---
title: "Wait Did You Say Root API Keys?"
id: "13549"
type: "podcast"
slug: "wait-did-you-say-root-api-keys"
published_at: "2023-01-19T12:00:00+00:00"
modified_at: "2023-06-20T21:41:38+00:00"
url: "https://www.lastweekinaws.com/podcast/aws-morning-brief/wait-did-you-say-root-api-keys/"
markdown_url: "https://www.lastweekinaws.com/podcast/aws-morning-brief/wait-did-you-say-root-api-keys.md"
taxonomy_shows:
  - "Last Week In AWS"
---

About the Author Corey is the Chief Cloud Economist at Duckbill, where he specializes in helping companies improve their AWS bills by making them smaller and less horrifying. He also hosts the "Screaming in the Cloud" and "AWS Morning Brief" podcasts; and curates "Last Week in AWS," a weekly newsletter summarizing the latest in AWS news, blogs, and tools, sprinkled with snark and thoughtful analysis in roughly equal measure.

[https://podcasts.apple.com/us/podcast/aws-morning-brief/id1466344305](https://podcasts.apple.com/us/podcast/aws-morning-brief/id1466344305)

[https://overcast.fm/itunes1466344305/aws-morning-brief](https://overcast.fm/itunes1466344305/aws-morning-brief)

[https://pca.st/AKs0](https://pca.st/AKs0)

[https://podcastaddict.com/podcast/2382583](https://podcastaddict.com/podcast/2382583)

[https://open.spotify.com/show/3A04JNrNAcZMvn8cvDWpWU](https://open.spotify.com/show/3A04JNrNAcZMvn8cvDWpWU)

[https://feeds.transistor.fm/aws-morning-brief](https://feeds.transistor.fm/aws-morning-brief)

## Episode Summary

Last week in security news: Community Meet-up in Phoenix on Sunday, Rackspace admits that attackers accessed customer data, Tom Forbes scanned every package on PyPi, and more!

## Episode Show Notes & Transcript

**Links:**

- Join Corey in Phoenix next Sunday at 1PM at [Zuzu](https://www.hotelvalleyho.com/zuzu) for a community meet-up.
- Rackspace continues to trickle the truth out; it's now admitting that attackers [accessed customer data](https://techcrunch.com/2023/01/06/rackspace-ransomware-data-exchange/)
- Tom Forbes scanned--wait, holy hell, he [scanned every package on PyPi and found 57 live AWS keys](https://tomforb.es/i-scanned-every-package-on-pypi-and-found-57-live-aws-keys/) .
- In one year we're going to come back and see how accurate [the heads of AWS security are](https://venturebeat.com/security/aws-security-heads-offer-top-cybersecurity-predictions-for-2023/) with their predictions for cybersecurity in 2023
- Today's tip of the week is to go fire up your important AWS account(s) and validate that the [root user](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html) doesn't have API credentials assigned.

 View Full Transcript  Hide Full Transcript

## You might also like

[More Podcast Episodes](https://www.lastweekinaws.com/podcast/aws-morning-brief/)