Episode Summary
Last week in security news: Over 1,000 iOS apps found exposing hardcoded AWS credentials, how to handle Incident Response in AWS, this week's security tool, and more!
Episode Show Notes & Transcript
Links:
- 1Password frankly got it wrong with their assertion that you shouldn't bother with MFA for 1Password itself.
- Joe Frichette has a handy guide on the ordered steps to take to avoid CloudFront or DNS domain takeovers on AWS
- Over 1,000 iOS apps found exposing hardcoded AWS credentials
- Chris Farris has a great post covering how to handle Incident Response in AWS.
- Announcing new AWS IAM Identity Center APIs to manage users and groups at scale
- How to subscribe to the new Security Hub Announcements topic for Amazon SNS
- This week's tool is an open source dingus that lets you use TouchID on supported Macs to authenticate sudo on macOS.