Wiz
Podcast

#13 - Leaky CLIs, glitchy CPUs and risky HARs

Omer Mosheiov
SpotifyListen onSpotifyGoogle PodcastsListen onGoogle PodcastsApple PodcastsListen onApple Podcasts

šŸŽ™ļø NEW PODCAST EPISODE ALERT! Eden and Amitai are back with another wild ride through the cloudy skies on "Crying Out Cloud"!

Here's the scoop for today's adventure: 01:36 - Okta Support System Compromise: šŸ•µļøā€ā™‚ļø We unravel the mystery surrounding an unknown threat actor's access to Okta's customer support system. What's an HAR file, and why should you care?

06:30 - Azure CLI Credential Leak (CVE-2023-36052): šŸ’» Get the lowdown on Microsoft's Azure CLI vulnerability and how this leak happened, why defaults matter, and what the patch means for your Azure CLI setup.

13:17 - Reptar and Cachewarp CPU Vulnerabilities: šŸ’” CPU vulnerabilities are a trend we can't ignore! Discover why Reptar and Cachewarp CPU vulnerabilities might sound daunting but aren't necessarily the cloud apocalypse. Plus, the juicy details on who's patched and who's snoozing on this issue

Resources

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36052 https://cloud.google.com/blog/products/identity-security/google-researchers-discover-reptar-a-new-cpu-vulnerability https://lock.cmpxchg8b.com/reptar.html https://cachewarpattack.com/ https://sec.okta.com/harfiles

More episodes

CROC Talks: Helping Secure Hugging Face Hub - Special Guest: Shir Tamari

Wiz Research reveals major security flaws in AI services. Tune into Crying Out Cloud for insights from Shir Tamari.

Omer Mosheiov
Listen now

CROC Talks - XZ Utils backdoor explained

XZ Utils backdoor shakes the industry. Tune in as Eden & Amitai discuss the risks & actions on Crying Out Cloud.

Omer Mosheiov
Listen now

CROC News - Malicious Repos, Bandwidth Theft, & NVD or NoVD?

Malicious code in repos, the future of NVD, cryptojacking, and CI/CD tool flaws.

Omer Mosheiov
Listen now
View all episodes

Crying Out Cloud is also a newsletter!

Stay Safe & Informed: Receive the Latest Cloud Security News, Real Attack Insights, and Expert Guidance to Protect Your Environment.

  • Game-changing news

    Our round up of the latest cloud security vulnerabilities and innovations that are shaking up the industry and need your attention.

  • Unique Wiz insights

    An inside look at our research data - based on statistics from real attack paths we detected in real cloud environments.

  • Battle-tested advice

    Tips from our Threat Research team on how to prevent data breaches in your company and how to improve your overall cloud security strategy.

Sign up to receive the latest updates in cloud security directly to your inbox

For information about how Wiz handles your personal data, please see our Privacy Policy.