all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

181 - Cloud Bugs and More Vulns in Galaxy App Store [Bug Bounty Podcast]

Add to bookmarks
Jan. 24, 2023, 9 p.m. | DAY[0]

DAY[0] www.youtube.com

We've got a cloud focused episode this week, starting with a logging bypass in AWS CloudTrail, a SSH Key injection, and cross-tenant data access in Azure Cognitive Search.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/181.html

[00:00:00] Introduction
[00:00:25] Undocumented API allows CloudTrail bypass
[00:06:00] Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)
[00:14:53] SSH key injection in Google Cloud Compute Engine [Google VRP]
[00:19:08] Chat Question: Why is Cross-Site Scripting called That
[00:22:36] Cross-tenant network …

access api app aws aws cloudtrail azure bounty bug bug bounty bugs bypass called chat cloud cloudtrail compute compute engine cross-site cve data data access engine galaxy google google cloud injection introduction key logging podcast question scripting search ssh store vrp vulnerabilities vulns

Visit resource

More from www.youtube.com / DAY[0]

253 - A Retrospective and Future Look Into DAY[0] 1 week, 6 days ago | www.youtube.com
air bounty change future +5
252 - Bypassing KASLR and a FortiGate RCE [Binary Exploitation Podcast] 1 month, 1 week ago | www.youtube.com
aslr binary binary exploitation bypass +23
251 - RCE'ing Mailspring and a .NET CRLF Injection [Bug Bounty Podcast] 1 month, 1 week ago | www.youtube.com
attack attack chain attacks bounty +16
Future of Exploit Development Follow-up (Episode 250) 1 month, 2 weeks ago | www.youtube.com
corruption development exploit exploit development +9
249 - libXPC to Root and Digital Lockpicking [Bug Bounty Podcast] 1 month, 2 weeks ago | www.youtube.com
android authentication authentication bypass bounty +22
248 - Binary Ninja Free and K-LEAK [Binary Exploitation Podcast] 1 month, 3 weeks ago | www.youtube.com
automated binary binary exploitation binary ninja +13
247 - Hacking Google AI and SAML [Bug Bounty Podcast] 1 month, 3 weeks ago | www.youtube.com
auth authentication authentication bypass automated +25
246 - Rust Memory Corruption??? [Binary Exploitation Podcast] 2 months ago | www.youtube.com
access array binary binary exploitation +21
245 - A PHP and Joomla Bug and some DOM Clobbering [Bug Bounty Podcast] 2 months ago | www.youtube.com
api bounty bug bug bounty +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Cloud Security Analyst

@ Cloud Peritus | Bengaluru, India
View on infosec-jobs.com

Cyber Program Manager - CISO- United States – Remote

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com

Network Security Engineer (AEGIS)

@ Peraton | Virginia Beach, VA, United States
View on infosec-jobs.com

SC2022-002065 Cyber Security Incident Responder (NS) - MON 13 May

@ EMW, Inc. | Mons, Wallonia, Belgium
View on infosec-jobs.com

Information Systems Security Engineer

@ Booz Allen Hamilton | USA, GA, Warner Robins (300 Park Pl Dr)
View on infosec-jobs.com
View more jobs