November 30, 2023

#13 - Leaky CLIs, glitchy CPUs and risky HARs

Listen Later

23 minutes

🎙️ NEW PODCAST EPISODE ALERT!

Eden and Amitai are back with another wild ride through the cloudy skies on "Crying Out Cloud"!

Here's the scoop for today's adventure:

01:36 - Okta Support System Compromise: 🕵️‍♂️

We unravel the mystery surrounding an unknown threat actor's access to Okta's customer support system. What's an HAR file, and why should you care?

06:30 - Azure CLI Credential Leak (CVE-2023-36052): 💻

Get the lowdown on Microsoft's Azure CLI vulnerability and how this leak happened, why defaults matter, and what the patch means for your Azure CLI setup.

13:17 - Reptar and Cachewarp CPU Vulnerabilities: 💡

CPU vulnerabilities are a trend we can't ignore! Discover why Reptar and Cachewarp CPU vulnerabilities might sound daunting but aren't necessarily the cloud apocalypse. Plus, the juicy details on who's patched and who's snoozing on this issue

Links:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36052
https://cloud.google.com/blog/products/identity-security/google-researchers-discover-reptar-a-new-cpu-vulnerability
https://lock.cmpxchg8b.com/reptar.html
https://cachewarpattack.com/
https://sec.okta.com/harfiles

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Crying Out Cloud

By Wiz

4.8

1717 ratings

November 30, 2023

#13 - Leaky CLIs, glitchy CPUs and risky HARs

Listen Later

23 minutes

🎙️ NEW PODCAST EPISODE ALERT!

Eden and Amitai are back with another wild ride through the cloudy skies on "Crying Out Cloud"!

Here's the scoop for today's adventure:

01:36 - Okta Support System Compromise: 🕵️‍♂️

We unravel the mystery surrounding an unknown threat actor's access to Okta's customer support system. What's an HAR file, and why should you care?

06:30 - Azure CLI Credential Leak (CVE-2023-36052): 💻

Get the lowdown on Microsoft's Azure CLI vulnerability and how this leak happened, why defaults matter, and what the patch means for your Azure CLI setup.

13:17 - Reptar and Cachewarp CPU Vulnerabilities: 💡

CPU vulnerabilities are a trend we can't ignore! Discover why Reptar and Cachewarp CPU vulnerabilities might sound daunting but aren't necessarily the cloud apocalypse. Plus, the juicy details on who's patched and who's snoozing on this issue

Links:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36052
https://cloud.google.com/blog/products/identity-security/google-researchers-discover-reptar-a-new-cpu-vulnerability
https://lock.cmpxchg8b.com/reptar.html
https://cachewarpattack.com/
https://sec.okta.com/harfiles

...more

More shows like Crying Out Cloud

Security Now (Audio) by TWiT

Security Now (Audio)

1,971 Listeners

Risky Business by Patrick Gray

Risky Business

360 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

627 Listeners

a16z Podcast by Andreessen Horowitz

a16z Podcast

1,032 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,006 Listeners

AWS Podcast by Amazon Web Services

AWS Podcast

202 Listeners

Smashing Security by Graham Cluley & Carole Theriault

Smashing Security

310 Listeners

Click Here by Recorded Future News

Click Here

406 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,873 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

167 Listeners

Kubernetes Podcast from Google by Abdel Sghiouar, Kaslin Fields

Kubernetes Podcast from Google

181 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

187 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

74 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

127 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

33 Listeners