logo
episode-header-image
May 2022
18m 11s

AutoWarp bug leads to Automation headach...

N2K Networks
About this episode

Yanir Tsarimi from Orca Security, joins Dave to discuss how researchers have discovered a critical Azure Automation service vulnerability called AutoWarp. The security flaw was discovered this past March causing Yanir to leap into action announcing the issue to Microsoft who helped to swiftly resolve the cross-account vulnerability.

The research shows how this serious flaw would allow attackers unauthorized access to other customer accounts and potentially full control over resources and data belonging to those accounts, as well as put multiple Fortune 500 companies and billions of dollars at risk. The research shares the crucial time line that the vulnerability was discovered as well as Microsofts response to the vulnerability.

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next
Yesterday
A farmers market of stolen data.
Farmers Insurance discloses a data breach affecting over a million people. Agentic AI tools fall for common scams. A new bill in Congress looks to revive letters of marque for the digital age. Cybercriminals target macOS users with the Shamos infostealer. New Android spyware masq ... Show More
22m 12s
Aug 24
Julian Waits: Find a way to help society. [Serial Entrepreneur] [Career Notes]
Please enjoy this encore of Career Notes. Senior Vice President and Executive in Residence with Rapid7 and Chairman for Cyversity, Julian Waits, grew up in the era of the Justice League and Superman and it shaped his career. Julian always wanted to do something where he could fin ... Show More
11m 4s
Aug 23
Beyond the smoke screen. [Research Saturday]
This week, we are joined by Dr. Renée Burton, VP of Infoblox Threat Intel, who is discussing their work on VexTrio, a notorious traffic distribution system (TDS) involved in digital fraud. The VexTrio investigation uncovers a massive global ad fraud and scam operation powered by ... Show More
22m 22s
Recommended Episodes
Mar 2022
Microsoft Azure around the Hash Table.
Microsoft Azure adoption with cybersecurity first principle strategies. The cloud revolution is here. How well can we implement our first principle strategies within each environment? Do we need to embrace other security platforms to get it done? In this session, Rick and the Has ... Show More
21m 17s
Dec 2021
Security Straight Talk with Jim Alkove, Chief Trust Officer at Salesforce, and George Kurtz, President/CEO and co-founder of CrowdStrike
When it comes to IT security, there are a lot of marketing pitches out there offering bullish assessments of certain technologies, and, of course, the particular products being pitched. Really, there’s nothing wrong with marketers doing their jobs, and it’s especially useful when ... Show More
36m 12s
Jan 2024
2787: Navigating the Evolving Landscape of Application Security With Checkmarx
In this compelling episode, we delve into the strategic importance of application security as businesses undergo digital transformation. Sandeep Johri, with his rich experience at Checkmarx, sheds light on this domain's multifaceted challenges and opportunities. We discuss how vu ... Show More
25m 34s
Mar 2022
Thu. 03/31 – Hackers Forging Emergency Data Requests
Another day of all the hacking news. Now the hackers are forging Emergency Data Requests. Apparently there have been vulnerabilities in Wyze security cameras that no one bothered to fix. TSMC warns of a tech slowdown. Masa Son orders his lieutenants to slow down investing just a ... Show More
16m 22s
Listen to millions of songs and podcasts on Anghami