23 min
#13 - Leaky CLIs, glitchy CPUs and risky HARs Crying Out Cloud
-
- Technology
๐๏ธ NEW PODCAST EPISODE ALERT!
Eden and Amitai are back with another wild ride through the cloudy skies on "Crying Out Cloud"!
Here's the scoop for today's adventure:
01:36 - Okta Support System Compromise: ๐ต๏ธโโ๏ธ
We unravel the mystery surrounding an unknown threat actor's access to Okta's customer support system. What's an HAR file, and why should you care?
06:30 - Azure CLI Credential Leak (CVE-2023-36052): ๐ป
Get the lowdown on Microsoft's Azure CLI vulnerability and how this leak happened, why defaults matter, and what the patch means for your Azure CLI setup.
13:17 - Reptar and Cachewarp CPU Vulnerabilities: ๐ก
CPU vulnerabilities are a trend we can't ignore! Discover why Reptar and Cachewarp CPU vulnerabilities might sound daunting but aren't necessarily the cloud apocalypse. Plus, the juicy details on who's patched and who's snoozing on this issue
Links:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36052https://cloud.google.com/blog/products/identity-security/google-researchers-discover-reptar-a-new-cpu-vulnerabilityhttps://lock.cmpxchg8b.com/reptar.htmlhttps://cachewarpattack.com/https://sec.okta.com/harfiles
๐๏ธ NEW PODCAST EPISODE ALERT!
Eden and Amitai are back with another wild ride through the cloudy skies on "Crying Out Cloud"!
Here's the scoop for today's adventure:
01:36 - Okta Support System Compromise: ๐ต๏ธโโ๏ธ
We unravel the mystery surrounding an unknown threat actor's access to Okta's customer support system. What's an HAR file, and why should you care?
06:30 - Azure CLI Credential Leak (CVE-2023-36052): ๐ป
Get the lowdown on Microsoft's Azure CLI vulnerability and how this leak happened, why defaults matter, and what the patch means for your Azure CLI setup.
13:17 - Reptar and Cachewarp CPU Vulnerabilities: ๐ก
CPU vulnerabilities are a trend we can't ignore! Discover why Reptar and Cachewarp CPU vulnerabilities might sound daunting but aren't necessarily the cloud apocalypse. Plus, the juicy details on who's patched and who's snoozing on this issue
Links:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36052https://cloud.google.com/blog/products/identity-security/google-researchers-discover-reptar-a-new-cpu-vulnerabilityhttps://lock.cmpxchg8b.com/reptar.htmlhttps://cachewarpattack.com/https://sec.okta.com/harfiles
23 min