Secure your CloudFront Distributions
UPDATE: AWS announced over the weekend [https://aws.amazon.com/blogs/security/enhanced-domain-protections-for-amazon-cloudfront-requests/] that they're enhancing protections against this kind of scenario. A few weeks ago a security researcher shared [https://disloops.com/cloudfront-hijacking/] it was possible to hijack domains that were misconfigured in Amazon CloudFront [https://aws.amazon.com/cloudfront/], Amazon's CDN-as-a-service. Being able...