Ep. 6 of "Crying Out Cloud" is now LIVE — and it's a thriller! 🤯

1:42 📬 Chinese Hackers Steal US Gov Emails

12:53 🧨 Silent Bob & the Team TNT Comeback

18:41 🇷🇺 Russian Hackers Exploit Office Zero Day

26:10 🐍 Footloose's 2023 Object-Oriented Sequel: PyLoose

Important links:

https://msrc.microsoft.com/blog/2023/07/microsoft-mitigates-china-based-threat-actor-storm-0558-targeting-of-customer-email/

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-193a

https://blogs.microsoft.com/on-the-issues/2023/07/11/mitigation-china-based-threat-actor/

https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/

https://www.wired.com/story/microsoft-cloud-attack-china-hackers/

https://arstechnica.com/security/2023/07/microsoft-takes-pains-to-obscure-role-in-0-days-that-caused-email-breach/

https://blog.aquasec.com/threat-alert-anatomy-of-silentbobs-cloud-attack

https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign

https://permiso.io/blog/s/agile-approach-to-mass-cloud-cred-harvesting-and-cryptomining/

https://www.sentinelone.com/labs/cloudy-with-a-chance-of-credentials-aws-targeting-cred-stealer-expands-to-azure-gcp/

https://twitter.com/AbbyMCH/status/1679509312132005888

https://sysdig.com/blog/scarleteel-2-0/

https://twitter.com/maddiestone/status/1678843059294076928

https://www.microsoft.com/en-us/security/blog/2023/07/11/storm-0978-attacks-reveal-financial-and-espionage-motives/

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884

https://twitter.com/cyb3rops/status/1680962212804939776

https://twitter.com/serghei/status/1679246339698315265

https://www.wiz.io/blog/pyloose-first-python-based-fileless-attack-on-cloud-workloads