Wiz
Crying Out Cloud
Welcome to "Crying Out Cloud," the monthly podcast that keeps you up to date with the latest cloud security news. Hosted by experts Eden Naftali and Amitai Cohen, each episode provides in-depth coverage of the most important vulnerabilities and incidents from the previous month. Tune in for insightful analysis and expert recommendations to help you safeguard your cloud infrastructure.
Wo hören?
Podcasts in der App Replaio Radio Bald verfügbarPodcasts kommen bald in die App. Installiere sie jetzt und erlebe als Erster einen ganz neuen Blick auf Podcasts
Folgen
Autonomous AI Malware, Threat Actor Startups & Beating Burnout with John Hammond 02.07.2026 29:02
AI-Powered Malware and the Future of Threat Hunting On this episode of Crying Out Cloud, Eden Koby Naftali & Amitai Cohen sit down with John Hammond to unpack the reality of autonomous AI hacking and why cybercriminals are operating like Fortune 500 startups. 1. Why modern ransomware groups have sales teams, HR, and go-to-market strategies. 2. How autonomous AI agents are finding zero-days whi...
The Linux CopyFail Vulnerability & AI Bug Hunting with Xint 20.05.2026 50:55
The AI bug hunting revolution is here, and it just broke Linux. On this episode of Crying Out Cloud, Eden Koby Naftali & Amitai Cohen sit down with Tim Becker and Jacob Newman from Xint to unpack CopyFail, a powerful vulnerability found using autonomous AI agents. 1. How Xint's custom LLM harness uncovered CopyFail, a privilege escalation bug affecting almost every Linux machine since 2017...
Hacking GitHub with a Semicolon & Claude with Sagi Tzadik 01.05.2026 13:29
Wiz researcher Sagi Tzadik joins us to break down how a single semicolon led to a critical Remote Code Execution (RCE) vulnerability in GitHub. For two years, Sagi sat on a lead. Reverse engineering GitHub's microservices manually was too tedious to justify the time. Then, AI agents arrived. By hooking Claude directly into his reverse engineering software, he condensed months of grueling binar...
Protecting Vibe Coded Apps and the Shift to "Soft Guardrails" with Igor Andriushchenko 24.02.2026 39:29
Igor Andriushchenko joins Crying Out Cloud to explain how vibe coding changes the role of security engineers. The shift from typing lines of code to shaping entire systems means security teams need new strategies. Developers expect their shipping velocity to increase tenfold with AI assistance. Relying on traditional hard deployment blocks will only cause friction. If you want to understand how to...
Neuroscience, AI Research & Hiring Swifties with Alon Schindel 12.02.2026 24:17
Agentic AI is coming. Are defenders ready? Alon Schindel, Director of Data & Threat Research at Wiz, joins Eden and Amitai for the Season 3 Finale. This isn't just a recap. It is a look at how top-tier research teams operate at speed. Alon explains why Wiz treats research as a "product" rather than a support function. He details the "DeepLeak" discovery where his team f...
Hacking Moltbook with Gal Nagli 03.02.2026 12:44
🚨 Vibe coding meets critical data exposure: The Moltbook Hack. On this episode of Crying Out Cloud, Eden Koby Naftali & Amitai Cohen sit down with Wiz researcher Gal Nagli to unpack how he compromised the "Facebook for AI Agents" in under an hour ↓ How a simple boolean manipulation (valid: false to true) bypassed authentication Cloud Database misconfigurations and the failure of Row...
CodeBreach: Hijacking the AWS Console with Yuval Avrahami 15.01.2026 17:20
🚨 Everything you need to know about CodeBreach with Yuval Avrahami On this episode of Crying Out Cloud, Eden Koby Naftali & Amitai Cohen sit down with Wiz researcher Yuval Avrahami to unpack a major supply-chain flaw that put cloud environments at risk ↓ Misconfigured CodeBuild instances used by AWS themselves One small regex mistake, huge consequences How an SDK used by the AWS Console could...
React2Shell, Shai-Hulud 2.0, Gogs Zero-Day & Tika RCE 01.01.2026 19:35
🎙️ Shai-Hulud, Shai-Hulud 2.0, are you keeping up? In this episode of Crying Out Cloud, Eden Koby Naftali & Amitai Cohen go deep into real-world cloud security incidents ↓ How Shai-Hulud evolved into Shai-Hulud 2.0 A vulnerability affecting Apache Tika React2Shell and its implications Gogs zero-day explained You DONT want to miss this! This is a technical, concrete conversation focused on how...
