March 26, 2024

CROC News: Malicious Repos, Bandwidth Theft, & NVD or NoVD?

Listen Later

31 minutes

🎙️ What is a better way to stay updated on cloud security than a NEW Crying Out Cloud episode!

Join Eden Naftali and Amitai Cohen as they explore what is new and 🔥:

👾 Open-source repos flooded by malicious code.

💻 What is to become of the National Vulnerability Database?

⛓️ Proof of bandwidth cryptojacking

🛠️ Critical vulnerabilities discovered in popular CI/CD tool

Links:

https://apiiro.com/blog/malicious-code-campaign-github-repo-confusion-attack/

https://github.blog/2024-02-29-keeping-secrets-out-of-public-repositories/

https://research.openanalysis.net/github/lua/2024/03/03/lua-malware.html

https://resilientcyber.substack.com/p/death-knell-of-the-nvd

https://sysdig.com/blog/cloud-threats-deploying-crypto-cdn/

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Crying Out Cloud

By Wiz

4.8

2121 ratings

March 26, 2024

CROC News: Malicious Repos, Bandwidth Theft, & NVD or NoVD?

Listen Later

31 minutes

🎙️ What is a better way to stay updated on cloud security than a NEW Crying Out Cloud episode!

Join Eden Naftali and Amitai Cohen as they explore what is new and 🔥:

👾 Open-source repos flooded by malicious code.

💻 What is to become of the National Vulnerability Database?

⛓️ Proof of bandwidth cryptojacking

🛠️ Critical vulnerabilities discovered in popular CI/CD tool

Links:

https://apiiro.com/blog/malicious-code-campaign-github-repo-confusion-attack/

https://github.blog/2024-02-29-keeping-secrets-out-of-public-repositories/

https://research.openanalysis.net/github/lua/2024/03/03/lua-malware.html

https://resilientcyber.substack.com/p/death-knell-of-the-nvd

https://sysdig.com/blog/cloud-threats-deploying-crypto-cdn/

...more

More shows like Crying Out Cloud

This American Life by This American Life

This American Life

91,256 Listeners

Hidden Brain by Hidden Brain, Shankar Vedantam

Hidden Brain

43,607 Listeners

Risky Business by Risky Business Media

Risky Business

373 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

652 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,025 Listeners

The Daily by The New York Times

The Daily

113,520 Listeners

Screaming in the Cloud by Corey Quinn

Screaming in the Cloud

92 Listeners

Hacking Humans by N2K Networks

Hacking Humans

316 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

194 Listeners

Practical AI by Practical AI LLC

Practical AI

212 Listeners

Three Buddy Problem by Security Conversations

Three Buddy Problem

61 Listeners

Risky Bulletin by Risky Business Media

Risky Bulletin

45 Listeners

Prof G Markets by Vox Media Podcast Network

Prof G Markets

1,480 Listeners