Amazon Basics NXP Chips from Annapurna Labs
AWS Morning Brief for the week of May 30, 2022 with Corey Quinn.
Episodes
AWS Morning Brief
The latest in AWS news, sprinkled with snark. Posts about AWS come out over sixty times a day. We filter through it all to find the hidden gems, the community contributions--the stuff worth hearing about! Then we summarize it with snark and share it with you--minus the nonsense.
Episodes
Security Model Citizen Development
Links: Google Cloud Build deep dive Andrea Brancaleoni found an ELB header security issue An article on You Can't Opt Out of Citizen Development DOJ Announces It Won’t Prosecute White Hat Security Researchers Choosing the right certificate revocation method in ACM Private CA a somewhat... controversial AWS Security Maturity Model AWS API calls that return credentials on GitHub...
An AWS Free Tier Bill Shock: Your Next Steps
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/an-aws-free-tier-bill-shock-your-next-steps Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill ...
Amazon's Original Risk Store
AWS Morning Brief for the week of May 23, 2022 with Corey Quinn.
F5 Exploit the Exact Opposite of Refreshing
Links: "Hacking the Cloud" is a community-built encyclopedia npm dependency confusion attack . Windows Event Logs F5 appliance (software or hardware) full remote code execution with privileged access Wiz has a blog post up about securing AWS Lambda function URLs Build a strong identity foundation that uses your existing on-premises Active Directory How to use new Amazon GuardDuty EKS Protection findings Poro (an open source project) scans for publicly accessible assets in your AWS environment...
Fixing the AWS Free Tier is No Longer Optional
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/an-aws-free-tier-bill-shock-your-next-steps/ Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill...
Amazon Data Fencing
AWS Morning Brief for the week of May 16, 2022 with Corey Quinn.
Suddenly Nobody Wants to Build Heroku
Links: S3 Bucket Negligence Award Mandoogle on how AWS's instance metadata service can be abused by attackers Heroku apparently had its entire database breached last week Wiz Research discovered a new vulnerability in Azure’s PostgreSQL Flexible Server service. AWS deleted packages they'd pushed to public repositories A guide to Cloud Security Orienteering...
AWS's Deprecation Policy Is Like a Platypus
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/aws-s-deprecation-policy-is-like-a-platypus Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill ...
AWS WindWanker
AWS Morning Brief for the week of May 9, 2022 with Corey Quinn.
Serverlessly Get Your CloudGoat
Links: SELinux is unmanageable; just turn it off if it gets in your way AWS welcomes new Trans-Atlantic Data Privacy Framework How to control access to AWS resources based on AWS account, OU, or organization AWS has an article that explains what the confused deputy problem The CloudGoat pentest training tool now supports Lambda...
How to Win in Cloud
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/how-to-win-in-cloud Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to help lower your...
Amazon CloudWatch for Sharon
AWS Morning Brief for the week of May 2, 2022 with Corey Quinn.
AWS Starts the Security Communication Improvement Slog
Links: Summit Route's AWS SCP Best Practices Reported Apache Log4j Hotpatch Issues cloudtrail-partioner
AWS's Open Source Problem
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/aws-s-open-source-problem Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to help lowe...
AWS GoForIt (With Expedia Group Compatibility)
AWS Morning Brief for the week of April 25, 2022 with Corey Quinn.
gimme-aws-creds, Possibly Okta's AWS Creds
Corey’s livetweet: https://twitter.com/quinnypig Eric Hammond’s old article: https://alestic.com/2014/09/aws-root-password/ Lightspin found a vulnerability: https://blog.lightspin.io/aws-rds-critical-security-vulnerability Expel’s incident report: https://expel.com/blog/incident-report-from-cli-to-console-chasing-an-attacker-in-aws/ Rhino Security Labs found a CVE in the AWS VPN Client: https://rhinosecuritylabs.com/aws/cve-2022-25165-aws-vpn-client/ DarkReading’s profile of AJ Yawn: https://www...
Shitposting as a Learning Style
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/shitposting-as-a-learning-style Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to hel...
Amazon's Competitive Advantage
AWS Morning Brief for the week of April 18, 2022 with Corey Quinn.
Denonia Denials
Links: CashMama gets the S3 Bucket Negligence Award MailChimp’s cryptocurrency clients' mailing-list info stolen Denonia, the first Lambda-specific malware AWS IAM Access Analyzer...
Taking AWS Account Logins For Granted
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/taking-aws-account-logins-for-granted Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group ...
Requiem for a Weasel
AWS Morning Brief for the week of April 11, 2022 with Corey Quinn.
Okta and Ubiquiti Duel For Negative Attention
Links Referenced: Okta’s CEO: https://www.bloomberg.com/news/articles/2022-04-04/okta-ceo-says-breach-is-big-deal-aims-to-restore-trust taken a job as a Distinguished Engineer VP at AWS: https://www.linkedin.com/feed/update/urn:li:activity:6914280317675614208/ Ubiquiti has sued Brian Krebs for defamation: https://www.theregister.com/2022/03/30/ubiquiti_brian_krebs/ “Best practices: Securing your Amazon Location Service resources”: https://aws.amazon.com/blogs/security/best-practices-securing-you...
Ubiquiti Teaches AWS Security and Crisis Comms Via Counterexample
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/ubiquiti-teaches-aws-security-and-crisis-comms-via-counterexample Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with C...
I Am Not Responsible For the Content or Accuracy of This Podcast
AWS Morning Brief for the week of April 4, 2022 with Corey Quinn.
The Perils of Bad Corporate Comms
Links: Their investigation of the January 2022 Okta compromise: https://blog.cloudflare.com/cloudflare-investigation-of-the-january-2022-okta-compromise/ You know it’s a legit AWS email because the instructions are very bad: https://Twitter.com/0xdabbad00/status/1506258309715673089 sabotaged their own package: https://www.bleepingcomputer.com/news/security/big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war/ “AWS IAM Demystified”: https://www.daan.fyi/writings/iam from a third-p...
S3 Is Not a Backup
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/s3-is-not-a-backup Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to help lower your ...
Speaking to the Dead with Amazon Chime
AWS Morning Brief for the week of March 28, 2022 with Corey Quinn.
Is Okta Gone?
Links Referenced: quietly updated the re:Inforce site: https://reinforce.awsevents.com remains disturbingly murky: https://www.theverge.com/2022/3/22/22990637/okta-breach-single-sign-on-lapsus-hacker-group far greater detail: https://kloudle.com/blog/aws-rds-does-not-force-clients-to-connect-using-a-secure-transport-layer AWS Lambda announces support for PrincipalOrgID in resource-based policies: https://aws.amazon.com/about-aws/whats-new/2022/03/aws-lambda-principalorgid-resource-policies/ Auto...
Google Cloud Alters the Deal
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/google-cloud-alters-the-deal Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to help l...