The AWS East West Canada Region
AWS Morning Brief for the week of November 15, 2021 with Corey Quinn.
Nov 15, 2021•11 min•Ep. 301
Last Week In AWS Podcast
The latest in AWS news, sprinkled with snark. Posts about AWS come out over sixty times a day. We filter through it all to find the hidden gems, the community contributions--the stuff worth hearing about! Then we summarize it with snark and share it with you--minus the nonsense.
Last refreshed: ⓘ
Follow this podcast in the Metacast mobile app to refresh it and see new episodes.
Podcasts are better in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more
Episodes
Stop Embedding Credentials
Links: Qtorque.io: https://qtorque.io A disturbing article: https://doublepulsar.com/the-hard-truth-about-ransomware-we-arent-prepared-it-s-a-battle-with-new-rules-and-it-hasn-t-a93ad3030a54 Kaspersky’s Amazon SES token: https://www.bleepingcomputer.com/news/security/kasperskys-stolen-amazon-ses-token-used-in-office-365-phishing/ Twitch breach: https://www.esecurityplanet.com/cloud/twitch-breach-shows-difficulty-cloud-security/ Implement OAuth 2.0 device grant flow by using Amazon Cognito and AW...
Nov 11, 2021•6 min•Ep. 300
The Sneaky Weakness Behind AWS’ Managed KMS Keys
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/The-Sneaky-Weakness-Behind-AWS'-Managed-KMS-keys Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duck...
Nov 10, 2021•11 min•Ep. 299
Amazon Thyme Sync
AWS Morning Brief for the week of 8 November, 2021 with Corey Quinn.
Nov 08, 2021•10 min•Ep. 298
Security Awareness Training in Five Minutes
Links: re:Quinnvent: https://requinnvent.com Don’t be surprised when ‘move fast and break things’ results in broken stuff: https://cloudpundit.com/2021/10/27/dont-be-surprised-when-move-fast-and-break-things-results-in-broken-stuff/ Twitter thread: https://Twitter.com/quinnypig/status/1453214680764219392 Correlate security findings with AWS Security Hub and Amazon EventBridge: https://aws.amazon.com/blogs/security/correlate-security-findings-with-aws-security-hub-and-amazon-eventbridge/ Three wa...
Nov 04, 2021•7 min•Ep. 297
The Unfulfilled Promise of Serverless
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/The-Unfulfilled-Promise-of-Serverless Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group ...
Nov 03, 2021•6 min•Ep. 296
The AWS Cwoud Backstowy
AWS Morning Brief for the week of November 1, 2021 with Corey Quinn.
Nov 01, 2021•10 min•Ep. 295
A Secretive Experiment
Links: 1Password University: https://blog.1password.com/introducing-1password-university/ Penetration testing: https://www.darkreading.com/cloud/pentesting-in-the-cloud-demands-a-different-approach New AWS workbook for New Zealand financial services customers: https://aws.amazon.com/blogs/security/new-aws-workbook-for-new-zealand-financial-services-customers/ Secretive: https://github.com/maxgoedjen/secretive Transcript Corey: This is the AWS Morning Brief: Security Edition . AWS is fond of sayi...
Oct 28, 2021•6 min•Ep. 294
The Dumbest Dollars a Cloud Provider Can Make
Want to give your ears a break and read this as an article? You’re looking for this link : http://www.lastweekinaws.com/blog/the-dumbest-dollars-a-cloud-provider-can-make Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbil...
Oct 27, 2021•7 min•Ep. 293
Chime SDK Background Bling
AWS Morning Brief for the week of October 25, 2021 with Corey Quinn.
Oct 25, 2021•10 min•Ep. 292
AWS W(T)AF
Links: Entirely optional for attackers: https://osamaelnaggar.com/blog/aws_waf_dangerous_defaults/ Worst Case: https://www.tbray.org/ongoing/When/202x/2021/10/08/The-WOrst-Case Are looking to change that: https://www.theregister.com/2021/10/11/cyan_zero_day_legislative_project/ Introducing Security at the Edge: https://aws.amazon.com/blogs/security/introducing-the-security-at-the-edge-core-principles-whitepaper/ Password reuse: https://www.hypr.com/password-reuse/ Transcript Corey: This is the A...
Oct 21, 2021•7 min•Ep. 291
The Turbotax of AWS Billing
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/The-Turbotax-of-AWS-Billing Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to help lo...
Oct 20, 2021•7 min•Ep. 290
AWS Butt Computing
AWS Morning Brief for the week of October 18, 2021 with Corey Quinn.
Oct 18, 2021•11 min•Ep. 289
AWS Security is Twitching
Links: Disclosed a nasty auto-delete bug: https://arstechnica.com/information-technology/2021/10/researcher-refuses-telegrams-bounty-award-discloses-auto-delete-bug/ Enroll basically all of it’s users: https://blog.google/technology/safety-security/making-sign-safer-and-more-convenient/ Worth taking a look: https://labs.bishopfox.com/tech-blog/IAM-vulnerable-assessing-the-aws-assessment-tools Enumerate those yourself: https://www.hezmatt.org/~mpalmer/blog/2021/10/07/enumerating-aws-iam-accounts....
