One of the biggest pain points of cyber security teams is alert fatigue – trying to keep up with a tedious, never-ending...
In our interconnected society, the telecom industry is responsible for keeping the world connected 24/7. The telecommunication infrastructure uses satellites, internet providers,...
Manufacturers are building automated workflows for alert triage, incident response, and threat hunting to meet a rising volume of...
Automation can augment your security team to help you manage never-ending alerts, reduce skill gaps, and respond...
This post was originally published as a white paper in September 2021. Get the full report as a PDF here. Zusammenfassung (Executive...
Financial services are a high target for cyberattackers. The reason is easy to understand: attackers follow the money. Most work in this...
Threat actors use malicious software to cause damage to individuals and organizations. Malware is the most common form of a cyberattack because...
Vulnerabilities like Log4Shell (CVE-2021-44228) are difficult to contain using traditional mitigation options and they can be hard to patch. It can be hard to...
Malware is the thorn in the side of security analysts everywhere. The main question when getting a suspicious file alert is, “Is...
The MITRE Corporation released D3FEND™ (aka MITRE DEFEND™), a complementary framework to its industry acclaimed MITRE ATT&CK® matrix. MITRE D3FEND provides defense techniques...
Cloud Workload Protection Platforms (CWPPs) are a new generation of modern, scalable security solutions designed to protect applications in today’s landscape of...
Cloud security constructs are always aligned with the concept of shared responsibility. GCP emulates this principle with its own shared responsibility model,...
Do you remember how it felt to get your first email account? Not only were you able to communicate with multiple people...
The cloud has completely transformed the IT landscape over the last few years. And it’s now entering a new era of hybrid-cloud...
We are happy to introduce the Intezer Analyze plugin for Maltego. Combine insights from our malware analysis platform with Maltego’s graphical tool (And you...
The MITRE Corporation recently released MITRE D3FEND™, a complementary framework to its industry acclaimed MITRE ATT&CK® matrix. D3FEND provides defense techniques that...
If you have servers connected to the internet, you likely have valuable data stored on them that needs to be protected from...
Prioritize immediate risks in your cloud production environment Recently added Intezer Protect features for reducing the likelihood of an attack have a unique...
Security is changing as companies move their mission-critical workloads to the cloud, with Azure as one of the preferred destinations. Security in Azure follows...
Like all leading cloud service providers, AWS follows a shared responsibility model for security and compliance. While platform-level security is owned and managed...
Not All Applications are Cloud-Native Companies are adopting cloud at a faster pace but not all applications are born cloud-native. Many traditional...
The arrival of the cloud has changed the application development process. Agile cloud-native applications have replaced traditional monolithic application architectures, and components...
Significantly reduce memory forensics time from hours to minutes Memory analysis is a core component of a typical incident response process. In many cases...
They all target Linux systems For a long time Linux has not been seen as a serious target of threat actors. This...
Kaiji is a Linux malware that targets cloud servers Last week we detected a new Kaiji variant. It was undetected by all...
Developers are not the only ones that have adopted Go. Malware written in Go has been steadily increasing. In the last few...
Intezer’s 2021 X-Force Threat Intel Index Highlights It was a lot of fun collaborating with IBM on their 2021 X-Force Threat Intelligence...
Kubernetes is one of the top open-source container orchestration projects, as it dramatically simplifies the creation and management of applications by providing...
It can be the difference between maintaining a safe environment for your applications or a compromised machine running malicious code. Misconfiguration of...
For organizations, cloud adoption is the primary driver of digital transformation and modernizing traditional applications to cloud constructs is a major milestone....
What is Proactive Hunting? Advanced attacks like the SolarWinds backdoor and Pay2KEY are on the rise, while preventive solutions have failed to detect them....
We tagged 2019 as The Year of the Linux Threat. That trend continued in 2020 with high profile APTs launching ELF malware,...
Last week we launched the community edition of Intezer Protect. With strong Linux threat detection, low overhead and no slowdown in performance, Intezer Protect is...
We’re rolling out an important update to the Intezer Analyze community edition to better accommodate our users. Effective December 17 community users will have...
Free runtime protection for your cloud workloads Get Started Today we go live with the Intezer Protect community edition. After a few months...
In the spirit of Halloween we’re giving away YARA signatures for TrickBot and Emotet. Last year we handed out signatures for malware...
For traditional data center operations, security and compliance requirements have always been operational overhead. Traditional data centers are under unique stresses in...
Stop and think for a moment. How many virtual machines (VMs) do you have running in your production cloud environment? How many...
We’ve made some updates in Intezer Analyze to improve your incident response and threat intelligence workflows. From classifying samples faster to staying...
Cloud proliferation is on the rise, and more than ever before, security teams are on the lookout for solutions that align with...
Just after the publication of this post the US-CERT released an alert about Emotet. Evolution is the result of adaptations that take...
APTs are targeting Linux systems more than they ever have. Linux Attacks are on the Rise The research community continues to witness...
There are many solutions available for securing your cloud applications and workloads. Even after doing your due diligence and making an investment,...
Taking inspiration from the MITRE ATT&CK® framework, we previously developed a matrix categorizing adversary tactics and techniques for Linux cloud servers. Linux...
Update: Intezer Protect community edition is out of Beta and now available to everyone. Get Started Today we go live with the...
