https://www.facebook.com/IntezerLabs/

Cloud-Native Security 101

The arrival of the cloud has changed the application development process. Agile cloud-native applications have replaced traditional monolithic application architectures, and components...

Accelerate Incident Response with Intezer Analyze Volatility Plugin

Significantly reduce memory forensics time from hours to minutes Memory analysis is a core component of a typical incident response process. In many cases...

Top 10 Cloud Malware Threats

They all target Linux systems For a long time Linux has not been seen as a serious target of threat actors. This...

Kaiji Goes Through Update but Code Reuse Detects It

Kaiji is a Linux malware that targets cloud servers Last week we detected a new Kaiji variant. It was undetected by all...

Year of the Gopher: 2020 Go Malware Round-Up

Developers are not the only ones that have adopted Go. Malware written in Go has been steadily increasing. In the last few...

2020 Set a Record for New Linux Malware Families

Intezer’s 2021 X-Force Threat Intel Index Highlights It was a lot of fun collaborating with IBM on their 2021 X-Force Threat Intelligence...

Do You Really Need Kubernetes?

Kubernetes is one of the top open-source container orchestration projects, as it dramatically simplifies the creation and management of applications by providing...

Fix your Misconfigured Docker API Ports

It can be the difference between maintaining a safe environment for your applications or a compromised machine running malicious code. Misconfiguration of...

Cloud Workload Security: Part 4 - Explaining the Security Features of GCP

When it comes to securing your workloads in the cloud, having a well-defined security strategy with the right controls means that the...

Transitioning Traditional Apps into the Cloud

For organizations, cloud adoption is the primary driver of digital transformation and modernizing traditional applications to cloud constructs is a major milestone....

Proactive Hunting with Intezer

What is Proactive Hunting? Advanced attacks like the SolarWinds backdoor and Pay2KEY are on the rise, while preventive solutions have failed to detect them....

Top Linux Cloud Threats of 2020

We tagged 2019 as The Year of the Linux Threat. That trend continued in 2020 with high profile APTs launching ELF malware,...

8 Reasons to Try Intezer Protect Community Edition

Last week we launched the community edition of Intezer Protect. With strong Linux threat detection, low overhead and no slowdown in performance, Intezer Protect is...

Cloud Workload Security: Part 3 - Explaining Azure’s Security Features

Cloud security management will always remain an ongoing journey, as threats keep evolving and organizations need to keep updating their cloud security...

< 1

An Important Update

We’re rolling out an important update to the Intezer Analyze community edition to better accommodate our users. Effective December 17 community users will have...

Intezer Protect Community Edition Now Available

Free runtime protection for your cloud workloads Get Started Today we go live with the Intezer Protect community edition. After a few months...

Cloud Workload Security: Part 2 - Security Features of AWS

This article is the second post in our five-part series on security in the cloud today. In Part 1, we discussed what...

TrickBot or Treat 2.0

In the spirit of Halloween we’re giving away YARA signatures for TrickBot and Emotet. Last year we handed out signatures for malware...

Migrating to the Cloud: Compliance Issues When Transitioning from a Traditional Data Center

For traditional data center operations, security and compliance requirements have always been operational overhead. Traditional data centers are under unique stresses in...

Are Containers More Secure Than VMs?

Stop and think for a moment. How many virtual machines (VMs) do you have running in your production cloud environment? How many...

New Threat Intel Features in Intezer Analyze

We’ve made some updates in Intezer Analyze to improve your incident response and threat intelligence workflows. From classifying samples faster to staying...

Cloud Workload Security: What You Need to Know - Part 1

Cloud proliferation is on the rise, and more than ever before, security teams are on the lookout for solutions that align with...

Emotet Evolves but Code Remains Mostly the Same

Just after the publication of this post the US-CERT released an alert about Emotet. Evolution is the result of adaptations that take...

Looking Back on the Last Decade of Linux APT Attacks

APTs are targeting Linux systems more than they ever have. Linux Attacks are on the Rise The research community continues to witness...

Complementing Your CSPM with Runtime Cloud Workload Protection

There are many solutions available for securing your cloud applications and workloads. Even after doing your due diligence and making an investment,...

TTPs Matrix for Linux Cloud Servers with Detection Methods

Taking inspiration from the MITRE ATT&CK® framework, we previously developed a matrix categorizing adversary tactics and techniques for Linux cloud servers. Linux...

