September 08, 2022

Mobile Authentication to AWS is Hard

5 minutes

Links:

1Password frankly got it wrong with their assertion that you shouldn't bother with MFA for 1Password itself.
Joe Frichette has a handy guide on the ordered steps to take to avoid CloudFront or DNS domain takeovers on AWS
Over 1,000 iOS apps found exposing hardcoded AWS credentials
Chris Farris has a great post covering how to handle Incident Response in AWS.
Announcing new AWS IAM Identity Center APIs to manage users and groups at scale
How to subscribe to the new Security Hub Announcements topic for Amazon SNS
This week's tool is an open source dingus that lets you use TouchID on supported Macs to authenticate sudo on macOS.

...more

By Corey Quinn

4.7

7777 ratings

September 08, 2022

5 minutes

Links:

1Password frankly got it wrong with their assertion that you shouldn't bother with MFA for 1Password itself.
Joe Frichette has a handy guide on the ordered steps to take to avoid CloudFront or DNS domain takeovers on AWS
Over 1,000 iOS apps found exposing hardcoded AWS credentials
Chris Farris has a great post covering how to handle Incident Response in AWS.
Announcing new AWS IAM Identity Center APIs to manage users and groups at scale
How to subscribe to the new Security Hub Announcements topic for Amazon SNS
This week's tool is an open source dingus that lets you use TouchID on supported Macs to authenticate sudo on macOS.

...more