Dragon Cloud Security Podcast S02E05

December 23, 2021

Intro

Welcome Dear listeners, I’m Viktor your host and as a weekly basis I will share news, articles, techniques, tools that is related to Cloud, SaaS, IaaC security. All the URLs for the news, articles and tools can be found here: https://www.buzzsprout.com/1844597

Articles

Azure Bicep Brings Easier Infrastructure as Code to Azure Resource Management – https://petri.com/azure-bicep-infrastructure-as-code

Azure Dominance – cloud scenario – https://twitter.com/mis_config/status/1472655380274688013

Flowchart detailing every CFN transition – https://twitter.com/donkersgood/status/1472913570165837830

AWS re:Invent 2021 Youtube playlists (Security and Compliance and Identity) – https://twitter.com/0xdabbad00/status/1472942866594873349

16-session AWS Solutions Architect Professional course – https://www.youtube.com/playlist?list=PLeJgtCMvQjZd0kuK82-Et9IYcp6EiOeYa

Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps – https://vimeo.com/516520492

BSidesRDU 2021 – From What to How in Cybersecurity: Self Care, Culture, and Strategy – https://www.youtube.com/watch?v=rXG6ExQbIZo

Azure Pentesting class – https://azure.enterprisesecurity.io/

Azure AD & IAM (Part II) – Leveraging Managed Identities For Privilege Escalation – https://orca.security/resources/blog/azure-ad-iam-ii-privilege-escalation-managed-identities/

Forward On-Premises Windows Security Event Logs to Microsoft Sentinel – https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/forward-on-premises-windows-security-event-logs-to-microsoft/ba-p/3040784

GUEST USER LAST SIGN-IN DATE TIME IN AZURE ACTIVE DIRECTORY AND AUTOMATIC CLEANUP – https://www.lieben.nu/liebensraum/2021/12/guest-user-last-sign-in-date-time-in-azure-active-directory-and-automatic-cleanup/

How to Detect Malicious Azure Persistence Through Automation Account Abuse – https://www.inversecos.com/2021/12/how-to-detect-malicious-azure.html

Snaring the Bad Folks – https://netflixtechblog.com/snaring-the-bad-folks-66726a1f4c80

Security Metrics that Count – https://www.twilio.com/blog/security-metrics-count

Owowa: the add-on that turns your OWA into a credential stealer and remote access panel – https://securelist.com/owowa-credential-stealer-and-remote-access/105219/

The Log4j Log4Shell vulnerability: Overview, detection, and remediation – https://www.datadoghq.com/blog/log4j-log4shell-vulnerability-overview-and-remediation/

How i was able to bypass Cloudflare WAF for SQLi payload – https://infosecwriteups.com/how-i-was-able-to-bypass-cloudflare-waf-for-sqli-payload-b9e7a4260026

Zero-friction “keyless signing” with Github Actions – https://chainguard.dev/posts/2021-12-01-zero-friction-keyless-signing

Tools

Awspx – https://github.com/FSecureLABS/awspx

Policy Sentry – https://github.com/salesforce/policy_sentry

Outro

That’s all for this episode. Thank you for listening and have a secure day!