• VayFul®
  • Posts
  • CloudSec Wednesday: Recon Azure Cloud, Kubernetes Pentesting, CloudSec EU'24 Conference, DevSecOps Journey to Secure Github Repos, CloudShovel Tool Spotlight, Ransomware Attacks in Hybrid Cloud

CloudSec Wednesday: Recon Azure Cloud, Kubernetes Pentesting, CloudSec EU'24 Conference, DevSecOps Journey to Secure Github Repos, CloudShovel Tool Spotlight, Ransomware Attacks in Hybrid Cloud

Cybersecurity — For Security Professionals

Hey! James here.

Today’s edition covers Cloud Security, Container Security and DevSecOps Practices:

  • 📝 Ransomware Attacks in Hybrid Cloud, Critical NVIDIA AI Vulnerability Affecting Containers Using NVIDIA GPUs!

  • 🔥 CloudSec EU'24 conference, Recon Azure Cloud, Kubernetes Pentesting!

  • 🧠 DevSecOps Journey to Secure Github Repos, Public Cloud is the most Insecure Form of Infrastructure!

  • And more…

First time reading? Sign up here.

📰 Top Security News

  • Ransomware attacks expanding to hybrid cloud environments (Microsoft)

  • New security protocol shields data from attackers during cloud-based computation (mit.edu)

  • Critical NVIDIA AI Vulnerability Affecting Containers Using NVIDIA GPUs, Including Over 35% of Cloud Environments(Wiz)

📝 Best Of Blogs

  • A Journey to Secure and Standardise GitHub Repositories (Apheris)

  • NIST Updates Digital Identity Guidelines: Stronger Authentication and Risk Management (NIST)

  • Public Cloud is the most insecure form of infrastructure(Chris Farris)

🧠 Learning Resources

🛠️ Tools

  • CloudShovel - A tool for scanning public or private  AMIs for sensitive files and secrets. (GitHub)

  • Finic - Stealth browsers as a service. Run chrome in cloud for your scraper or automation. (GitHub)

⚡️ Misc

  • Eliminating Memory Safety Vulnerabilities at the Source (Google)

  • AWS launched new Vulnerability Disclosure Program (Hackerone)

🎯 Favorite Quote

“The future belongs to those who believe in the beauty of their dreams.“
- Eleanor Roosevelt

💡 ABOUT VAYFUL®

Vayful® is a cybersecurity newsletter that curates the best cybersecurity news, research, tools, blogs, talks, tutorials, and learning resources — specially handpicked for security professionals. The content is curated with love by security professionals.

Enjoyed this newsletter? Friends don’t keep good things to themselves - forward this to your friends and have them sign up here!

Did someone forward this email to you? Become a subscriber!

Have feedback or questions? Just hit reply and let us know.