AWS Morning Brief

Want to give your ears a break and read this as an article? You’re looking for this link.Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of August 1, 2022 with Corey Quinn.

Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/Q2Zpg5jQe-QNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

Links:The Nigerian government scores this week's S3 Bucket Negligence AwardNew Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio SignalsAutomatically block suspicious DNS activity with Amazon GuardDuty and Route 53 Resolver DNS FirewallUse Security Hub custom actions to remediate S3 resources based on Macie discovery results There has been significant improvement to the AWS IAM documentation around IAM best practices.Artillery lets you use Lambdas for open source load testing.

AWS Morning Brief for the week of July 25, 2022 with Corey Quinn.

Links:Things I wish I knew about AWS WAF - Bot Control How to Protect Your Data from Ransomware with S3 Object LockIt seems that Experian has learned nothing from its string of data breachesThe Makati city government is the winner of this week's S3 Bucket Negligence award.A quick overview of AWS principals, identity-based policies, and resource-based policies.Eligible customers can now order a free MFA security keyReported EKS IAM Authenticator Issue I found a handy script that someone beat together that makes it easy as pie to use AWS Roles Anywhere.

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/azures_vulnerabilities_are_quackWant to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/5iTxtBnCPysNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of July 18th, 2022 with Corey Quinn.

Links:My article on the dangers of chatbots led someone to share this concern-affirming tale. Extend AWS IAM roles to workloads outside of AWS with IAM Roles Anywhere How to tune TLS for hybrid post-quantum cryptography with Kyber hasIAMfailedopenyet.com is a site that triggers a Lambda function on every invocation that attempts to access something it cannot.

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/coreys-security-posture-2022Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/dHDY69hIvvkNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of July 11, 2022 with Corey Quinn.

Links:The most recently reported Azure vulnerabilityAmazon Photos exposes customers to riskI (re)discovered Scott Piper's work on Lesser Known Techniques for Attacking AWS Environments.PyPi python packages get caught sending stolen AWS keys to unsecured sites.TLS 1.2 to become the minimum TLS protocol level for all AWS API endpoints GuardDuty has new findings CloudFormation Guard had a new release.

Want to give your ears a break and read this as an article? You’re looking for this link:https://www.lastweekinaws.com/blog/the-chatops-issue-no-ones-chatting-aboutWant to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/eBKZ71OLjG8Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of July 4th, 2022 with Corey Quinn.

Links: Azure has another security issue around its Synapse offering; this one was discovered by Tenable.Sysdig has a dive into the real threats to SSH on EC2.Tailscale has announced the ability to support Tailscale SSH.Chris Farris has a treatise on the The Philosphy of Prevention when it comes to cloud security.Google Cloud CISO Phil Venables asks whether security analogies are counterproductive. A security issue of sorts was discovered around sts:GetSessionToken Role Chaining in AWSThe person responsible for the giant Capital One hack that took advantage of a series of small AWS misconfigurations has been convicted.Rogue GitHub apps could have hijacked countless repos for a week or two earlier this year.Wickr for Government achieves FedRAMP Ready designationIt takes an open source project like trackiam to collate IAM actions, AWS APIs, and managed policies from all over the placePasswordle lets you guess commonly used passwords.

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/9-ways-aws-cdk-headdeskWant to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/3Mf3_l6iEtA Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of June 27, 2022 with Corey Quinn.

Links:Travis CI continues to be a security nightmare.Implementing IAM Permission Boundaries with AWS SSO using TerraformA user reported a vulnerability to a company through Bugcrowd. The writeup is really worth reviewing.The RSA conference was apparently a super spreader event.Because nobody beats the Wiz, they've got a post up on the secret agents installed by cloud service providers.Partitioning and Isolating Multi-Tenant SaaS Data with Amazon S3Service Notice – Upcoming changes required for AWS Config | AWS Cloud Operations & Migrations BlogHere's a list of best practices for writing Docker images that don't make you regret running them in production environments.

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/should-you-take-a-job-at-aws/Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/BCiUulzr9f8Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of June 20, 2022 with Corey Quinn.

Links:Azure’s continuing security woesThe Meeting Owl videoconference device apparently had significant security problems Brandon Sherman writes about how Temporal structures its access control strategy with regard to AWS This week's S3 Bucket Negligence Award goes to Mobike. Cloud Functions or Cloud Run launched from any GCP organization can bypass Google Kubernetes Engine (GKE) Authorized Networks restrictionsProof of someone migrating to SSO and disabling IAM users entirely. AWS blog post about IAM policy types: How and when to use themTailscale

Want to give your ears a break and read this as an article? You’re looking for this link:https://www.lastweekinaws.com/blog/reinvent-keynote-incident/Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/NGvLMsf4Wg8Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcasts

AWS Morning Brief for the week of June 13, 2022 with Corey Quinn.

