![Dragon Cloud Security Podcast artwork](https://is3-ssl.mzstatic.com/image/thumb/Podcasts125/v4/f5/bb/79/f5bb79c8-0851-e52d-4444-ccc2c6651c3b/mza_17799935531748740141.jpg/100x100bb.jpg)
GitHub Actions Security Best Practices, TeamTNT Malicious Docker Image, AWS WF Bug, NPM Malware, Discourse SNS RCE
Dragon Cloud Security Podcast
English - October 26, 2021 10:00 - 7 minutes - 5.39 MBTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Intro
Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597
ArticlesTeam TNT Deploys Malicious Docker Image On Docker Hub - https://www.uptycs.com/blog/team-tnt-deploys-malicious-docker-image-on-docker-hub-with-pentesting-tools
Attacking and Securing CI/CD Pipeline - https://speakerdeck.com/rung/cd-pipeline, https://github.com/rung/threat-matrix-cicd
Github Actions Security Best Practices - https://engineering.salesforce.com/github-actions-security-best-practices-b8f9df5c75f5
GitHub Actions for security and compliance - https://github.blog/2021-10-22-github-actions-for-security-compliance/
How to improve your Docker containers security [cheat sheet included] - https://blog.gitguardian.com/how-to-improve-your-docker-containers-security-cheat-sheet/
Container security best practices: Comprehensive guide - https://sysdig.com/blog/container-security-best-practices/
Securing Kubernetes Secrets with Conjur - https://www.infracloud.io/blogs/securing-kubernetes-secrets-conjur/
Introducing the new Azure SDK Resource Management Libraries for .NET - https://devblogs.microsoft.com/azure-sdk/introducing-the-new-azure-sdk-resource-management-libraries-for-net/
A Scientific Notation Bug in MySQL left AWS WAF Clients Vulnerable to SQL Injection - https://www.gosecure.net/blog/2021/10/19/a-scientific-notation-bug-in-mysql-left-aws-waf-clients-vulnerable-to-sql-injection/
Protecting Microsoft 365 from on-premises attacks - https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/protect-m365-from-on-premises-attacks
Franken-phish: TodayZoo built from other phishing kits - https://www.microsoft.com/security/blog/2021/10/21/franken-phish-todayzoo-built-from-other-phishing-kits/
Microsoft 365 will get support for custom ARC configurations - https://www.bleepingcomputer.com/news/microsoft/microsoft-365-will-get-support-for-custom-arc-configurations/
Managing permissions for Log Analytics and Workbooks - https://msendpointmgr.com/2021/10/23/managing-permissions-for-log-analytics-and-workbooks/
Malware found in npm package with millions of weekly downloads - https://therecord.media/malware-found-in-npm-package-with-millions-of-weekly-downloads/
Discourse SNS webhook RCE - https://0day.click/recipe/discourse-sns-rce/
ToolsGrype - https://github.com/anchore/grype
AWS Lambda - IAM Access Key Disabler - https://github.com/te-papa/aws-key-disabler
KubExplorer - https://github.com/Pscheidl/kubexplorer
Failed logon attempts originating from public IP addresses - https://github.com/alexverboon/MDATP/blob/master/AdvancedHunting/Failed%20Logon%20-%20Public%20IP.md
RBAC Tool For Kubernetes - https://github.com/alcideio/rbac-tool
VirusTotal Behavior with Microsoft Sysmon Detonation - https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/VirusTotal%20File%20Behavior%20Explorer%20-%20MS%20and%20Sysmon%20detonation.ipynb
OutroThat’s all for this episode. Thank you for listening and have a secure day!