Dragon Cloud Security Podcast artwork

Free CA, AWS Priv Esc, Enum, Hopper, Vault AppRole, AWS Cert Challange

Dragon Cloud Security Podcast

English - September 06, 2021 20:00 - 11 minutes - 7.64 MB
Technology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: ChaosDB, S3 threat model, Attacking Azure AD, Illogical Apps
Next Episode: Azurescape, GCP Vuln, Cloud Ransomware, JIRA RCE, gcpHound

Intro

Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597

Articles

Backdoor Office 365 and Active Directory - Golden -SAML - https://www.inversecos.com/2021/09/backdooring-office-365-and-active.html

More than 10% of Firebase databases are open and exposing data – https://therecord.media/more-than-10-of-firebase-databases-are-open-and-exposing-data/

Here's another free CA as an alternative to Let's Encrypt! – https://scotthelme.co.uk/heres-another-free-ca-as-an-alternative-to-lets-encrypt/

How MarkMonitor left >60,000 domains for the taking – https://ian.sh/markmonitor

8 easy steps to improve your security posture in Azure – https://github.com/maartengoet/presentations/blob/master/2020_12_vacd_8_easy_steps_to_improve_your_security_posture_in_azure.pdf, https://www.youtube.com/watch?v=EhN47QxKs9o

Multi-Cloud Drift Detection powered by Yor: Automated infrastructure drift monitoring and fixes – https://bridgecrew.io/blog/multi-cloud-drift-detection-automated-fixes/

Looking at the Kubernetes Control Plane for Multi-Tenancy - https://engineering.salesforce.com/looking-at-the-kubernetes-control-plane-for-multi-tenancy-88914cd7aa89

The Art of the Device Code Phish - https://0xboku.com/2021/07/12/ArtOfDeviceCodePhish.html

IAM enumeration - https://twitter.com/donkersgood/status/1433148548565151748

Container CVE list - https://www.container-security.site/general_information/container_cve_list.html

Inside Figma: getting out of the (secure) shell - https://www.figma.com/blog/inside-figma-getting-out-of-the-secure-shell/

Introducing AWS Security Analytics Bootstrap - https://aws.amazon.com/blogs/opensource/introducing-aws-security-analytics-bootstrap/

Blocking PowerShell for EDU Tenants - https://docs.microsoft.com/en-us/schooldatasync/blocking-powershell-for-edu

AWS privilege escalation: exploring odd features of the Trust Policy - https://medium.com/inside-the-tech-by-softserve/aws-privilege-escalation-exploring-odd-features-of-the-trust-policy-7a970a32861

AWS Security Hub Automated Response and Remediation - https://aws.amazon.com/solutions/implementations/aws-security-hub-automated-response-and-remediation/

Hopper Modelling and Detecting Lateral Movement- https://arxiv.org/pdf/2105.13442.pdf

Security Implication of Root principal in AWS - https://niebardzo.github.io/2021-08-23-root-principal-in-aws/

How (and Why) to Use AppRole Correctly in HashiCorp Vault - https://www.hashicorp.com/blog/how-and-why-to-use-approle-correctly-in-hashicorp-vault

CVE-2021-26084 Remote Code Execution on Confluence Servers - https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md, https://github.com/h3v0x/CVE-2021-26084_Confluence

Get AWS Certified: Solutions Architect Challenge - https://pages.awscloud.com/GLOBAL_TRAINCERT_takethechallenge.html

Beginner Cloud & DevOps resources that are free - https://twitter.com/simonholdorf/status/1432737611181957124

45% on Microsoft Books - https://twitter.com/MicrosoftPress/status/1432729613877264387

Tools

Cluster Image Scanner
Jir-thief
Racoon
STACS
Sgcheckup 


Outro

That’s all for this episode. Thank you for listening and have a secure day!

Twitter Mentions