🍿🤏 Everything you need to know about this month's cloud security drama in the latest "Crying Out Cloud" episode!

In this edition, we explore THREE captivating stories 📚🔍

1️⃣ "GameOverlay" unveiled: Ubuntu's privilege escalation vulnerabilities 😱 — Wiz Research uncovered a pair of vulnerabilities that's affecting 40% of Ubuntu cloud machines! We've got the scoop on what you must know. 

2️⃣ Unmasking "P2PInfect": The botnet targeting Redis! 🤖 — Ever wondered how a botnet hijacks your exposed Redis instances? Let's get into the nitty-gritty of this attack and find out how to defend your environment.

3️⃣ Jumpcloud's dance with North Korea: A supply chain saga 🕊️ -—Join us as we uncover the tale of Jumpcloud's breach and its uncanny link to North Korea. Dive deep into the investigation with us.

#8 - GameOverlay – privilege escalation vulnerabilities in Ubuntu

🔥 SPECIAL EPISODE ALERT 🔥

@Corey Quinn Joins the Party — in this week's incredible episode of "Crying Out Cloud" 🥳

Meet our remarkable hosts:
✨ @Eden, the tech-savvy wizard from the CTO Team at Wiz
✨ @Amitai, our expert from the Threat Research Team at Wiz

And for this special occasion, we're rolling out the red carpet for:
🎊 COREY QUINN! 🎊
Chief Cloud Economist at The Duckbill Group, the mastermind behind Last Week in AWS, and the charismatic host of the Screaming in the Cloud podcast. Corey is not just a cloud icon – he's a cloud ROCKSTAR 🎸

On the producer's desk:
🕹️ @Alon Schindel, our powerhouse Director of Data and Threat Research at Wiz

—

In this unforgettable episode, we explore:
💥 The Microsoft MSA incident – a turning point or a fading memory?
💡 The cloud's revolutionary journey over the past decade
🌍 Cloud usage in today's economic climate
💎 Often overlooked but golden cloud services
🛡 Why cloud misconfigurations are still a major issue

AND...
We put Corey in the hot seat with a speed round that's packed with laughs and surprises!

#7 - The Future Of The Cloud (Special Guest - Corey Quinn)

1. Chinese Hackers Steal US Gov Emails
2. Silent Bob & the Team TNT  Comeback
3. Russian Hackers Exploit Office Zero Day
4. Footloose's 2023 Object-Oriented Sequel: PyLoose 

#6 - Chinese Spies Acquire Keys To The Azure Kingdom

👀 Here's a sneak peek at today’s episode: 

🔒 Stay ahead of the game! LAPSUS$ Hackers may be making waves. Two members of this notorious group faced consequences in the UK, but shockingly, they continued their hacking activities even while under house arrest.  

🤖 [Data Poisoning](https://www.wiz.io/academy/data-poisoning) in AI Training is a growing concern. Hackers can manipulate the data used to train AI models, introducing risks and vulnerabilities. Validating data integrity and randomizing data ingestion times are useful mitigations against this threat.

💻 The WinRAR Vulnerability (CVE-2023-38831)! This flaw was exploited against crypto-traders to infect their devices with malware, but should be considered a low concern for cloud customers unless using virtual desktops.  

#9 - The collapse of LAPSUS$ and the risks of AI data poisoning

Resources

More episodes

#8 - GameOverlay – privilege escalation vulnerabilities in Ubuntu

#7 - The Future Of The Cloud (Special Guest - Corey Quinn)

#6 - Chinese Spies Acquire Keys To The Azure Kingdom

Crying Out Cloud Newsletter