Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597 and http://blackwombat.com  ..read more

Intro Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: http://blackwombat.com/2021/11/08/dragon-cloud-security-podcast-s01e11/ Outro That’s all for this episode. Thank you for listening and have a secure day ..read more

Intro Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597 This episode: http://blackwombat.com/2021/11/03/dragon-cloud-security-podcast-s01e10/ Articles Abusing Registries For Exfil And Droppers - https://www.antitree.com/2021/10/abusing-registries-for-exfil-and-droppers/  Kaspersky's stolen Amazon SES token used in Office 365 phishing - https://www.bleepingcomputer.com/news/security ..read more

Intro Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597 Articles Team TNT Deploys Malicious Docker Image On Docker Hub - https://www.uptycs.com/blog/team-tnt-deploys-malicious-docker-image-on-docker-hub-with-pentesting-tools  Attacking and Securing CI/CD Pipeline - https://speakerdeck.com/rung/cd-pipeline, https://github.com/rung/threat-matrix-cicd  Github Actions Security Bes ..read more

Intro Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597 Articles Automating the deployment of Sysmon for Linux and Azure Sentinel in a lab environment - https://techcommunity.microsoft.com/t5/azure-sentinel/automating-the-deployment-of-sysmon-for-linux-and-azure-sentinel/ba-p/2847054  The @fwdcloudsec 2021 talk videos are now up on YouTube - https://www.youtube.com/playlist?list=PL ..read more

Intro Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597 Articles kdigger: a Context Discovery Tool for Kubernetes - https://blog.quarkslab.com/kdigger-a-context-discovery-tool-for-kubernetes.html Azure AD and Windows Hello: SSO to on-premise resources - https://katystech.blog/2021/10/azure-ad-and-windows-hello-sso-to-on-premise-resources/ CVE-2021-26420: REMOTE CODE EXECUTION IN SHAREPO ..read more

Cloud Security Podcast – S01E05 URLs Only Intro Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597 Articles Introducing the Ransomware Risk Management on AWS Whitepaper - https://aws.amazon.com/blogs/security/introducing-the-ransomware-risk-management-on-aws-whitepaper/   Configuring RBAC in Kubernetes - https://kubelist.com/issue/142/   Breaking Azure AD joined endpoints in ze ..read more

Intro Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597 Articles Basic Authentication for All Exchange Online Tenants Stops in October 2022 - https://office365itpros.com/2021/09/24/basic-authentication-exchange-online-tenants-stops-october-2022/ AWS WorkSpaces Remote Code Execution - https://rhinosecuritylabs.com/aws/cve-2021-38112-aws-workspaces-rce/ Revisiting Lambda Persistence - ht ..read more

Intro Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597 Articles “Secret” Agent Exposes Azure Customers To Unauthorized Code Execution - https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution; https://github.com/horizon3ai/CVE-2021-38647 Office365 Attacks: Bypassing MFA, Achieving Persistence and More - https://www.inversecos.com/2021/09/office365-at ..read more

Intro Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597 Articles I Analysed 100+ Cloud Job Descriptions: Here's What I Discovered - https://www.youtube.com/watch?v=IjYo-LS6lVY IAM Vulnerable - An AWS IAM Privilege Escalation Playground - https://labs.bishopfox.com/tech-blog/iam-vulnerable-an-aws-iam-privilege-escalation-playground GODFATHER OF LOGGING - https://call4cloud.nl/2021/09/god ..read more