Oct 14, 2021•8 min•Ep. 288
Why I Turned Down an AWS Job Offer Revisited
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/why-i-turned-down-an-aws-job-offer Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to ...
Oct 13, 2021•8 min•Ep. 287
Charity T-Shirt Week
AWS Morning Brief for the week of October 11, 2021 with Corey Quinn.
Oct 11, 2021•8 min•Ep. 286
DNSSEC Inspired Outages
Links: Let’s Encrypt’s root certificate has expired, and it might break your devices: https://techcrunch.com/2021/09/21/lets-encrypt-root-expiry/ Slack was bitten by DNSSEC: https://Twitter.com/tqbf/status/1443654964556013569 Prepare For Cybersecurity Assessments From Your Customers: https://www.securitysystemsnews.com/article/prepare-for-cybersecurity-assessments-from-your-customers AWS Lambda now supports triggering Lambda functions from an Amazon SQS queue in a different account: https://aws....
Oct 07, 2021•8 min•Ep. 285
The Compelling Economics of Cloudflare R2
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/The-Compelling-Economics-of-Cloudflare-R2 Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Gr...
Oct 06, 2021•14 min•Ep. 284
Cloudflare's Object Storage Lesson
AWS Morning Brief for the week of September 3, 2021 with Corey Quinn.
Oct 04, 2021•8 min•Ep. 283
F5's Refreshing Culture
Links: “I Trust AWS IAM to Secure my Applications. I Don’t Trust the IAM Docs to Tell Me How”: https://ben11kehoe.medium.com/i-trust-aws-iam-to-secure-my-applications-i-dont-trust-the-iam-docs-to-tell-me-how-f0ec4c119e79 “Introduction to Zero Trust on AWS ECS Fargate”: https://omerxx.com/identity-aware-proxy-ecs/ Threat Stack Aquired by F5: https://techcrunch.com/2021/09/20/f5-acquires-cloud-security-startup-threat-stack-for-68-million/ AWS removed from CVE-2021-38112 : https://rhinosecuritylabs...
Sep 30, 2021•8 min•Ep. 282
The Actual Next 1 Million Cloud Customers
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/The-Actual-Next-1-Million-Cloud-Customers Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Gr...
Sep 29, 2021•9 min•Ep. 281
Old Zealand's Data Center Migration
AWS Morning Brief for the week of September 27,2021 with Corey Quinn.
Sep 27, 2021•11 min•Ep. 280
OMIGOD, Get it Together Already
Links: WTF? Microsoft makes fixing deadly OMIGOD flaws on Azure your job : https://www.theregister.com/2021/09/17/microsoft_manual_omigod_fixes/ Travis CI flaw exposed secrets of thousands of open source projects : https://arstechnica.com/information-technology/2021/09/travis-ci-flaw-exposed-secrets-for-thousands-of-open-source-projects/ How to Build Strong Security Guardrails in the AWS Cloud With Minimal Effort : https://markn.ca/2021/how-to-build-strong-security-guardrails-in-the-aws-cloud-wi...
Sep 23, 2021•11 min•Ep. 279
17 More Ways to Run Containers on AWS
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/17-more-ways-to-tun-containers-on-aws Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group ...
Sep 22, 2021•9 min•Ep. 278
Billed on AWS For Startups
AWS Morning Brief for the week of September 20, 2021 with Corey Quinn.
Sep 20, 2021•10 min•Ep. 277
I Azure You This Shall Pass
Links: Principals in AWS IAM : https://ben11kehoe.medium.com/principals-in-aws-iam-38c4a3dc322a You Don’t Need to Burn off Your Fingertips (and Other Biometric Authentication Myths) : https://www.troyhunt.com/you-dont-need-to-burn-off-your-fingertips-and-other-biometric-myths/ Amazon Detective offers Splunk integration : https://aws.amazon.com/about-aws/whats-new/2021/09/amazon-detective-splunk-integration/ IAM Vulnerable - An AWS IAM Privilege Escalation Playground : https://labs.bishopfox.com/...
Sep 16, 2021•7 min•Ep. 276
Why Your AWS Bill is Likely a Product of 2 Pizza Teams
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/awss-per-service-margins/ Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to help lowe...
Sep 15, 2021•11 min•Ep. 275
Amazon EKS AnyVMware
AWS Morning Brief for the week of September 13, 2021 with Corey Quinn.
Sep 13, 2021•9 min•Ep. 274
Welcome to AMB: Security Edition
Links: Enumeration vulnerability in AWS: https://twitter.com/donkersgood/status/1433148548565151748 Lacework Cloud Threat Report : https://info.Lacework.com/2021-cloud-threat-report.html High Availability WireGuard On AWS : https://www.procustodibus.com/blog/2021/02/ha-wireguard-on-aws/ How to improve visibility into AWS WAF with anomaly detection : https://aws.amazon.com/blogs/security/how-to-improve-visibility-into-aws-waf-with-anomaly-detection/ How US federal agencies can authenticate to AWS...
Sep 09, 2021•10 min•Ep. 273
SaaS Cost Tools Suck
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/saas-cost-tools-suck Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to help lower you...
Sep 08, 2021•14 min•Ep. 272
Hosted on Transistor
For the best experience, listen in Metacast app for iOS or Android