Links:Nick Jones' review of the AWS Security Model I linked to previously.Microsoft Azure has seen 6 'nightmare' cloud security flaws over the past year. Unsecured Elasticsearch Data Replaced with Ransom NoteAWS Systems Manager announces support for port forwarding to remote hosts using Session Manager When and where to use IAM permissions boundaries Security vulnerability in AWS's Managed Workflows for Apache Airflow

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/the-strange-too-familiar-tale-of-uncle-suitcase/Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/x70EypnAH1YNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of June 6, 2022, with Corey Quinn.

Links:Poisoned Python and PHP packages purloin passwords for AWS accessNo, your cloud environment doesn't need a sandboxSpring 2022 SOC reports are now available with 150 services in scopeCanary Tokens

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/the-aurora-serverless-road-not-taken/Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of May 30, 2022 with Corey Quinn.

Links:Google Cloud Build deep diveAndrea Brancaleoni found an ELB header security issueAn article on You Can't Opt Out of Citizen Development DOJ Announces It Won’t Prosecute White Hat Security ResearchersChoosing the right certificate revocation method in ACM Private CAa somewhat... controversial AWS Security Maturity Model AWS API calls that return credentials on GitHub

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/an-aws-free-tier-bill-shock-your-next-stepsNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of May 23, 2022 with Corey Quinn.

Links:"Hacking the Cloud" is a community-built encyclopedia npm dependency confusion attack.Windows Event LogsF5 appliance (software or hardware) full remote code execution with privileged accessWiz has a blog post up about securing AWS Lambda function URLsBuild a strong identity foundation that uses your existing on-premises Active DirectoryHow to use new Amazon GuardDuty EKS Protection findingsPoro (an open source project) scans for publicly accessible assets in your AWS environment

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/an-aws-free-tier-bill-shock-your-next-steps/Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of May 16, 2022 with Corey Quinn.

Links:S3 Bucket Negligence AwardMandoogle on how AWS's instance metadata service can be abused by attackersHeroku apparently had its entire database breached last weekWiz Research discovered a new vulnerability in Azure’s PostgreSQL Flexible Server service.AWS deleted packages they'd pushed to public repositoriesA guide to Cloud Security Orienteering

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/aws-s-deprecation-policy-is-like-a-platypusNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of May 9, 2022 with Corey Quinn.

Links: SELinux is unmanageable; just turn it off if it gets in your wayAWS welcomes new Trans-Atlantic Data Privacy FrameworkHow to control access to AWS resources based on AWS account, OU, or organizationAWS has an article that explains what the confused deputy problemThe CloudGoat pentest training tool now supports Lambda

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/how-to-win-in-cloudNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of May 2, 2022 with Corey Quinn.

Links:Summit Route's AWS SCP Best Practices Reported Apache Log4j Hotpatch Issuescloudtrail-partioner

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/aws-s-open-source-problemNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of April 25, 2022 with Corey Quinn.

Corey’s livetweet: https://twitter.com/quinnypigEric Hammond’s old article: https://alestic.com/2014/09/aws-root-password/Lightspin found a vulnerability: https://blog.lightspin.io/aws-rds-critical-security-vulnerabilityExpel’s incident report: https://expel.com/blog/incident-report-from-cli-to-console-chasing-an-attacker-in-aws/Rhino Security Labs found a CVE in the AWS VPN Client: https://rhinosecuritylabs.com/aws/cve-2022-25165-aws-vpn-client/DarkReading’s profile of AJ Yawn: https://www.darkreading.com/edge-articles/bytechek-founder-aj-yawn-brings-discipline-to-everything-he-doesNotGitBleed: https://www.notgitbleed.com/AWS Security Bulletins: https://aws.amazon.com/security/security-bulletins/AWS-2022-005/ https://aws.amazon.com/security/security-bulletins/AWS-2022-004/gimme-aws-creds: https://github.com/Nike-Inc/gimme-aws-credsChamber: https://github.com/segmentio/chamber#lastweekinaws slack channel: https://og-aws-slack.lexikon.io/

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/shitposting-as-a-learning-styleNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of April 18, 2022 with Corey Quinn.

Links:CashMama gets the S3 Bucket Negligence AwardMailChimp’s cryptocurrency clients' mailing-list info stolenDenonia, the first Lambda-specific malware AWS IAM Access Analyzer

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/taking-aws-account-logins-for-grantedNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of April 11, 2022 with Corey Quinn.