Episode description
Episode description
Last week in security news: 'Muddled Libra' Uses Oktapus-Related Smishing to Target Outsourcing Firms, Issue with AWS Directory Service EnableRoleAccess, S3 buckets being used in attacks on npm packages, and more!
Links:
- This collection of best practices for managing root users at scale in AWS is worth a read
- 'Muddled Libra' Uses Oktapus-Related Smishing to Target Outsourcing Firms.
- 1Health is this week's winner of the S3 Bucket Negligence Award
- Barracuda advises customers to rip the entire device out, throw it away, and replace it entirely.
- S3 buckets being used in attacks on npm packages
- Issue with AWS Directory Service EnableRoleAccess
- Tool of the week: xeol is an end-of-life package scanner.