Last week in security news: Corey reported an over-scoped role to AWS security, The bad LastPass breach got even worse, How to enforce DNS name constraints in AWS Private CA, and more!Links:
I reported an over-scoped role to AWS security; the response from the SageMaker Canvas team was that it's working as intended.
The bad LastPass breach that continues to get worse once again somehow got worse.
Microsoft has published a rather thorough postmortem about how their signing key was leaked.
A security newsletter features a scam that I reported via Twitter.
Google has gone from paragon of security to apparently now sharing aspects of your browsing history with websites in Chrome,

Establishing a data perimeter on AWS: Allow access to company data only from expected networks 

How to enforce DNS name constraints in AWS Private CA 
Tool of the week: ThreatMapper hunts for threats in your production platforms, and ranks these threats based on their risk-of-exploit.