Episode 434
Mobile Authentication to AWS is Hard
Last week in security news: Over 1,000 iOS apps found exposing hardcoded AWS credentials, how to handle Incident Response in AWS, this week's security tool, and more!
September 8, 20225m 42s
Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Links:
- 1Password frankly got it wrong with their assertion that you shouldn't bother with MFA for 1Password itself.
- Joe Frichette has a handy guide on the ordered steps to take to avoid CloudFront or DNS domain takeovers on AWS
- Over 1,000 iOS apps found exposing hardcoded AWS credentials
- Chris Farris has a great post covering how to handle Incident Response in AWS.
- Announcing new AWS IAM Identity Center APIs to manage users and groups at scale
- How to subscribe to the new Security Hub Announcements topic for Amazon SNS
- This week's tool is an open source dingus that lets you use TouchID on supported Macs to authenticate sudo on macOS.
Topics
cloudawsamazondevopslast week in aws984841