Description

Last week in security news: 'Muddled Libra' Uses Oktapus-Related Smishing to Target Outsourcing Firms, Issue with AWS Directory Service EnableRoleAccess, S3 buckets being used in attacks on npm packages, and more!

Links:

• This collection of best practices for managing root users at scale in AWS is worth a read
• 'Muddled Libra' Uses Oktapus-Related Smishing to Target Outsourcing Firms.
• 1Health is this week's winner of the S3 Bucket Negligence Award
• Barracuda advises customers to rip the entire device out, throw it away, and replace it entirely. 
• S3 buckets being used in attacks on npm packages
• Issue with AWS Directory Service EnableRoleAccess
• Tool of the week: xeol is an end-of-life package scanner.