This week's articles
container.training
#containers, #explain, #kubernetes
Materials (slides, scripts, demo app, and other code samples) used for various workshops, tutorials, and training sessions around the themes of Docker, containers, and orchestration. Developed by @jpetazzo.
Azure Active Directory Exposes Internal Information
#attack, #azure
The first issue allows anyone to query the directory synchronization status. The second issue could reveal internal information about the target Azure AD tenant, including the technical contact's full name and phone number.
Kubernetes Removals and Deprecations In 1.24
#announcement, #kubernetes
The Kubernetes 1.24 release will deprecate several (beta) APIs in favor of stable versions of the same APIs. The major change coming in the Kubernetes 1.24 release is the removal of Dockershim.
|
|
Tools
stackrox
Performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment.
git-credential-manager
Secure, cross-platform Git credential storage with authentication to GitHub, Azure Repos, and other popular Git hosting services.
DSP
A Microservices-based framework for the study of Network Security and Penetration Test techniques.
bumblebee
Get eBPF programs running from the cloud to the kernel in 1 line of bash.
|
|
Job Advert
Doyensec is an independent security research and development company focused on vulnerability discovery and remediation. We love what we do and we routinely take on difficult engineering challenges to help our customers build with security. We are looking for a Cloud Security Engineer to join our team. We need someone who has a strong interest in auditing and researching cloud platforms and containerized environments. More details: https://www.careers-page.com/doyensec-llc/job/L8X354RV
|
|
|
From the cloud providers
Announcing AWS Lambda Function URLs
Amazon announced the general availability of Lambda Function URLs, a new feature that lets you add HTTPS endpoints to any Lambda function and optionally configure Cross-Origin Resource Sharing (CORS) headers.
|
|
Thanks for reading!
|
If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌 If you have questions, comments, or feedback, let me know on Twitter ( @lancinimarco / @CloudSecList), or at feedback.cloudseclist.com! Thanks, Marco
|
|
|