30 min
#6 - Chinese Spies Acquire Keys To The Azure Kingdom Crying Out Cloud
-
- Technology
Popcorn ready? ๐ฟ
Ep. 6 of "Crying Out Cloud" is now LIVE โ and it's a thriller! ๐คฏ
1:42 ๐ฌ Chinese Hackers Steal US Gov Emails
12:53 ๐งจ Silent Bob & the Team TNT Comeback
18:41 ๐ท๐บ Russian Hackers Exploit Office Zero Day
26:10 ๐ Footloose's 2023 Object-Oriented Sequel: PyLoose
Important links:
https://msrc.microsoft.com/blog/2023/07/microsoft-mitigates-china-based-threat-actor-storm-0558-targeting-of-customer-email/
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-193a
https://blogs.microsoft.com/on-the-issues/2023/07/11/mitigation-china-based-threat-actor/
https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/
https://www.wired.com/story/microsoft-cloud-attack-china-hackers/
https://arstechnica.com/security/2023/07/microsoft-takes-pains-to-obscure-role-in-0-days-that-caused-email-breach/
https://blog.aquasec.com/threat-alert-anatomy-of-silentbobs-cloud-attack
https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign
https://permiso.io/blog/s/agile-approach-to-mass-cloud-cred-harvesting-and-cryptomining/
https://www.sentinelone.com/labs/cloudy-with-a-chance-of-credentials-aws-targeting-cred-stealer-expands-to-azure-gcp/
https://twitter.com/AbbyMCH/status/1679509312132005888
https://sysdig.com/blog/scarleteel-2-0/
https://twitter.com/maddiestone/status/1678843059294076928
https://www.microsoft.com/en-us/security/blog/2023/07/11/storm-0978-attacks-reveal-financial-and-espionage-motives/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884
https://twitter.com/cyb3rops/status/1680962212804939776
https://twitter.com/serghei/status/1679246339698315265
https://www.wiz.io/blog/pyloose-first-python-based-fileless-attack-on-cloud-workloads
Popcorn ready? ๐ฟ
Ep. 6 of "Crying Out Cloud" is now LIVE โ and it's a thriller! ๐คฏ
1:42 ๐ฌ Chinese Hackers Steal US Gov Emails
12:53 ๐งจ Silent Bob & the Team TNT Comeback
18:41 ๐ท๐บ Russian Hackers Exploit Office Zero Day
26:10 ๐ Footloose's 2023 Object-Oriented Sequel: PyLoose
Important links:
https://msrc.microsoft.com/blog/2023/07/microsoft-mitigates-china-based-threat-actor-storm-0558-targeting-of-customer-email/
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-193a
https://blogs.microsoft.com/on-the-issues/2023/07/11/mitigation-china-based-threat-actor/
https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/
https://www.wired.com/story/microsoft-cloud-attack-china-hackers/
https://arstechnica.com/security/2023/07/microsoft-takes-pains-to-obscure-role-in-0-days-that-caused-email-breach/
https://blog.aquasec.com/threat-alert-anatomy-of-silentbobs-cloud-attack
https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign
https://permiso.io/blog/s/agile-approach-to-mass-cloud-cred-harvesting-and-cryptomining/
https://www.sentinelone.com/labs/cloudy-with-a-chance-of-credentials-aws-targeting-cred-stealer-expands-to-azure-gcp/
https://twitter.com/AbbyMCH/status/1679509312132005888
https://sysdig.com/blog/scarleteel-2-0/
https://twitter.com/maddiestone/status/1678843059294076928
https://www.microsoft.com/en-us/security/blog/2023/07/11/storm-0978-attacks-reveal-financial-and-espionage-motives/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884
https://twitter.com/cyb3rops/status/1680962212804939776
https://twitter.com/serghei/status/1679246339698315265
https://www.wiz.io/blog/pyloose-first-python-based-fileless-attack-on-cloud-workloads
30 min