Community Beta Announcement

Update: Intezer Protect community edition is out of Beta and now available to everyone. Get Started Today we go live with the...

What is Zero Trust Execution? Definition, Adoption & More

Zero Trust Execution is the industry recommended practice for securing workloads in the cloud. It provides a tight grip on your workloads...

Best Practices for Securing a Kubernetes Environment

Kubernetes (K8s) is the universal solution for container orchestration nowadays. This open-source tool allows a cluster to automatically scale, distribute, and handle...

Community Ghidra Plugin is Here

Ghidra is a free and open source reverse engineering tool developed by the NSA. The plugin reduces the burden on the analyst...

A Comparison of Cloud Workload Protection Strategies

Cloud Workload Protection (CWP) refers to the security of workloads running in the cloud in any type of computing environment, e.g. physical...

Get Access to our Weekly Linux Threat Feed

With an emphasis placed on protecting Windows endpoints, the antivirus industry is struggling to detect Linux threats. In a 2019 study conducted by...

Detect Malware Associated with the Most Exploited CVEs

Unpatched or undetected software vulnerabilities are a common method for malware delivery once exploited by attackers. Last month, the US-CERT urged IT...

IDA Pro Plugin Now Available to the Community

The Intezer Analyze IDA Pro plugin is now available to community users! IDA Pro is the most common reverse engineering platform for...

Best Practices for Securing a Docker Runtime Environment

The move to containerized workloads has proven to be a revolutionary step in the evolution of software engineering and distributed systems. One...

Intezer Contribution to IBM X-Force Cloud Threat Landscape Report

We dubbed 2019 the year of Linux threats, evidenced by over 20 of our researcher’s publications related to attacks on this operating...

Building a Robust App Control Strategy for your Cloud Workloads

The use of Application Control—commonly referred to as whitelisting or Zero Trust Execution—is considered to be a robust and essential Cloud Workload...

Intezer Analyze May Community Roundup

See below some of the threats our community detected this month 1. Fileless Dridex sample, originally with five detections in VirusTotal, contains a payload...

Mapping Binaries Inside a Microsoft Azure Cloud Server

Linux has become the “go-to” OS in cloud computing, running 90% of the public cloud workload. Linux usage has even surpassed Windows...

< 1

Intezer Recognized as Key Player in Latest Gartner Market Guide

Intezer Protect, Intezer’s new Cloud Workload Protection Platform (CWPP), has been recognized in the latest Gartner Market Guide only four months since...

Exploitation of SaltStack Vulnerabilities Signals Increase in Cloud Server Attacks

Recently attackers exploited vulnerabilities in the popular SaltStack infrastructure automation software to infect cloud servers. Several organizations and open-source projects had to...

What is Cloud Workload Protection?

Cloud Workload Protection is the protection and overall security of workloads running in the cloud in any type of computing environment. As...

Intezer Analyze community roundup

Maze ransomware, APT41 and Lazarus highlight this month’s community samples 1. More_eggs variant with low Antivirus detections has modified string encoding mechanisms...

Malicious APKs share code during Covid-19 pandemic

Threat actors are exploiting fear and uncertainty to spread Covid-19 themed malicious Android package kits (APKs) onto users’ mobile devices. APKs pose...

Pre-runtime vulnerability scans or runtime protection: Which is better for your IaaS security?

Under Armour’s famous slogan sums up the mission perfectly: We Must Protect this House. As adoption of cloud services continues, security teams...

TTPs matrix for Linux cloud servers

Checklist for protecting your Linux cloud servers against cyber attacks Taking inspiration from the MITRE ATT&CK® framework, we have developed a matrix categorizing...

< 1

Maintain compliance while transitioning to the cloud

Conducting business in a cloud environment presents unique security challenges, including achieving and maintaining compliance with regulations that were designed with traditional...

< 1

Accelerate Reverse Engineering with Intezer's IDA Pro Plugin

IDA Pro is the most common reverse engineering platform for disassembling computer software. The...

< 1

The Human Element at RSA Conference

This year’s RSA Conference theme is the Human Element. At Intezer, we introduce an innovative approach called Genetic Malware Analysis which reveals the...

Intezer Featured in IBM X-Force Threat Index

Banking trojans and ransomware were the top innovators in 2019 malware code evolution Drawing on previous IBM X-Force collaboration in detecting new...