Zero Trust Execution is the industry recommended practice for securing workloads in the cloud. It provides a tight grip on your workloads...
Kubernetes (K8s) is the universal solution for container orchestration nowadays. This open-source tool allows a cluster to automatically scale, distribute, and handle...
Ghidra is a free and open source reverse engineering tool developed by the NSA. The plugin reduces the burden on the analyst...
Cloud Workload Protection (CWP) refers to the security of workloads running in the cloud in any type of computing environment, e.g. physical...
With an emphasis placed on protecting Windows endpoints, the antivirus industry is struggling to detect Linux threats. In a 2019 study conducted by...
Unpatched or undetected software vulnerabilities are a common method for malware delivery once exploited by attackers. Last month, the US-CERT urged IT...
The Intezer Analyze IDA Pro plugin is now available to community users! IDA Pro is the most common reverse engineering platform for...
The move to containerized workloads has proven to be a revolutionary step in the evolution of software engineering and distributed systems. One...
We dubbed 2019 the year of Linux threats, evidenced by over 20 of our researcher’s publications related to attacks on this operating...
The use of Application Control—commonly referred to as whitelisting or Zero Trust Execution—is considered to be a robust and essential Cloud Workload...
See below some of the threats our community detected this month 1. Fileless Dridex sample, originally with five detections in VirusTotal, contains a payload...
Linux has become the “go-to” OS in cloud computing, running 90% of the public cloud workload. Linux usage has even surpassed Windows...
Intezer Protect, Intezer’s new Cloud Workload Protection Platform (CWPP), has been recognized in the latest Gartner Market Guide only four months since...
Recently attackers exploited vulnerabilities in the popular SaltStack infrastructure automation software to infect cloud servers. Several organizations and open-source projects had to...
Cloud Workload Protection is the protection and overall security of workloads running in the cloud in any type of computing environment. As...
Maze ransomware, APT41 and Lazarus highlight this month’s community samples 1. More_eggs variant with low Antivirus detections has modified string encoding mechanisms...
Threat actors are exploiting fear and uncertainty to spread Covid-19 themed malicious Android package kits (APKs) onto users’ mobile devices. APKs pose...
Under Armour’s famous slogan sums up the mission perfectly: We Must Protect this House. As adoption of cloud services continues, security teams...
Checklist for protecting your Linux cloud servers against cyber attacks Taking inspiration from the MITRE ATT&CK® framework, we have developed a matrix categorizing...
Conducting business in a cloud environment presents unique security challenges, including achieving and maintaining compliance with regulations that were designed with traditional...
IDA Pro is the most common reverse engineering platform for disassembling computer software. The Intezer Analyze IDA Pro plugin accelerates reverse engineering...
This year’s RSA Conference theme is the Human Element. At Intezer, we introduce an innovative approach called Genetic Malware Analysis which reveals the...
Banking trojans and ransomware were the top innovators in 2019 malware code evolution Drawing on previous IBM X-Force collaboration in detecting new...
Unveiling our Cloud Workload Protection Platform (CWPP) which defends your cloud servers in runtime against the leading cause of cyber attacks: unauthorized and malicious...
Intezer Protect is our NEW runtime Cloud Workload Protection Platform (CWPP). Powered by Malware Analysis technology, this solution continuously monitors the code running...
We are excited to share that we now support Genetic Malware Analysis for Android applications! Intezer Analyze community and enterprise users can...
Distributed denial-of-service attacks were on the rise in 2018 and continuing into 2019, ranging from a high volume of Mirai attacks to...
Intezer Analyze now proudly supports genetic analysis for files created with the Golang programming language. Community and enterprise users can detect and...
For mid to large size enterprises, protecting the organization against targeted cyber threats is often a global operation. It’s not uncommon for...
Introduction We previously reported on how we managed to temporarily shut down 15 operative QNAPCrypt ransomware campaigns targeting Linux-based file storage systems...
In a previous post we wrote for the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC), we discussed the emergence of...
This blog post was featured as contributing content for the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC). The Linux threat...
The Pacha Group is a threat actor discovered by Intezer and profiled in a blog post published on February 28, 2019. Dating back...
Get to know Intezer’s community manager, Shaul Holtzman. Shaul is a former cybersecurity analyst helping organizations detect and classify advanced cyber threats....
Key Takeaways: • Intezer has evidence of a new threat actor, calling it Pacha Group, which has been deploying undetected cryptojacking campaigns...
Today My Online Security published research describing a fairly large Ursnif campaign targeting the United Kingdom. The threat actors behind the attack are using...
At Intezer information sharing is a key component of our makeup and reflected in our technology. In the spirit of industry collaboration...
GET AN INDEPENDENT EXAMINATION OF YOUR IT ENVIRONMENT TO DETECT ANY EXISTING CYBER ATTACK IN YOUR NETWORK Intezer, today announced the release...
This isn’t a gimmick, we’re providing this quota FREE of charge. Intezer Analyze™ was created by incident team experts for incident response...
Security teams have a lot of noise to deal with in their day-to-day jobs. Every organization is managing thousands of alerts each...
Serial entrepreneur Alon Cohen co-founded and grew one of the world’s first cyber security startups, CyberArk, which eventually became a ‘unicorn’. Now,...
Software developers and malware authors share a desire to work smart, not hard In the software development world, engineers frequently use ready-made...