Live Talk: Security Minds from Google Cloud, AWS & Wiz 08.12.2025 22:18
🎙️ AI is changing the rules of cyber, are you keeping up? Eden Naftali goes live with leading voices in cloud security:Ryan Nolette (AWS), @John Miller (Google Cloud), and Alon Schindel (Wiz). This episode is essential listening for anyone defending at cloud scale. 👇🔍 Inside ↓1) How AI is supercharging attacker tactics — from hyper-variable phishing to rapid exploit generation2) The rise of &quo...
Cloud Detection Engineering, AI in the SOC and Parallel Parking with Alex Hurtado 14.11.2025 25:38
Detection engineering just got real! Eden Naftali and Amitai sit down with detection engineering powerhouse Alex Hurtado - and it's a must-listen for anyone in cloud security. 👇 🔍 What's inside: The evolution of detection engineering in the cloud — and why traditional rules no longer apply Why DIY detections > vendor defaults How AI is reshaping detection and threat hunting (and why t...
VSCode Extension Secrets, RediShell, & Living-off-the-LLM 07.11.2025 29:34
🔍 From discovering VS Code supply chain risks → to uncovering Redis Shell vulnerabilities. Eden Naftali and Amitai sat down to unpack: 👇 How VS Code extensions became a critical supply chain risk (w/ Rami McCarthy) What RediShell reveals about attacker innovation Where AI is being weaponized in modern malware 🎙️ Listen now to our NEW Crying Out Cloud episode
eBPF, Fishy Book Covers, and Open Source Security with Liz Rice 16.09.2025 33:08
🚨 The kernel-level security revolution you can't ignore — a must-listen with Liz Rice Eden Naftali and Amitai sit down with Liz Rice, Chief Open Source Officer at Isovalent (Cisco), and a global expert in eBPF, containers, and Kubernetes security. 🎙️ In this episode: How eBPF is reshaping cloud security from the ground up Practical strategies to tackle open source supply chain attacks (a hot...
Security Metrics, Detection & Response & Paintball with Erik Bloch 18.08.2025 28:15
🔐 Erik Bloch on his path from military hacker to Illumio security leader. Eden Naftali and Amitai sat down with Erik Bloch & here's what they covered 👇 How starting in the military shaped Erik's approach to security Building and scaling cloud detection & response teams Converting security metrics into actionable business KPIs
Adversary Emulation, Cyber Education & Community Building with Day Johnson 01.08.2025 28:53
🚨 How do you build a 4,000+ strong student-tech community from scratch? Eden Naftali and Amitai sat down with Day Johnson, Security Engineer at @amazon , ex-Datadog, founder of CyberWox Academy. What they covered 👇- Detection engineering that works at scale- What breaks IR processes (and how to fix them)- Real talk on breaking into security without shortcutsAlso: why being the "tech kid&q...
Live Talk: Security Minds from Riot Games, Microsoft & Wiz 15.07.2025 39:35
💡 From cloud chaos to career confessions: live with security minds from RiotGames & Microsoft. Eden Naftali went live, and got personal, with 3 leaders shaping the future of cloud and cybersecurity: Nicole Dove, Head of Security Engineering at @Riot Games Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft Alon Schindel, VP of AI & Threat Research at Wiz What they unpa...
AI Double Agents to Blame, Scattered Spider Pivots to Planes 09.07.2025 17:40
🎙️ Scattered Spider's new target? Airlines. Eden Koby Naftali & Amitai Cohen break down the latest in the cloud:1️⃣ A connectivity tool vuln & Open WebUI misconfig putting orgs at risk2️⃣ Why attackers are still tricking help desks (and how!)3️⃣ The "lethal trifecta" of AI agent danger, explained 🧠🤖0:25 – Scattered Spider targets the aviation industry1:38 – Help desk hacks:...
Pyramid of Pain, PEAK, and Bagpipes with David Bianco 25.06.2025 27:29
🎙️ New ep: David Bianco from Splunk with 🔥 insights from a lifetime of threat hunting. Eden Koby Naftali & Amitai Cohen sat down with David Bianco, creator of some of the most influential models in cyber detection. What they got into ⬇️1) How a threat intel milestone led to the Pyramid of Pain2) Why detection isn't just about indicators3) What good threat hunting teams actually do#CryingO...