Introducing runtime Cloud Workload Protection Platform (CWPP) Intezer Protect

Unveiling our Cloud Workload Protection Platform (CWPP) which defends your cloud servers in runtime against the leading cause of cyber attacks: unauthorized and malicious...

Intezer Protect: How it Works

Intezer Protect is our NEW runtime Cloud Workload Protection Platform (CWPP). Powered by Genetic Malware Analysis technology, this solution continuously monitors the code...

< 1

Now Supporting Genetic Malware Analysis for Android Applications

We are excited to share that we now support Genetic Malware Analysis for Android applications! Intezer Analyze community and enterprise users can...

Exploring the Chinese DDoS Threat Landscape [Research Report]

Distributed denial-of-service attacks were on the rise in 2018 and continuing into 2019, ranging from a high volume of Mirai attacks to...

Genetic Malware Analysis for Golang

Intezer Analyze now proudly supports genetic analysis for files created with the Golang programming language. Community and enterprise users can detect and...

Intezer Analyze Use Case: Visibility Among Global SOCs

For mid to large size enterprises, protecting the organization against targeted cyber threats is often a global operation. It’s not uncommon for...

Russian Cybercrime Group FullofDeep Behind QNAPCrypt Ransomware Campaigns

Introduction We previously reported on how we managed to temporarily shut down 15 operative QNAPCrypt ransomware campaigns targeting Linux-based file storage systems...

Why we Should be Paying More Attention to Linux Threats

In a previous post we wrote for the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC), we discussed the emergence of...

HiddenWasp and the Emergence of Linux-based Threats

This blog post was featured as contributing content for the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC). The Linux threat...

< 1

War on the Cloud: Cybercriminals Competing for Cryptocurrency Mining Foothold

The Pacha Group is a threat actor discovered by Intezer and profiled in a blog post published on February 28, 2019. Dating back...

Genetic Malware Analysis Use Cases: Financial Services

2018 saw an increase in distributed denial-of-service (DDoS) attacks and phishing campaigns targeting financial services institutions. Malware, in particular, continues to play...

Meet the Team: Shaul Holtzman

Get to know Intezer’s community manager, Shaul Holtzman. Shaul is a former cybersecurity analyst helping organizations detect and classify advanced cyber threats....

Pacha Group, A New Threat Actor Deploying Undetected Cryptojacking Campaigns on Linux Servers

Key Takeaways: • Intezer has evidence of a new threat actor, calling it Pacha Group, which has been deploying undetected cryptojacking campaigns...

< 1

Verifying Code Reuse Between Ursnif and 'Brexit' Malware Campaign Targeting the United Kingdom

Today My Online Security published research describing a fairly large Ursnif campaign targeting the United Kingdom. The threat actors behind the attack are using...

< 1

The Researchers' View: Insights from Leading Global Security Researchers

At Intezer information sharing is a key component of our makeup and reflected in our technology. In the spirit of industry collaboration...

NEW: Intezer Compromise Assessment Service

GET AN INDEPENDENT EXAMINATION OF YOUR IT ENVIRONMENT TO DETECT ANY EXISTING CYBER ATTACK IN YOUR NETWORK Intezer, today announced the release...

Intezer Analyze™ FREE community edition

This isn’t a gimmick, we’re providing this quota FREE of charge. Intezer Analyze™ was created by incident team experts for incident response...

Cyber Threat Diversion: Managing the False Positive Madness

Security teams have a lot of noise to deal with in their day-to-day jobs. Every organization is managing thousands of alerts each...

Meet the Founders: Alon Cohen

Serial entrepreneur Alon Cohen co-founded and grew one of the world’s first cyber security startups, CyberArk, which eventually became a ‘unicorn’. Now,...

North Korea and Iran Use CodeProject to Develop Their Malware

Software developers and malware authors share a desire to work smart, not hard In the software development world, engineers frequently use ready-made...

About the Founders: Meet Itai Tevet

Itai Tevet was the self-described ‘PC kid’ whose fascination with technology led to a strong interest in information security–an interest that benefited...

GDPR: How to Bring Your Incident Response Plan Up to Speed

Every organization that is impacted by the sharing and storage of data are discussing the General Data Protection Regulation (GDPR), a recently...

Used by

Used for

Capabilities

Security for