CROC News: Automotive Code Leak & Midnight Blizzard's Heist
02/22/24 • 28 min
Loading from the Cloud... Season 2 of "CRYING OUT CLOUD" is here! Join our hosts, Eden and Amitai, as they dive into the latest cloud stories that we can't wait to share with you Here's a sneak peek into the season's opening:
🚗 Mercedes-Benz Source Code Exposure: A public GitHub Repo was exposed - allowing unauthorized access to the company's internal servers, including AWS and Azure subscriptions. The credentials remained publicly accessible for 3-4 months. 😱
🌨️ Midnight Blizzard Hits Microsoft: Russian actors (Midnight Blizzard) got into Microsoft's network and stole employee emails, finding a misconfigured account with a weak password. Among other things, they tried to find out what Microsoft knew about their activity.
🔐 Ivanti Vulnerabilities: Ivanti's VPN products exposed vulnerabilities, allowing remote code execution and authentication bypass, exploited by a Chinese Threat Actor.
Loading from the Cloud... Season 2 of "CRYING OUT CLOUD" is here! Join our hosts, Eden and Amitai, as they dive into the latest cloud stories that we can't wait to share with you Here's a sneak peek into the season's opening:
🚗 Mercedes-Benz Source Code Exposure: A public GitHub Repo was exposed - allowing unauthorized access to the company's internal servers, including AWS and Azure subscriptions. The credentials remained publicly accessible for 3-4 months. 😱
🌨️ Midnight Blizzard Hits Microsoft: Russian actors (Midnight Blizzard) got into Microsoft's network and stole employee emails, finding a misconfigured account with a weak password. Among other things, they tried to find out what Microsoft knew about their activity.
🔐 Ivanti Vulnerabilities: Ivanti's VPN products exposed vulnerabilities, allowing remote code execution and authentication bypass, exploited by a Chinese Threat Actor.
Previous Episode
#15 - Yinon Costica on AI risks, the importance of positivity and his new year's resolutions
🛡️ Join Eden Naftali & Amitai Cohen's exclusive interview with Yinon Costica, as he brings unparalleled expertise to the table. From his beginnings in Israel's 8200 intelligence unit, through Adallom, which was acquired by Microsoft, to co-founding Wiz
Next Episode
CROC Talks: Bug Bounty Hunting & Pen Testing with Sam Curry
The NEW exclusive interview with hacker extraordinaire Sam Curry on Crying Out Cloud is out!
Join Eden Naftali and Amitai Cohen as they explore the role of a Bug-Bounty Hunter with Sam Curry:
🔑 Learn about Sam's journey into security research
🛠️ Favorite tools and underrated platforms
🤖 The trustworthiness implications of AI-driven technologies in transportation.
🔒 Vulnerabilities within a major tech company's infrastructure. The tradeoff between scanning gigantic IP ranges and selecting the best research targets.
Important links: https://samcurry.net/web-hackers-vs-the-auto-industry/ https://samcurry.net/hacking-apple/ https://samcurry.net/points-com/
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/crying-out-cloud-387088/croc-news-automotive-code-leak-and-midnight-blizzards-heist-55009280"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to croc news: automotive code leak & midnight blizzard's heist on goodpods" style="width: 225px" /> </a>
Copy