AI-powered Security, Shared Fate, and an Archery Lesson with Dr. Anton Chuvakin 29.05.2025 25:39
🎙️ Just dropped: Dr. Anton Chuvakin from Google Cloud, with legendary insights (and cloud security jokes).Eden Koby Naftali & Amitai Cohen sat down with Dr. Anton Chuvakin, Google Cloud's Office of the CISO, and the guy who made SIEM cool! What they got into ⬇️ 1) Why SOCs are broken (and full of toil)2) How to actually apply AI in security3) Why cloud appliances are still a problem4) Wh...
UK Retail Breaches, SAP 0day, and CVE Troubles 14.05.2025 29:05
🎙️ All you need to know from Ransomware to CVE Programs!☁️ Join Amitai Cohen and Eden Naftali as they break down the top stories in the cloud:- UK Retail Sector Hit by Ransomware (DragonForce & Scattered Spider)- SAP NetWeaver Vulnerability Exploited in the Wild- CVE Program Faces Major Backlog and Trust Issues
Bug Bounty Secrets, Hacker Communities, and a Hit of Volleyball with Justin Gardner 08.05.2025 40:24
🎙️ Listen to the biggest insights of bug bounty hunting with Justin Gardner 🚨 In this episode, Amitai Cohen and Eden Naftali are joined by none other than Justin , renowned bug bounty hunter and host of the Creative Thinking podcast (ctbbpodcast). Justin unpacks some of today's 🔥 topics: - Bug bounty disclosure challenges & trends - Security stories from tech giants: lessons we can all l...
Quadruple Supply Chain Attack, IngressNightmare Exploited, and Rumors Abound 09.04.2025 28:47
🎙️ All you need to know on the latest discoveries and updates ft. Rami McCarthy 🚨In this episode of Crying Out Cloud, @Amitai Cohen & @Eden Koby Naftali are joined by Rami — a Principal Security Researcher here at Wiz. Rami adds some energy and expertise to the table as we dive into a variety of topics:• GitHub Action supply chain attack • IngressNightmare updates. A follow-up to our last epi...
Ingress Nightmare: How a Single Request Could Take Over Your K8s Cluster 25.03.2025 22:26
🎙️ All you need to know on our latest discovery #IngressNightmare 🚨In this episode of Crying Out Cloud, Amitai Cohen & Eden Koby Naftali are joined by Nir Ohfeld — Head of Vulnerability Research at Wiz. Nir and his team have uncovered some of the most impactful vulnerabilities affecting cloud and SaaS applications. In this episode, he's diving into the latest discovery, a critical vulnera...
From Hotmail Hacks to AI hype, CTFs & Cloud Guardian: with Ashish Rajan 05.03.2025 21:56
🎙 Ready for the latest on AI, cloud security, and Fortune 500 challenges? This week on our podcast Crying Out Cloud, we're joined by none other than Ashish Rajan— a seasoned cybersecurity leader and host of the AI Cybersecurity Podcast & Cloud Security Podcast. Amitai Cohen & Eden Koby Naftali dive into:- The evolution of AI & cloud security- Lessons from securing Fortune 500 &...
HACKERS ARE HIJACKING CLOUD KEYS: The Rise of Cloud-Native Ransomware 21.02.2025 23:21
From Supply Chain Attacks to S3 Ransomware: Critical Cloud Security Stories You Need to Know. 🎙️ In this episode of Crying Out Cloud, Eden and Amitai break down the latest cloud security chaos, from sneaky supply chain attacks to AI-powered malware:1) How attackers exploited a GitHub misconfiguration to enable a supply chain attack.2) The latest twist on cloud-native extortion (spoiler: it all com...
Norwegian Cloud Security, Open Source Tools, and Financial Sector Risks with Karim El-Melhaoui 10.02.2025 21:58
🎙️ SEASON PREMIERE ALERT: Tune in to our latest episode featuring Karim El-Melhaoui, where we dive into the latest cloud security challenges ☁️🔥 Amitai Cohen & Eden Koby Naftali are kicking off the season with:- Cyber risk vs. operational risk – Why cyber risk is harder to quantify and how Norges Bank used NIST's Cybersecurity Framework to strengthen resilience.- Open-source tools fuel in...
Ähnliche Podcasts
Replaio ist kein Herausgeber von Podcasts; die Namen der Sendungen, Cover und Audioinhalte gehören ihren Autoren und werden über öffentliche RSS-Feeds verbreitet