Kubernetes Notebooks and checklists, K8 Hacking Book, GitHub Actions Vulnerability, TwitchLeak analysis, Azure Priv Esc
Dragon Cloud Security Podcast
English - October 18, 2021 22:00 - 7 minutes - 5.04 MBTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Intro
Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597
ArticlesAutomating the deployment of Sysmon for Linux and Azure Sentinel in a lab environment - https://techcommunity.microsoft.com/t5/azure-sentinel/automating-the-deployment-of-sysmon-for-linux-and-azure-sentinel/ba-p/2847054
The @fwdcloudsec 2021 talk videos are now up on YouTube - https://www.youtube.com/playlist?list=PLCPCP1pNWD7Ofg8prNuVasGIwkKB3Ejhw
Kubernetes Security Notebooks - https://github.com/thomasfricke/training-kubernetes-security
H4ck1ng Kubern3tes Book - https://hacking-kubernetes.info/
Kubernetes Security Checklist and Requirements - https://github.com/Vinum-Security/kubernetes-security-checklist
5 common Kubernetes misconfigs and how to fix them - https://bridgecrew.io/blog/5-common-kubernetes-misconfigs-and-how-to-fix-them/
Bypassing required reviews using GitHub Actions - https://medium.com/cider-sec/bypassing-required-reviews-using-github-actions-6e1b29135cc7
AWS WAF's Dangerous Defaults - https://osamaelnaggar.com/blog/aws_waf_dangerous_defaults/
CREATING A MALICIOUS AZURE AD OAUTH2 APPLICATION - https://www.trustedsec.com/blog/creating-a-malicious-azure-ad-oauth2-application/
Building an end-to-end Kubernetes-based DevSecOps software factory on AWS - https://aws.amazon.com/blogs/devops/building-an-end-to-end-kubernetes-based-devsecops-software-factory-on-aws/
Implementation of DevSecOps for a Microservices-based Application with Service Mesh - https://csrc.nist.gov/publications/detail/sp/800-204c/draft
TwitchLeak from AWS Security Consultant view- https://twitter.com/zoph/status/1446474797693628424
The Threat of Ransomware to S3 Buckets - https://ermetic.com/blog/aws/new-research-the-urgent-threat-of-ransomware-to-s3-buckets/
Centralised audit logs in GCP in a secure environment with VPC Service Controls - https://medium.com/google-cloud/centralised-audit-logs-in-gcp-in-a-secure-environment-with-vpc-service-controls-5a25cd00441
Azure Privilege Escalation via Service Principal Abuse - https://posts.specterops.io/azure-privilege-escalation-via-service-principal-abuse-210ae2be2a5
Designing Least Privilege AWS IAM Policies for People - https://www.iampulse.com/t/designing-least-privilege-aws-iam-policies-for-people
Remotely Access your Kubernetes Lab with Cloudflare Tunnel - https://www.marcolancini.it/2021/blog-kubernetes-lab-cloudflare-tunnel/
Hacking AWS end-to-end – remastered - https://www.youtube.com/watch?v=8ZXRw4Ry3mQ
Use Kubescape to check if your Kubernetes clusters are exposed to the latest K8s Symlink vulnerability (CVE-2021-25741) - https://www.armosec.io/blog/kubescape-checks-if-kubernetes-exposed-to-k8s-symlink-vulnerability-cve202125741
ToolsKQL query to detect HandleKatz - https://bluepurple.substack.com/p/bluepurple-pulse-week-ending-october-517
Snowcat - https://github.com/praetorian-inc/snowcat
Minik8s-ctf - https://github.com/quarkslab/minik8s-ctf
MilestoneAnd a good news before I end the podcast. The podcast has reached 215 downloads! Thanks everyone for listening!
OutroThat’s all for this episode. Thank you for listening and have a secure day!