{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Last Week In AWS Podcast","title":"Overscoped Role? No, It's the Children Who Are Wrong","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/6476af1d\"></iframe>","width":"100%","height":180,"duration":218,"description":"Last week in security news: Corey reported an over-scoped role to AWS security, The bad LastPass breach got even worse, How to enforce DNS name constraints in AWS Private CA, and more!Links:I reported an over-scoped role to AWS security; the response from the SageMaker Canvas team was that it's working as intended.The bad LastPass breach that continues to get worse once again somehow got worse.Microsoft has published a rather thorough postmortem about how their signing key was leaked.A security newsletter features a scam that I reported via Twitter.Google has gone from paragon of security to apparently now sharing aspects of your browsing history with websites in Chrome,Establishing a data perimeter on AWS: Allow access to company data only from expected networks How to enforce DNS name constraints in AWS Private CA Tool of the week: ThreatMapper hunts for threats in your production platforms, and ranks these threats based on their risk-of-exploit.","thumbnail_url":"https://img.transistorcdn.com/PMIkgW48sHRopAuMhIYzsjzhK0RhchBCtpHSuJjoizc/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS80MDRk/OGFjYTIxMWE1MjQy/YWRkZDhiMDJmMzMy/MDQyMi5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}