Sign up to save your podcasts
Or
Share GitHub Actions Security Best Practices, TeamTNT Malicious Docker Image, AWS WF Bug, NPM Malware, Discourse SNS RCE
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
GitHub Actions Security Best Practices, TeamTNT Malicious Docker Image, AWS WF Bug, NPM Malware, Discourse SNS RCE
Intro
Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597
ArticlesTeam TNT Deploys Malicious Docker Image On Docker Hub - https://www.uptycs.com/blog/team-tnt-deploys-malicious-docker-image-on-docker-hub-with-pentesting-tools
Attacking and Securing CI/CD Pipeline - https://speakerdeck.com/rung/cd-pipeline, https://github.com/rung/threat-matrix-cicd
Github Actions Security Best Practices - https://engineering.salesforce.com/github-actions-security-best-practices-b8f9df5c75f5
GitHub Actions for security and compliance - https://github.blog/2021-10-22-github-actions-for-security-compliance/
How to improve your Docker containers security [cheat sheet included] - https://blog.gitguardian.com/how-to-improve-your-docker-containers-security-cheat-sheet/
Container security best practices: Comprehensive guide - https://sysdig.com/blog/container-security-best-practices/
Securing Kubernetes Secrets with Conjur - https://www.infracloud.io/blogs/securing-kubernetes-secrets-conjur/
Introducing the new Azure SDK Resource Management Libraries for .NET - https://devblogs.microsoft.com/azure-sdk/introducing-the-new-azure-sdk-resource-management-libraries-for-net/
A Scientific Notation Bug in MySQL left AWS WAF Clients Vulnerable to SQL Injection - https://www.gosecure.net/blog/2021/10/19/a-scientific-notation-bug-in-mysql-left-aws-waf-clients-vulnerable-to-sql-injection/
Protecting Microsoft 365 from on-premises attacks - https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/protect-m365-from-on-premises-attacks
Franken-phish: TodayZoo built from other phishing kits - https://www.microsoft.com/security/blog/2021/10/21/franken-phish-todayzoo-built-from-other-phishing-kits/
Microsoft 365 will get support for custom ARC configurations - https://www.bleepingcomputer.com/news/microsoft/microsoft-365-will-get-support-for-custom-arc-configurations/
Managing permissions for Log Analytics and Workbooks - https://msendpointmgr.com/2021/10/23/managing-permissions-for-log-analytics-and-workbooks/
Malware found in npm package with millions of weekly downloads - https://therecord.media/malware-found-in-npm-package-with-millions-of-weekly-downloads/
Discourse SNS webhook RCE - https://0day.click/recipe/discourse-sns-rce/
ToolsGrype - https://github.com/anchore/grype
AWS Lambda - IAM Access Key Disabler - https://github.com/te-papa/aws-key-disabler
KubExplorer - https://github.com/Pscheidl/kubexplorer
Failed logon attempts originating from public IP addresses - https://github.com/alexverboon/MDATP/blob/master/AdvancedHunting/Failed%20Logon%20-%20Public%20IP.md
RBAC Tool For Kubernetes - https://github.com/alcideio/rbac-tool
VirusTotal Behavior with Microsoft Sysmon Detonation - https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/VirusTotal%20File%20Behavior%20Explorer%20-%20MS%20and%20Sysmon%20detonation.ipynb
OutroThat’s all for this episode. Thank you for listening and have a secure day!
View all episodes
By wucpiIntro
Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597
ArticlesTeam TNT Deploys Malicious Docker Image On Docker Hub - https://www.uptycs.com/blog/team-tnt-deploys-malicious-docker-image-on-docker-hub-with-pentesting-tools
Attacking and Securing CI/CD Pipeline - https://speakerdeck.com/rung/cd-pipeline, https://github.com/rung/threat-matrix-cicd
Github Actions Security Best Practices - https://engineering.salesforce.com/github-actions-security-best-practices-b8f9df5c75f5
GitHub Actions for security and compliance - https://github.blog/2021-10-22-github-actions-for-security-compliance/
How to improve your Docker containers security [cheat sheet included] - https://blog.gitguardian.com/how-to-improve-your-docker-containers-security-cheat-sheet/
Container security best practices: Comprehensive guide - https://sysdig.com/blog/container-security-best-practices/
Securing Kubernetes Secrets with Conjur - https://www.infracloud.io/blogs/securing-kubernetes-secrets-conjur/
Introducing the new Azure SDK Resource Management Libraries for .NET - https://devblogs.microsoft.com/azure-sdk/introducing-the-new-azure-sdk-resource-management-libraries-for-net/
A Scientific Notation Bug in MySQL left AWS WAF Clients Vulnerable to SQL Injection - https://www.gosecure.net/blog/2021/10/19/a-scientific-notation-bug-in-mysql-left-aws-waf-clients-vulnerable-to-sql-injection/
Protecting Microsoft 365 from on-premises attacks - https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/protect-m365-from-on-premises-attacks
Franken-phish: TodayZoo built from other phishing kits - https://www.microsoft.com/security/blog/2021/10/21/franken-phish-todayzoo-built-from-other-phishing-kits/
Microsoft 365 will get support for custom ARC configurations - https://www.bleepingcomputer.com/news/microsoft/microsoft-365-will-get-support-for-custom-arc-configurations/
Managing permissions for Log Analytics and Workbooks - https://msendpointmgr.com/2021/10/23/managing-permissions-for-log-analytics-and-workbooks/
Malware found in npm package with millions of weekly downloads - https://therecord.media/malware-found-in-npm-package-with-millions-of-weekly-downloads/
Discourse SNS webhook RCE - https://0day.click/recipe/discourse-sns-rce/
ToolsGrype - https://github.com/anchore/grype
AWS Lambda - IAM Access Key Disabler - https://github.com/te-papa/aws-key-disabler
KubExplorer - https://github.com/Pscheidl/kubexplorer
Failed logon attempts originating from public IP addresses - https://github.com/alexverboon/MDATP/blob/master/AdvancedHunting/Failed%20Logon%20-%20Public%20IP.md
RBAC Tool For Kubernetes - https://github.com/alcideio/rbac-tool
VirusTotal Behavior with Microsoft Sysmon Detonation - https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/VirusTotal%20File%20Behavior%20Explorer%20-%20MS%20and%20Sysmon%20detonation.ipynb
OutroThat’s all for this episode. Thank you for listening and have a secure day!