Dragon Cloud Security Podcast artwork

Google VRP Bugs, NSG Flow Logs,GCP Org Policies, NSA Kubernetes Hardening Guidance, Teams are Just Networks

Dragon Cloud Security Podcast

English - October 11, 2021 21:00 - 6 minutes - 4.61 MB
Technology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Azure AD Logon Brute Force, Trystero, IAMVulnerable, RBAC in Kubernetes, Ransom Risk MGMT in AWS
Next Episode: Kubernetes Notebooks and checklists, K8 Hacking Book, GitHub Actions Vulnerability, TwitchLeak analysis, Azure Priv Esc

Intro

Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597

Articles

kdigger: a Context Discovery Tool for Kubernetes - https://blog.quarkslab.com/kdigger-a-context-discovery-tool-for-kubernetes.html

Azure AD and Windows Hello: SSO to on-premise resources - https://katystech.blog/2021/10/azure-ad-and-windows-hello-sso-to-on-premise-resources/

CVE-2021-26420: REMOTE CODE EXECUTION IN SHAREPOINT VIA WORKFLOW COMPILATION - https://www.zerodayinitiative.com/blog/2021/10/5/cve-2021-26420-remote-code-execution-in-sharepoint-via-workflow-compilation

Understanding Azure Logs from a security perspective — Part 2 — NSG Flow Logs - https://davidokeyode.medium.com/understanding-azure-logs-from-a-security-perspective-part-2-nsg-flow-logs-3edc5c42f39a

4 Weird Google VRP Bugs in 40 Minutes - Hacktivity 2021 - https://www.youtube.com/watch?v=nP_y-Z-FXr0

AWS Backup adds an additional layer for backup protection with the availability of AWS Backup Vault Lock - https://aws.amazon.com/about-aws/whats-new/2021/10/aws-backup-backup-protection-aws-backup-vault-lock/

Time to Move Off Exchange Online DLP Policies - https://practical365.com/time-migrate-exchange-dlp-policies/

Common Conditional Access policies - https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policy-common

How to use Azure Monitor workbooks for Azure Active Directory reports - https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/howto-use-azure-monitor-workbooks

Microsoft MFA Adoption Numbers - https://twitter.com/ryanaraine/status/1446182370336403456

Drift detection tools: Terraform vs CloudFormation vs Bridgecrew - https://bridgecrew.io/blog/drift-detection-tools-terraform-vs-cloudformation-vs-bridgecrew/

$5000 Google IDOR Vulnerability Writeup - https://infosecwriteups.com/5000-google-idor-vulnerability-writeup-c7b45926abe9

A Closer Look at NSA/CISA Kubernetes Hardening Guidance - https://kubernetes.io/blog/2021/10/05/nsa-cisa-kubernetes-hardening-guidance/

Engineering Teams Are Just Networks - https://bellmar.medium.com/engineering-teams-are-just-networks-1fc16058879a

Reverse engineering and decrypting CyberArk vault credential files - https://jellevergeer.com/reverse-engineering-and-decrypting-cyberark-vault-credential-files/

Serverless Policy Enforcement: Connecting OPA and AWS Lambda - https://blog.openpolicyagent.org/serverless-policy-enforcement-connecting-opa-and-aws-lambda-e624f7176a3

Protect Your GitHub Actions with Semgrep - https://r2c.dev/blog/2021/protect-your-github-actions-with-semgrep/

Org Policies by default - https://medium.com/google-cloud/org-policies-by-default-3adc0c8925b0

Encryption with Transit Data Keys - https://medium.com/hashicorp-engineering/encryption-with-transit-data-keys-bfe5241ae194

Tools

CFN-diagram - https://github.com/mhlabs/cfn-diagram

CLI tool to visualise CloudFormation/SAM/CDK templates as diagrams.

Outro

That’s all for this episode. Thank you for listening and have a secure day!

Twitter Mentions