November 30, 2023

#13 - Leaky CLIs, glitchy CPUs and risky HARs

Listen Later

23 minutes

🎙️ NEW PODCAST EPISODE ALERT!

Eden and Amitai are back with another wild ride through the cloudy skies on "Crying Out Cloud"!

Here's the scoop for today's adventure:

01:36 - Okta Support System Compromise: 🕵️‍♂️

We unravel the mystery surrounding an unknown threat actor's access to Okta's customer support system. What's an HAR file, and why should you care?

06:30 - Azure CLI Credential Leak (CVE-2023-36052): 💻

Get the lowdown on Microsoft's Azure CLI vulnerability and how this leak happened, why defaults matter, and what the patch means for your Azure CLI setup.

13:17 - Reptar and Cachewarp CPU Vulnerabilities: 💡

CPU vulnerabilities are a trend we can't ignore! Discover why Reptar and Cachewarp CPU vulnerabilities might sound daunting but aren't necessarily the cloud apocalypse. Plus, the juicy details on who's patched and who's snoozing on this issue

Links:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36052
https://cloud.google.com/blog/products/identity-security/google-researchers-discover-reptar-a-new-cpu-vulnerability
https://lock.cmpxchg8b.com/reptar.html
https://cachewarpattack.com/
https://sec.okta.com/harfiles

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Crying Out Cloud

By Wiz

4.8

2121 ratings

November 30, 2023

#13 - Leaky CLIs, glitchy CPUs and risky HARs

Listen Later

23 minutes

🎙️ NEW PODCAST EPISODE ALERT!

Eden and Amitai are back with another wild ride through the cloudy skies on "Crying Out Cloud"!

Here's the scoop for today's adventure:

01:36 - Okta Support System Compromise: 🕵️‍♂️

We unravel the mystery surrounding an unknown threat actor's access to Okta's customer support system. What's an HAR file, and why should you care?

06:30 - Azure CLI Credential Leak (CVE-2023-36052): 💻

Get the lowdown on Microsoft's Azure CLI vulnerability and how this leak happened, why defaults matter, and what the patch means for your Azure CLI setup.

13:17 - Reptar and Cachewarp CPU Vulnerabilities: 💡

CPU vulnerabilities are a trend we can't ignore! Discover why Reptar and Cachewarp CPU vulnerabilities might sound daunting but aren't necessarily the cloud apocalypse. Plus, the juicy details on who's patched and who's snoozing on this issue

Links:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36052
https://cloud.google.com/blog/products/identity-security/google-researchers-discover-reptar-a-new-cpu-vulnerability
https://lock.cmpxchg8b.com/reptar.html
https://cachewarpattack.com/
https://sec.okta.com/harfiles

...more

More shows like Crying Out Cloud

This American Life by This American Life

This American Life

90,963 Listeners

Hidden Brain by Hidden Brain, Shankar Vedantam

Hidden Brain

43,594 Listeners

Risky Business by Risky Business Media

Risky Business

376 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

649 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,026 Listeners

The Daily by The New York Times

The Daily

112,191 Listeners

Screaming in the Cloud by Corey Quinn

Screaming in the Cloud

92 Listeners

Hacking Humans by N2K Networks

Hacking Humans

314 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

192 Listeners

Practical AI by Practical AI LLC

Practical AI

213 Listeners

Three Buddy Problem by Security Conversations

Three Buddy Problem

61 Listeners

Risky Bulletin by Risky Business Media

Risky Bulletin

45 Listeners

Prof G Markets by Vox Media Podcast Network

Prof G Markets

1,486 Listeners