Paul Litvak, Author at Intezer
6

CVE-2021-27075: Microsoft Azure Vulnerability Allows Privilege Escalation and Leak of Private Data

In this post I will explain how the Microsoft Azure Virtual Machine (VM) extension works and how we found a fatal vulnerability in...

5

Royal Flush: Privilege Escalation Vulnerability in Azure Functions

One of the most common benefits of transitioning to cloud services is the shared responsibility for securing your assets. But cloud providers...

8

How We Escaped Docker in Azure Functions

Summary of Findings What is Azure Functions? Technical Analysis Proof of Concept Why Does this Matter? Summary of Findings In previous months...

3

CVE-2020-16995: Microsoft Azure Network Watcher Linux Extension EoP

Intro In our last blog post we disclosed an escalation of privileges vulnerability in Microsoft Azure App Services. In this post, we’ll describe...

6

Kud I Enter Your Server? New Vulnerabilities in Microsoft Azure

Main Findings We discovered two vulnerabilities in Microsoft Azure. They existed in a popular cloud service called Azure App Services—specifically impacting Linux...

3

VB2020 - Advanced Pasta Threat: Mapping Malware Use of Open Source Offensive Security Tools

The term Offensive Security Tool, also known as OST, is a controversial subject within the InfoSec community. It often sparks fierce debate...

7

Using YARA Rules to Turn Open Source Against Malware

Introduction Offensive Security Tools are any kind of functionality meant to facilitate intrusions and security bypasses in order to achieve the former....

6

The Evolution of APT15’s Codebase 2020

The Ke3chang group, also known as APT15, is an alleged Chinese government-backed cluster of teams known to target various high-profile entities spanning...

5

Kaiji: New Chinese Linux malware turning to Golang

It is not often that you see a botnet’s tooling written from scratch. The Internet of things (IoT) botnet ecosystem is relatively well-documented by...

5

Evasion Techniques Dissected: A Mirai Case Study

Code reuse analysis vs. signature-based detection We are often asked the question, “what sets your approach apart from other malware detection solutions?”...

7

New Iranian Campaign Tailored to US Companies Utilizes an Updated Toolset

Introduction Our researchers Paul Litvak and Michael Kajilolti have discovered a new campaign conducted by APT34 employing an updated toolset. Based on uncovered...

8

Watching the WatchBog: New BlueKeep Scanner and Linux Exploits

Overview We have discovered a new version of WatchBog—a cryptocurrency-mining botnet operational since late 2018—that we suspect has compromised more than 4,500 Linux...

8

EvilGnome: Rare Malware Spying on Linux Desktop Users

Introduction Linux desktop remains an unpopular choice among mainstream desktop users, making up a little more than 2% of the desktop operating system...

5

Executable and Linkable Format 101 Part 4: Dynamic Linking

This is a new post in our Executable and Linkable Format (ELF) 101 series, where the goal is to spread awareness about the...

© Intezer.com 2022 All rights reserved
Launching Autonomous SecOps: Your Virtual, Algorithm-Driven Tier 1 SOC TeamLaunching Autonomous SecOps: Your Virtual, Algorithm-Driven Tier 1 SOC Team Learn more