Are Containers More Secure Than VMs?
Stop and think for a moment. How many virtual machines (VMs) do you have running in your production cloud environment? How many...
New Threat Intel Features in Intezer Analyze
We’ve made some updates in Intezer Analyze to improve your incident response and threat intelligence workflows. From classifying samples faster to staying...
Cloud Workload Security: What You Need to Know - Part 1
Cloud proliferation is on the rise, and more than ever before, security teams are on the lookout for solutions that align with...
Emotet Evolves but Code Remains Mostly the Same
Just after the publication of this post the US-CERT released an alert about Emotet. Evolution is the result of adaptations that take...
Looking Back on the Last Decade of Linux APT Attacks
APTs are targeting Linux systems more than they ever have. Linux Attacks are on the Rise The research community continues to witness...
Complementing Your CSPM with Runtime Cloud Workload Protection
There are many solutions available for securing your cloud applications and workloads. Even after doing your due diligence and making an investment,...
TTPs Matrix for Linux Cloud Servers with Detection Methods
Taking inspiration from the MITRE ATT&CK® framework, we previously developed a matrix categorizing adversary tactics and techniques for Linux cloud servers. Linux...
Community Beta Announcement
Registration is now open for the Intezer Protect community beta. Apply here Today we go live with the Intezer Protect community beta!...
What is Zero Trust Execution? Definition, Adoption & More
Zero Trust Execution is the industry recommended practice for securing workloads in the cloud. It provides a tight grip on your workloads...
Best Practices for Securing a Kubernetes Environment
Kubernetes (K8s) is the universal solution for container orchestration nowadays. This open-source tool allows a cluster to automatically scale, distribute, and handle...
Community Ghidra Plugin is Here
Ghidra is a free and open source reverse engineering tool developed by the NSA. The plugin reduces the burden on the analyst...
A Comparison of Cloud Workload Protection Strategies
Cloud Workload Protection (CWP) refers to the security of workloads running in the cloud in any type of computing environment, e.g. physical...
Get Access to our Weekly Linux Threat Feed
With an emphasis placed on protecting Windows endpoints, the antivirus industry is struggling to detect Linux threats. In a 2019 study conducted by...
Detect Malware Associated with the Most Exploited CVEs
Unpatched or undetected software vulnerabilities are a common method for malware delivery once exploited by attackers. Last month, the US-CERT urged IT...
IDA Pro Plugin Now Available to the Community
The Intezer Analyze IDA Pro plugin is now available to community users! IDA Pro is the most common reverse engineering platform for...
Best Practices for Securing a Docker Runtime Environment
The move to containerized workloads has proven to be a revolutionary step in the evolution of software engineering and distributed systems. One...
Intezer Contribution to IBM X-Force Cloud Threat Landscape Report
We dubbed 2019 the year of Linux threats, evidenced by over 20 of our researcher’s publications related to attacks on this operating...
Building a Robust App Control Strategy for your Cloud Workloads
The use of Application Control—commonly referred to as whitelisting or Zero Trust Execution—is considered to be a robust and essential Cloud Workload...
Intezer Analyze May Community Roundup
See below some of the threats our community detected this month 1. Fileless Dridex sample, originally with five detections in VirusTotal, contains a payload...
Mapping Binaries Inside a Microsoft Azure Cloud Server
Linux has become the “go-to” OS in cloud computing, running 90% of the public cloud workload. Linux usage has even surpassed Windows...
Intezer Recognized as Key Player in Latest Gartner Market Guide
Intezer Protect, Intezer’s new Cloud Workload Protection Platform (CWPP), has been recognized in the latest Gartner Market Guide only four months since...
Exploitation of SaltStack Vulnerabilities Signals Increase in Cloud Server Attacks
Recently attackers exploited vulnerabilities in the popular SaltStack infrastructure automation software to infect cloud servers. Several organizations and open-source projects had to...
What is Cloud Workload Protection?
As organizations and individuals alike have transitioned to the cloud over the past 15 years, this has led to an incredible transformation...
Intezer Analyze community roundup
Maze ransomware, APT41 and Lazarus highlight this month’s community samples 1. More_eggs variant with low Antivirus detections has modified string encoding mechanisms...
Malicious APKs share code during Covid-19 pandemic
Threat actors are exploiting fear and uncertainty to spread Covid-19 themed malicious Android package kits (APKs) onto users’ mobile devices. APKs pose...
Pre-runtime vulnerability scans or runtime protection: Which is better for your IaaS security?
Under Armour’s famous slogan sums up the mission perfectly: We Must Protect this House. As adoption of cloud services continues, security teams...
TTPs matrix for Linux cloud servers
Checklist for protecting your Linux cloud servers against cyber attacks Taking inspiration from the MITRE ATT&CK® framework, we have developed a matrix categorizing...
