S3 Ep101: Uber and LastPass breaches – is 2FA all it’s cracked up to be? [Audio + Text]
DOUG. Uber hacked, more on the LastPass breach, and Firefox 105. All that, and more, on the Naked Security …
Cloud Provider
Announcing an update to IAM role trust policy behavior
in AWS account 123456789012. This role trust policy grants role assumption access to the role named RoleB in the same …
S3 Ep100.5: Uber breach – an expert speaks [Audio + Text]
[MUSICAL MODEM] DUCK. Hello, everybody. Welcome to this special mini-episode of the Naked Security …
154 AWS services achieve HITRUST certification
The AWS HITRUST Compliance Team is excited to announce that 154 Amazon Web Services (AWS) services are certified for the Health Information …
S3 Ep100: Browser-in-the-Browser – how to spot an attack [Audio + Text]
DOUG. Deadbolt – it’s back! Patches …
S3 Ep100: Imagine you went to the moon – how would you prove it? [Audio + Text]
DOUG. Deadbolt – it’s back! Patches …
Three-quarters of mobile applications found to contain valid AWS access tokens
A disturbing new report has found that three-quarters of mobile applications analyzed contained valid Amazon Web Servces Inc. access tokens …
S3 Ep98: The LastPass saga – should we stop using password managers? [Audio + Text]
DOUG. LastPass breached, Airgapping breached, and “Sanitizing” Chrome. All that, and more, on the Naked Security …
1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials
Researchers discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials. Researchers from Broadcom …
Over 1,800 Android and iOS Apps Found Leaking Hard-Coded AWS Credentials
Researchers have identified 1,859 apps across Android and iOS containing hard-coded Amazon Web Services (AWS) credentials, posing a major …
Learn more about the new allow list feature in Macie
Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and help …
Cloud Security Posture Management Now Available in Vulnerability Scanner Trivy
The open source vulnerability scanner Trivy has been recently extended to support cloud security posture management (CSPM) capabilities. …
How to centralize findings and automate deletion for unused IAM roles
Maintaining AWS Identity and Access Management (IAM) resources is similar to keeping your garden healthy over time. Having visibility into …
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
DOUG. Bitcoin ATMs attacked, Janet Jackson crashing computers, and zero-days galore. All that and more on the Naked Security …