all InfoSec news
227 - Kubernetes Code Exec and There Is No Spoon [Bug Bounty Podcast]
Nov. 28, 2023, 1 p.m. | DAY[0]
DAY[0] www.youtube.com
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/227.html
[00:00:00] Introduction
[00:00:23] Introducing the Microsoft Defender Bounty Program
[00:04:26] Tapping into a telecommunications company’s office cameras
[00:07:47] CrushFTP Critical Vulnerability CVE-2023-43177 Unauthenticated Remote Code Execution
[00:17:22] [Kubernetes] Ingress nginx annotation injection causes arbitrary command execution
[00:24:38] Testing for audits: there is no spoon
The DAY[0] …
analysis auditing bounty bug bug bounty bugs cameras code critical critical vulnerability crushftp cve defender introduction kubernetes microsoft microsoft defender microsoft defender bounty program office podcast program simple telecommunications there is no spoon unauthenticated vulnerabilities vulnerability week
More from www.youtube.com / DAY[0]
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Information Security Specialist, Sr. (Container Hardening)
@ Rackner | San Antonio, TX
Principal Security Researcher (Advanced Threat Prevention)
@ Palo Alto Networks | Santa Clara, CA, United States
EWT Infosec | IAM Technical Security Consultant - Manager
@ KPMG India | Bengaluru, Karnataka, India
Security Engineering Operations Manager
@ Gusto | San Francisco, CA; Denver, CO; Remote
Network Threat Detection Engineer
@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC