Dragon Cloud Security Podcast artwork

Containers Breakout, Kaspersky SES stolen, Supply Chain Attack Defense, MFA, Semgrep

Dragon Cloud Security Podcast

English - November 03, 2021 23:00 - 25 seconds - 338 KB
Technology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: GitHub Actions Security Best Practices, TeamTNT Malicious Docker Image, AWS WF Bug, NPM Malware, Discourse SNS RCE
Next Episode: Canarytokens, Evolve Zero Trust Microsoft Whitepaper, Helm Scanner, Semgrep with Terraform

Intro

Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597
This episode: http://blackwombat.com/2021/11/03/dragon-cloud-security-podcast-s01e10/

Articles

Abusing Registries For Exfil And Droppers - https://www.antitree.com/2021/10/abusing-registries-for-exfil-and-droppers/

 Kaspersky's stolen Amazon SES token used in Office 365 phishing - https://www.bleepingcomputer.com/news/security/kasperskys-stolen-amazon-ses-token-used-in-office-365-phishing/

 AWS SSO Tutorial with Google Workspace (Gsuite) as an IdP Step-by-Step - https://www.cloudquery.io/blog/aws-sso-tutorial-with-google-workspace-as-an-idp

 Introducing Quiet Riot - https://blog.traingrc.com/introducing-quiet-riot-c595cfa629e

 Protect your open source project from supply chain attacks - https://opensource.googleblog.com/2021/10/protect-your-open-source-project-from-supply-chain-attacks.html?m=1

 Adding Location To Azure AD MFA - https://c7solutions.com/2021/10/adding-location-to-azure-ad-mfa

 MFA AUTHENTICATOR: FOREVER! - https://call4cloud.nl/2021/10/mfa-authenticator-forever/

 Container Breakouts – Part 2: Privileged Container - https://blog.nody.cc/posts/container-breakouts-part2/

 Keynote: Project Trebuchet: How SolarWinds is Using Open Source to Secure Their Supp... Trevor Rosen - https://www.youtube.com/watch?v=1-tMRxqMwTQ

 Microsoft Information Protection (MIP) Ninja Training - https://techcommunity.microsoft.com/t5/security-compliance-and-identity/the-microsoft-information-protection-mip-ninja-training-is-here/ba-p/2887478

 Azure Policy-as-Code Pattern Documentation - https://globalbao.github.io/azure-policy-as-code/

 Best practices for deploying highly available apps in Kubernetes. Part 1 - https://blog.flant.com/best-practices-for-deploying-highly-available-apps-in-kubernetes-part-1/

 Enumerating Services in AWS Accounts in an Anonymous and Unauthenticated Manner - https://sidechannel.blog/en/enumerating-services-in-aws-accounts-in-an-anonymous-and-unauthenticated-manner/index.html

 AZURE SENTINEL INTERNALS: INCIDENTS - https://emptydc.com/2021/10/28/azure-sentinel-internals-incidents/

 Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD - https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover

 Protect your business from password sprays with Microsoft DART recommendations - https://www.microsoft.com/security/blog/2021/10/26/protect-your-business-from-password-sprays-with-microsoft-dart-recommendations/

 A Hands-On Intro to Semgrep's Autofix - https://parsiya.net/blog/2021-10-25-a-hands-on-intro-to-semgreps-autofix/

 Achieving least-privilege at FollowAnalytics with Repokid, Aardvark and ConsoleMe - https://medium.com/followanalytics/granting-least-privileges-at-followanalytics-with-repokid-aardvark-and-consoleme-895d8daf604a

  

Tools

semgrep-rules - https://github.com/returntocorp/semgrep-rules

MFASweep - https://github.com/dafthack/MFASweep

decode-spam-headers.py - https://github.com/mgeeky/decode-spam-headers

driftctl - https://github.com/cloudskiff/driftctl

camp - https://github.com/tenchi-security/camp

AWS Secure Environment Accelerator - https://github.com/aws-samples/aws-secure-environment-accelerator

Hcltm - https://github.com/xntrik/hcltm

 

Outro

That’s all for this episode. Thank you for listening and have a secure day!