#10 - fwd:cloudsec With Special Guest Scott Piper
fwd:cloudsec event special - Featuring our special wizard guest Scott Piper, who is also the co-founder of fwd:cloudsec!
Omer Mosheiov
ããããã£ã¹ã
#8 - GameOverlay â privilege escalation vulnerabilities in Ubuntu
ð¿ð€ Everything you need to know about this month's cloud security drama in the latest "Crying Out Cloud" episode!
In this edition, we explore THREE captivating stories ðð
1ïžâ£ "GameOverlay" unveiled: Ubuntu's privilege escalation vulnerabilities ð± â Wiz Research uncovered a pair of vulnerabilities that's affecting 40% of Ubuntu cloud machines! We've got the scoop on what you must know.
2ïžâ£ Unmasking "P2PInfect": The botnet targeting Redis! ð€ â Ever wondered how a botnet hijacks your exposed Redis instances? Let's get into the nitty-gritty of this attack and find out how to defend your environment.
3ïžâ£ Jumpcloud's dance with North Korea: A supply chain saga ðïž -âJoin us as we uncover the tale of Jumpcloud's breach and its uncanny link to North Korea. Dive deep into the investigation with us.
ãªãœãŒã¹
- https://www.wiz.io/blog/ubuntu-overlayfs-vulnerability
- https://ubuntu.com/security/CVE-2023-2640
- https://ubuntu.com/security/CVE-2023-32629
- https://www.cadosecurity.com/redis-p2pinfect/
- https://unit42.paloaltonetworks.com/peer-to-peer-worm-p2pinfect/
- https://www.mandiant.com/resources/blog/north-korea-supply-chain
- https://www.sentinelone.com/labs/jumpcloud-intrusion-attacker-infrastructure-links-compromise-to-north-korean-apt-activity/
- https://jumpcloud.com/blog/security-update-incident-details
- https://jumpcloud.com/support/july-2023-iocs
- https://github.blog/2023-07-18-security-alert-social-engineering-campaign-targets-technology-industry-employees/
- https://blog.phylum.io/sophisticated-ongoing-attack-discovered-on-npm/
ãã®ä»ã®ãšããœãŒã
"Crying Out Cloud" ã¯ãã¥ãŒã¹ã¬ã¿ãŒã§ããããŸãïŒ
å®å šãšæ å ±åéïŒ ææ°ã®ã¯ã©ãŠãã»ãã¥ãªã㣠ãã¥ãŒã¹ãå®éã®æ»æã®ã€ã³ãµã€ããç°å¢ãä¿è·ããããã®å°é家ã®ã¬ã€ãã³ã¹ããå±ãããŸãã
ã²ãŒã ãã§ã³ãžã®ãã¥ãŒã¹
æ¥çãæºããã泚æãå¿ èŠãšããææ°ã®ã¯ã©ãŠãã»ãã¥ãªãã£ã®è匱æ§ãšã€ãããŒã·ã§ã³ããŸãšããŸããã
ãŠããŒã¯ãª Wiz ã€ã³ãµã€ã
å®éã®ã¯ã©ãŠãç°å¢ã§æ€åºãããå®éã®æ»æçµè·¯ããã®çµ±èšã«åºã¥ããŠã調æ»ããŒã¿ã®å éšã®æ§åã§ãã
æŠéãã¹ãã®ã¢ããã€ã¹
åŒç€Ÿã®è åšèª¿æ»ããŒã ããã®ãã³ãã¯ã埡瀟ã®ããŒã¿æŒæŽ©ãé²ãæ¹æ³ãšãã¯ã©ãŠãã»ãã¥ãªãã£æŠç¥å šäœãæ¹åããæ¹æ³ã§ãã
ã¯ã©ãŠãã»ãã¥ãªãã£ã®ææ°æ å ±ãåä¿¡ãã¬ã€ã«çŽæ¥åä¿¡ããã«ã¯ããµã€ã³ã¢ããããŠãã ãã