#7 - The Future Of The Cloud (Special Guest - Corey Quinn)
Corey Quinn joins "Crying Out Cloud" to discuss cloud evolution, Microsoft MSA, usage & misconfigurations
Omer Mosheiov
Listen now
Podcast
#8 - GameOverlay – privilege escalation vulnerabilities in Ubuntu
🍿🤏 Everything you need to know about this month's cloud security drama in the latest "Crying Out Cloud" episode!
In this edition, we explore THREE captivating stories 📚🔍
1️⃣ "GameOverlay" unveiled: Ubuntu's privilege escalation vulnerabilities 😱 — Wiz Research uncovered a pair of vulnerabilities that's affecting 40% of Ubuntu cloud machines! We've got the scoop on what you must know.
2️⃣ Unmasking "P2PInfect": The botnet targeting Redis! 🤖 — Ever wondered how a botnet hijacks your exposed Redis instances? Let's get into the nitty-gritty of this attack and find out how to defend your environment.
3️⃣ Jumpcloud's dance with North Korea: A supply chain saga 🕊️ -—Join us as we uncover the tale of Jumpcloud's breach and its uncanny link to North Korea. Dive deep into the investigation with us.
Resources
- https://www.wiz.io/blog/ubuntu-overlayfs-vulnerability
- https://ubuntu.com/security/CVE-2023-2640
- https://ubuntu.com/security/CVE-2023-32629
- https://www.cadosecurity.com/redis-p2pinfect/
- https://unit42.paloaltonetworks.com/peer-to-peer-worm-p2pinfect/
- https://www.mandiant.com/resources/blog/north-korea-supply-chain
- https://www.sentinelone.com/labs/jumpcloud-intrusion-attacker-infrastructure-links-compromise-to-north-korean-apt-activity/
- https://jumpcloud.com/blog/security-update-incident-details
- https://jumpcloud.com/support/july-2023-iocs
- https://github.blog/2023-07-18-security-alert-social-engineering-campaign-targets-technology-industry-employees/
- https://blog.phylum.io/sophisticated-ongoing-attack-discovered-on-npm/
More episodes
#6 - Chinese Spies Acquire Keys To The Azure Kingdom
On this episode: Chinese hackers breach US emails. Silent Bob & Team TNT return. Russian hackers exploit Office Zero Day
Omer Mosheiov
Listen now
#5 - Peeling back the layers of MOVEit Transfer 0day vulnerabilities
Spoiler Alert: We've got Scott Piper, the cloud security guru, joining the conversation too!
Omer Mosheiov
Listen now
Crying Out Cloud is also a newsletter!
Stay Safe & Informed: Receive the Latest Cloud Security News, Real Attack Insights, and Expert Guidance to Protect Your Environment.
Game-changing news
Our round up of the latest cloud security vulnerabilities and innovations that are shaking up the industry and need your attention.
Unique Wiz insights
An inside look at our research data - based on statistics from real attack paths we detected in real cloud environments.
Battle-tested advice
Tips from our Threat Research team on how to prevent data breaches in your company and how to improve your overall cloud security strategy.
Sign up to receive the latest updates in cloud security directly to your inbox