Maintain compliance while transitioning to the cloud
Conducting business in a cloud environment presents unique security challenges, including achieving and maintaining compliance with regulations that were designed with traditional...
Accelerate Reverse Engineering with Intezer's IDA Pro Plugin
IDA Pro is the most common reverse engineering platform for disassembling computer software. The...
The Human Element at RSA Conference
This year’s RSA Conference theme is the Human Element. At Intezer, we introduce an innovative approach called Genetic Malware Analysis which reveals the...
Intezer Featured in IBM X-Force Threat Index
Banking trojans and ransomware were the top innovators in 2019 malware code evolution Drawing on previous IBM X-Force collaboration in detecting new...
Introducing runtime Cloud Workload Protection Platform (CWPP) Intezer Protect
Unveiling our Cloud Workload Protection Platform (CWPP) which defends your cloud servers in runtime against the leading cause of cyber attacks: unauthorized and malicious...
Intezer Protect: How it Works
Intezer Protect is our NEW runtime Cloud Workload Protection Platform (CWPP). Powered by Genetic Malware Analysis technology, this solution continuously monitors the code...
Now Supporting Genetic Malware Analysis for Android Applications
We are excited to share that we now support Genetic Malware Analysis for Android applications! Intezer Analyze community and enterprise users can...
Exploring the Chinese DDoS Threat Landscape [Research Report]
Distributed denial-of-service attacks were on the rise in 2018 and continuing into 2019, ranging from a high volume of Mirai attacks to...
Genetic Malware Analysis for Golang
Intezer Analyze now proudly supports genetic analysis for files created with the Golang programming language. Community and enterprise users can detect and...
Intezer Analyze Use Case: Visibility Among Global SOCs
For mid to large size enterprises, protecting the organization against targeted cyber threats is often a global operation. It’s not uncommon for...
Russian Cybercrime Group FullofDeep Behind QNAPCrypt Ransomware Campaigns
Introduction We previously reported on how we managed to temporarily shut down 15 operative QNAPCrypt ransomware campaigns targeting Linux-based file storage systems...
Why we Should be Paying More Attention to Linux Threats
In a previous post we wrote for the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC), we discussed the emergence of...
HiddenWasp and the Emergence of Linux-based Threats
This blog post was featured as contributing content for the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC). The Linux threat...
Genetic Malware Analysis Use Cases: Government Agencies
Key Takeaways Genetic Malware Analysis technology, based on identifying code similarities to known software, helps government agencies address the following cybersecurity challenges:...
War on the Cloud: Cybercriminals Competing for Cryptocurrency Mining Foothold
The Pacha Group is a threat actor discovered by Intezer and profiled in a blog post published on February 28, 2019. Dating back...
Genetic Malware Analysis Use Cases: Financial Services
2018 saw an increase in distributed denial-of-service (DDoS) attacks and phishing campaigns targeting financial services institutions. Malware, in particular, continues to play...
Meet the Team: Shaul Holtzman
Get to know Intezer’s community manager, Shaul Holtzman. Shaul is a former cybersecurity analyst helping organizations detect and classify advanced cyber threats....
Pacha Group, A New Threat Actor Deploying Undetected Cryptojacking Campaigns on Linux Servers
Key Takeaways: • Intezer has evidence of a new threat actor, calling it Pacha Group, which has been deploying undetected cryptojacking campaigns...
Verifying Code Reuse Between Ursnif and 'Brexit' Malware Campaign Targeting the United Kingdom
Today My Online Security published research describing a fairly large Ursnif campaign targeting the United Kingdom. The threat actors behind the attack are using...
The Researchers' View: Insights from Leading Global Security Researchers
At Intezer information sharing is a key component of our makeup and reflected in our technology. In the spirit of industry collaboration...
NEW: Intezer Compromise Assessment Service
GET AN INDEPENDENT EXAMINATION OF YOUR IT ENVIRONMENT TO DETECT ANY EXISTING CYBER ATTACK IN YOUR NETWORK Intezer, today announced the...
Intezer Analyze™ FREE community edition
This isn’t a gimmick, we’re providing this quota FREE of charge. Intezer Analyze™ was created by incident team experts for incident...
Cyber Threat Diversion: Managing the False Positive Madness
Security teams have a lot of noise to deal with in their day-to-day jobs. Every organization is managing thousands of alerts each...
Meet the Founders: Alon Cohen
Serial entrepreneur Alon Cohen co-founded and grew one of the world’s first cyber security startups, CyberArk, which eventually became a ‘unicorn’. Now,...
North Korea and Iran Use CodeProject to Develop Their Malware
Software developers and malware authors share a desire to work smart, not hard In the software development world, engineers frequently use ready-made...