Intro

Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597

Articles

Abusing Registries For Exfil And Droppers – https://www.antitree.com/2021/10/abusing-registries-for-exfil-and-droppers/

Kaspersky’s stolen Amazon SES token used in Office 365 phishing – https://www.bleepingcomputer.com/news/security/kasperskys-stolen-amazon-ses-token-used-in-office-365-phishing/

AWS SSO Tutorial with Google Workspace (Gsuite) as an IdP Step-by-Step – https://www.cloudquery.io/blog/aws-sso-tutorial-with-google-workspace-as-an-idp

Introducing Quiet Riot – https://blog.traingrc.com/introducing-quiet-riot-c595cfa629e

Protect your open source project from supply chain attacks – https://opensource.googleblog.com/2021/10/protect-your-open-source-project-from-supply-chain-attacks.html?m=1

Adding Location To Azure AD MFA – https://c7solutions.com/2021/10/adding-location-to-azure-ad-mfa

MFA AUTHENTICATOR: FOREVER! – https://call4cloud.nl/2021/10/mfa-authenticator-forever/

Container Breakouts – Part 2: Privileged Container – https://blog.nody.cc/posts/container-breakouts-part2/

Keynote: Project Trebuchet: How SolarWinds is Using Open Source to Secure Their Supp… Trevor Rosen – https://www.youtube.com/watch?v=1-tMRxqMwTQ

Microsoft Information Protection (MIP) Ninja Training – https://techcommunity.microsoft.com/t5/security-compliance-and-identity/the-microsoft-information-protection-mip-ninja-training-is-here/ba-p/2887478

Azure Policy-as-Code Pattern Documentation – https://globalbao.github.io/azure-policy-as-code/

Best practices for deploying highly available apps in Kubernetes. Part 1 – https://blog.flant.com/best-practices-for-deploying-highly-available-apps-in-kubernetes-part-1/

Enumerating Services in AWS Accounts in an Anonymous and Unauthenticated Manner – https://sidechannel.blog/en/enumerating-services-in-aws-accounts-in-an-anonymous-and-unauthenticated-manner/index.html

AZURE SENTINEL INTERNALS: INCIDENTS – https://emptydc.com/2021/10/28/azure-sentinel-internals-incidents/

Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD – https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover

Protect your business from password sprays with Microsoft DART recommendations – https://www.microsoft.com/security/blog/2021/10/26/protect-your-business-from-password-sprays-with-microsoft-dart-recommendations/

A Hands-On Intro to Semgrep’s Autofix – https://parsiya.net/blog/2021-10-25-a-hands-on-intro-to-semgreps-autofix/

Achieving least-privilege at FollowAnalytics with Repokid, Aardvark and ConsoleMe – https://medium.com/followanalytics/granting-least-privileges-at-followanalytics-with-repokid-aardvark-and-consoleme-895d8daf604a

 

 

Tools

semgrep-rules – https://github.com/returntocorp/semgrep-rules

MFASweep – https://github.com/dafthack/MFASweep

decode-spam-headers.py – https://github.com/mgeeky/decode-spam-headers

driftctl – https://github.com/cloudskiff/driftctl

camp – https://github.com/tenchi-security/camp

AWS Secure Environment Accelerator – https://github.com/aws-samples/aws-secure-environment-accelerator

Hcltm – https://github.com/xntrik/hcltm

 

 

Outro

That’s all for this episode. Thank you for listening and have a secure day!