CROC News: Malicious Repos, Bandwidth Theft, & NVD or NoVD? -

CROC News: Malicious Repos, Bandwidth Theft, & NVD or NoVD?

Listen now

Description

🎙️ What is a better way to stay updated on cloud security than a NEW Crying Out Cloud episode! Join Eden Naftali and Amitai Cohen as they explore what is new and 🔥: 👾 Open-source repos flooded by malicious code. 💻 What is to become of the National Vulnerability Database? ⛓️ Proof of bandwidth cryptojacking 🛠️ Critical vulnerabilities discovered in popular CI/CD tool Links: https://apiiro.com/blog/malicious-code-campaign-github-repo-confusion-attack/ https://github.blog/2024-02-29-keeping-secrets-out-of-public-repositories/ https://research.openanalysis.net/github/lua/2024/03/03/lua-malware.html https://resilientcyber.substack.com/p/death-knell-of-the-nvd https://sysdig.com/blog/cloud-threats-deploying-crypto-cdn/

More Episodes

See all »

Canadian Cybersecurity, Open Source Risks, and AppSec Insights with Tanya Janca

🎙️ Tune in to the latest #CryingOutCloud episode featuring Tanya Janca, where we dive into all things cloud! Join Eden and Amitai as they welcome Tanya Janca, founder of 'We Hack Purple', and the author of 'Alice and Bob Learn Application Security'. She's seen it all—from launching AppSec...

Published 11/08/24

Crying Out Cloud

Published 11/08/24

Hybrid Cloud Attacks, Linux Malware, and LLMJacking Exposed

🎙️ Ready for the latest on Hybrid Cloud Attacks, Linux Malware, and LLMJacking? Join our hosts Eden Koby Naftali and Amitai Cohen in our NEW #CryingOutCloud episode. In this episode: 📌 The perfctl malware campaign—stealthily mining crypto on thousands of Linux machines undetected for years 📌...

Published 10/29/24