•8 min•Ep 316•Transcript available on Metacast Releasees of re:Invent Lyrics AWS Backup speaks S3 Systems Manager: RDP Improvements have hit Control Tower Systems Manager speaks Greengrass Evidently's name sucks ass (It does A/B testing by the hour) Streams in Kinesis EMR and Jesus MSK are now Serverless Redshift is too And this one should please you FSx supports OpenZFS Make development faster Without a disaster Too dangerous to go alone You might give them a slappin' For making this happen But please go check out HoneyComb Data Transfer ne...
Dec 06, 2021•3 min•Ep 315•Transcript available on Metacast AWS Morning Brief for Day 5 of re:Quinnvent on Friday, December 5 with Corey Quinn.
Dec 03, 2021•4 min•Ep 314•Transcript available on Metacast AWS Morning Brief for Day 4 of re:Quinnvent on Thursday, December 2 with Corey Quinn.
Dec 02, 2021•4 min•Ep 313•Transcript available on Metacast Links: Cost of a Data Breach Report: https://securityintelligence.com/cost-of-data-breach-bottom-line/ Got its ass handed to it in a security breach last week: https://threatpost.com/Godaddys-latest-breach-customers/176530/ Millions of Brazilians: https://www.zdnet.com/article/millions-of-brazilians-exposed-in-wi-fi-management-software-firm-leak/ “You can now securely connect to your Amazon MSK clusters over the internet”: https://aws.amazon.com/about-aws/whats-new/2021/11/securely-connect-amazo...
Dec 02, 2021•6 min•Ep 312•Transcript available on Metacast AWS Morning Brief for Day 3 of re:Quinnvent on Wednesday, December 1 with Corey Quinn.
Dec 01, 2021•5 min•Ep 311•Transcript available on Metacast Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/amazon-linux-2022-codename-setenforce-0 Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Grou...
Dec 01, 2021•9 min•Ep 310•Transcript available on Metacast AWS Morning Brief for Day 2 of re:Quinnvent on Tuesday, November 30 with Corey Quinn.
Nov 30, 2021•4 min•Ep 309•Transcript available on Metacast AWS Morning Brief for Day 1 of re:Quinnvent on Monday, November 29th, 2021 with Corey Quinn.
Nov 29, 2021•5 min•Ep 308•Transcript available on Metacast AWS Morning Brief for the week of November 29, 2021 with Corey Quinn.
Nov 29, 2021•12 min•Ep 307•Transcript available on Metacast Links $1.3 billion in funding: https://www.reuters.com/technology/cloud-security-startup-lacework-valued-83-bln-after-mammoth-funding-round-2021-11-18/ NSA and CISA: https://www.csoonline.com/article/3640576/6-key-points-of-the-new-cisansa-5g-cloud-security-guidance.html Fined by Singapore’s regulatory authority: https://www.theregister.com/2021/11/18/redoorz_fined_for_massive_data_leak/ 4 Security Questions to Ask About Your Salesforce Application: https://www.toolbox.com/it-security/security-v...
Nov 25, 2021•7 min•Ep 306•Transcript available on Metacast Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/The-AWS-Managed-NAT-Gateway-is-Unpleasant-and-Not-Recommended Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey...
Nov 24, 2021•9 min•Ep 305•Transcript available on Metacast AWS Morning Brief for the week of November 22, 2021 with Corey Quinn.
Nov 22, 2021•12 min•Ep 304•Transcript available on Metacast Links: re:Quinnvent: https://www.requinnvent.com "ChaosDB: Researchers Share Technical Details of Azure Flaw”: https://www.darkreading.com/cloud/chaosdb-researchers-share-technical-details-of-azure-flaw “Hackers Apologize to Arab Royal Families for Leaking Their Data”: https://www.vice.com/en/article/n7nw8m/conti-ransomware-hackers-apologize-to-arab-royal-families-for-leaking-their-data AWS Artifact: https://aws.amazon.com/artifact/ Policy Sentry: https://github.com/salesforce/policy_sentry Prow...
Nov 18, 2021•6 min•Ep 303•Transcript available on Metacast Want to give your ears a break and read this as an article? You’re looking for this link: https://www.lastweekinaws.com/blog/my-re-quinnvent-justification-letter Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group t...
Nov 17, 2021•6 min•Ep 302•Transcript available on Metacast 
