Sign up to save your podcasts
Or
Share Google VRP Bugs, NSG Flow Logs,GCP Org Policies, NSA Kubernetes Hardening Guidance, Teams are Just Networks
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Google VRP Bugs, NSG Flow Logs,GCP Org Policies, NSA Kubernetes Hardening Guidance, Teams are Just Networks
Intro
Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597
Articleskdigger: a Context Discovery Tool for Kubernetes - https://blog.quarkslab.com/kdigger-a-context-discovery-tool-for-kubernetes.html
Azure AD and Windows Hello: SSO to on-premise resources - https://katystech.blog/2021/10/azure-ad-and-windows-hello-sso-to-on-premise-resources/
CVE-2021-26420: REMOTE CODE EXECUTION IN SHAREPOINT VIA WORKFLOW COMPILATION - https://www.zerodayinitiative.com/blog/2021/10/5/cve-2021-26420-remote-code-execution-in-sharepoint-via-workflow-compilation
Understanding Azure Logs from a security perspective — Part 2 — NSG Flow Logs - https://davidokeyode.medium.com/understanding-azure-logs-from-a-security-perspective-part-2-nsg-flow-logs-3edc5c42f39a
4 Weird Google VRP Bugs in 40 Minutes - Hacktivity 2021 - https://www.youtube.com/watch?v=nP_y-Z-FXr0
AWS Backup adds an additional layer for backup protection with the availability of AWS Backup Vault Lock - https://aws.amazon.com/about-aws/whats-new/2021/10/aws-backup-backup-protection-aws-backup-vault-lock/
Time to Move Off Exchange Online DLP Policies - https://practical365.com/time-migrate-exchange-dlp-policies/
Common Conditional Access policies - https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policy-common
How to use Azure Monitor workbooks for Azure Active Directory reports - https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/howto-use-azure-monitor-workbooks
Microsoft MFA Adoption Numbers - https://twitter.com/ryanaraine/status/1446182370336403456
Drift detection tools: Terraform vs CloudFormation vs Bridgecrew - https://bridgecrew.io/blog/drift-detection-tools-terraform-vs-cloudformation-vs-bridgecrew/
$5000 Google IDOR Vulnerability Writeup - https://infosecwriteups.com/5000-google-idor-vulnerability-writeup-c7b45926abe9
A Closer Look at NSA/CISA Kubernetes Hardening Guidance - https://kubernetes.io/blog/2021/10/05/nsa-cisa-kubernetes-hardening-guidance/
Engineering Teams Are Just Networks - https://bellmar.medium.com/engineering-teams-are-just-networks-1fc16058879a
Reverse engineering and decrypting CyberArk vault credential files - https://jellevergeer.com/reverse-engineering-and-decrypting-cyberark-vault-credential-files/
Serverless Policy Enforcement: Connecting OPA and AWS Lambda - https://blog.openpolicyagent.org/serverless-policy-enforcement-connecting-opa-and-aws-lambda-e624f7176a3
Protect Your GitHub Actions with Semgrep - https://r2c.dev/blog/2021/protect-your-github-actions-with-semgrep/
Org Policies by default - https://medium.com/google-cloud/org-policies-by-default-3adc0c8925b0
Encryption with Transit Data Keys - https://medium.com/hashicorp-engineering/encryption-with-transit-data-keys-bfe5241ae194
ToolsCFN-diagram - https://github.com/mhlabs/cfn-diagram
CLI tool to visualise CloudFormation/SAM/CDK templates as diagrams.
OutroThat’s all for this episode. Thank you for listening and have a secure day!
View all episodes
By wucpiIntro
Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597
Articleskdigger: a Context Discovery Tool for Kubernetes - https://blog.quarkslab.com/kdigger-a-context-discovery-tool-for-kubernetes.html
Azure AD and Windows Hello: SSO to on-premise resources - https://katystech.blog/2021/10/azure-ad-and-windows-hello-sso-to-on-premise-resources/
CVE-2021-26420: REMOTE CODE EXECUTION IN SHAREPOINT VIA WORKFLOW COMPILATION - https://www.zerodayinitiative.com/blog/2021/10/5/cve-2021-26420-remote-code-execution-in-sharepoint-via-workflow-compilation
Understanding Azure Logs from a security perspective — Part 2 — NSG Flow Logs - https://davidokeyode.medium.com/understanding-azure-logs-from-a-security-perspective-part-2-nsg-flow-logs-3edc5c42f39a
4 Weird Google VRP Bugs in 40 Minutes - Hacktivity 2021 - https://www.youtube.com/watch?v=nP_y-Z-FXr0
AWS Backup adds an additional layer for backup protection with the availability of AWS Backup Vault Lock - https://aws.amazon.com/about-aws/whats-new/2021/10/aws-backup-backup-protection-aws-backup-vault-lock/
Time to Move Off Exchange Online DLP Policies - https://practical365.com/time-migrate-exchange-dlp-policies/
Common Conditional Access policies - https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policy-common
How to use Azure Monitor workbooks for Azure Active Directory reports - https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/howto-use-azure-monitor-workbooks
Microsoft MFA Adoption Numbers - https://twitter.com/ryanaraine/status/1446182370336403456
Drift detection tools: Terraform vs CloudFormation vs Bridgecrew - https://bridgecrew.io/blog/drift-detection-tools-terraform-vs-cloudformation-vs-bridgecrew/
$5000 Google IDOR Vulnerability Writeup - https://infosecwriteups.com/5000-google-idor-vulnerability-writeup-c7b45926abe9
A Closer Look at NSA/CISA Kubernetes Hardening Guidance - https://kubernetes.io/blog/2021/10/05/nsa-cisa-kubernetes-hardening-guidance/
Engineering Teams Are Just Networks - https://bellmar.medium.com/engineering-teams-are-just-networks-1fc16058879a
Reverse engineering and decrypting CyberArk vault credential files - https://jellevergeer.com/reverse-engineering-and-decrypting-cyberark-vault-credential-files/
Serverless Policy Enforcement: Connecting OPA and AWS Lambda - https://blog.openpolicyagent.org/serverless-policy-enforcement-connecting-opa-and-aws-lambda-e624f7176a3
Protect Your GitHub Actions with Semgrep - https://r2c.dev/blog/2021/protect-your-github-actions-with-semgrep/
Org Policies by default - https://medium.com/google-cloud/org-policies-by-default-3adc0c8925b0
Encryption with Transit Data Keys - https://medium.com/hashicorp-engineering/encryption-with-transit-data-keys-bfe5241ae194
ToolsCFN-diagram - https://github.com/mhlabs/cfn-diagram
CLI tool to visualise CloudFormation/SAM/CDK templates as diagrams.
OutroThat’s all for this episode. Thank you for listening and have a secure day!