logo
episode-header-image
May 2022
18m 11s

AutoWarp bug leads to Automation headach...

N2K Networks
About this episode

Yanir Tsarimi from Orca Security, joins Dave to discuss how researchers have discovered a critical Azure Automation service vulnerability called AutoWarp. The security flaw was discovered this past March causing Yanir to leap into action announcing the issue to Microsoft who helped to swiftly resolve the cross-account vulnerability.

The research shows how this serious flaw would allow attackers unauthorized access to other customer accounts and potentially full control over resources and data belonging to those accounts, as well as put multiple Fortune 500 companies and billions of dollars at risk. The research shares the crucial time line that the vulnerability was discovered as well as Microsofts response to the vulnerability.

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next
Yesterday
Plug-ins gone rogue.
Patch Tuesday. An Iranian ransomware group puts a premium on U.S. and Israeli targets. Batavia spyware targets Russia’s industrial sector. HHS fines a Texas Behavioral Health firm for failed risk analysis. The Anatsa banking trojan targets financial institutions in the U.S. and C ... Show More
29m 52s
Jul 8
Memory leaks and login sneaks.
Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. ... Show More
30m 50s
Jul 7
SafePay, unsafe day.
Ingram Micro suffers a ransomware attack by the SafePay gang. Spanish police dismantle a large-scale investment fraud ring. The SatanLock ransomware group says it is shutting down. Brazilian police arrest a man accused of stealing over $100 million from the country’s banking syst ... Show More
37m 27s
Recommended Episodes
Mar 2022
Microsoft Azure around the Hash Table.
Microsoft Azure adoption with cybersecurity first principle strategies.The cloud revolution is here. How well can we implement our first principle strategies within each environment? Do we need to embrace other security platforms to get it done? In this session, Rick and the Hash ... Show More
21m 17s
Dec 2021
Security Straight Talk with Jim Alkove, Chief Trust Officer at Salesforce, and George Kurtz, President/CEO and co-founder of CrowdStrike
When it comes to IT security, there are a lot of marketing pitches out there offering bullish assessments of certain technologies, and, of course, the particular products being pitched. Really, there’s nothing wrong with marketers doing their jobs, and it’s especially useful when ... Show More
36m 12s
Jan 2024
2787: Navigating the Evolving Landscape of Application Security With Checkmarx
In this compelling episode, we delve into the strategic importance of application security as businesses undergo digital transformation. Sandeep Johri, with his rich experience at Checkmarx, sheds light on this domain's multifaceted challenges and opportunities. We discuss how vu ... Show More
25m 34s
Mar 2022
Thu. 03/31 – Hackers Forging Emergency Data Requests
Another day of all the hacking news. Now the hackers are forging Emergency Data Requests. Apparently there have been vulnerabilities in Wyze security cameras that no one bothered to fix. TSMC warns of a tech slowdown. Masa Son orders his lieutenants to slow down investing just a ... Show More
16m 22s
Listen to millions of songs and podcasts on Anghami