Cloud security

Exact matches only

Search in title

Search in content

Search in excerpt

Search in posts

Search in pages

Kaiji Goes Through Update but Code Reuse Detects It

Kaiji is a Linux malware that targets cloud servers Last week we detected a new Kaiji variant. It was undetected by all...

2020 Set a Record for New Linux Malware Families

Intezer’s 2021 X-Force Threat Intel Index Highlights It was a lot of fun collaborating with IBM on their 2021 X-Force Threat Intelligence...

Do You Really Need Kubernetes?

Kubernetes is one of the top open-source container orchestration projects, as it dramatically simplifies the creation and management of applications by providing...

Fix your Misconfigured Docker API Ports

It can be the difference between maintaining a safe environment for your applications or a compromised machine running malicious code. Misconfiguration of...

How We Escaped Docker in Azure Functions

Summary of Findings What is Azure Functions? Technical Analysis Proof of Concept Why Does this Matter? Summary of Findings In previous months...

Swat Away Pesky Linux Cryptominers in Runtime

Cryptocurrency is trending. Bitcoin traded at a record high nearly $42,000 this month. Now Ether, the world’s second largest cryptocurrency, is closing in...

Cloud Workload Security: Part 4 - Explaining the Security Features of GCP

When it comes to securing your workloads in the cloud, having a well-defined security strategy with the right controls means that the...

Transitioning Traditional Apps into the Cloud

For organizations, cloud adoption is the primary driver of digital transformation and modernizing traditional applications to cloud constructs is a major milestone....

Top Linux Cloud Threats of 2020

We tagged 2019 as The Year of the Linux Threat. That trend continued in 2020 with high profile APTs launching ELF malware,...

8 Reasons to Try Intezer Protect Community Edition

Last week we launched the community edition of Intezer Protect. With strong Linux threat detection, low overhead and no slowdown in performance, Intezer Protect is...

Cloud Workload Security: Part 3 - Explaining Azure’s Security Features

Cloud security management will always remain an ongoing journey, as threats keep evolving and organizations need to keep updating their cloud security...

Intezer Protect Community Edition Now Available

Free runtime protection for your cloud workloads Get Started Today we go live with the Intezer Protect community edition. After a few months...

Not Another Linux Security Blog

Blogs about Linux cloud security are nothing new. However, most are filled with technical jargon that can make them difficult to understand....

Cloud Workload Security: Part 2 - Security Features of AWS

This article is the second post in our five-part series on security in the cloud today. In Part 1, we discussed what...

CVE-2020-16995: Microsoft Azure Network Watcher Linux Extension EoP

Intro In our last blog post we disclosed an escalation of privileges vulnerability in Microsoft Azure App Services. In this post, we’ll describe...

Exploiting a Vulnerable Version of Apache Struts

Code execution is the key ingredient in any successful cyber attack. Exploiting a misconfiguration or vulnerability are some of the more common...

Migrating to the Cloud: Compliance Issues When Transitioning from a Traditional Data Center

For traditional data center operations, security and compliance requirements have always been operational overhead. Traditional data centers are under unique stresses in...

Are Containers More Secure Than VMs?

Stop and think for a moment. How many virtual machines (VMs) do you have running in your production cloud environment? How many...

Cloud Workload Security: What You Need to Know - Part 1

Cloud proliferation is on the rise, and more than ever before, security teams are on the lookout for solutions that align with...

Kud I Enter Your Server? New Vulnerabilities in Microsoft Azure

Main Findings We discovered two vulnerabilities in Microsoft Azure. They existed in a popular cloud service called Azure App Services—specifically impacting Linux...

Looking Back on the Last Decade of Linux APT Attacks

APTs are targeting Linux systems more than they ever have. Linux Attacks are on the Rise The research community continues to witness...

Complementing Your CSPM with Runtime Cloud Workload Protection

There are many solutions available for securing your cloud applications and workloads. Even after doing your due diligence and making an investment,...

TTPs Matrix for Linux Cloud Servers with Detection Methods

Taking inspiration from the MITRE ATT&CK® framework, we previously developed a matrix categorizing adversary tactics and techniques for Linux cloud servers. Linux...

Attackers Abusing Legitimate Cloud Monitoring Tools to Conduct Cyber Attacks

Introduction TeamTNT is a cybercrime group that targets cloud environments including Docker and Kubernetes instances. The group has been previously documented using...

Community Beta Announcement

Update: Intezer Protect community edition is out of Beta and now available to everyone. Get Started Today we go live with the...

Watch Your Containers: Doki Infecting Docker Servers in the Cloud

Key Findings Ngrok Mining Botnet is an active campaign targeting exposed Docker servers in AWS, Azure, and other cloud platforms. It has...

What is Zero Trust Execution? Definition, Adoption & More

Zero Trust Execution is the industry recommended practice for securing workloads in the cloud. It provides a tight grip on your workloads...

Best Practices for Securing a Kubernetes Environment

Kubernetes (K8s) is the universal solution for container orchestration nowadays. This open-source tool allows a cluster to automatically scale, distribute, and handle...

A Comparison of Cloud Workload Protection Strategies

Cloud Workload Protection (CWP) refers to the security of workloads running in the cloud in any type of computing environment, e.g. physical...

Get Access to our Weekly Linux Threat Feed

With an emphasis placed on protecting Windows endpoints, the antivirus industry is struggling to detect Linux threats. In a 2019 study conducted by...

Best Practices for Securing a Docker Runtime Environment

The move to containerized workloads has proven to be a revolutionary step in the evolution of software engineering and distributed systems. One...

Intezer Contribution to IBM X-Force Cloud Threat Landscape Report

We dubbed 2019 the year of Linux threats, evidenced by over 20 of our researcher’s publications related to attacks on this operating...

Building a Robust App Control Strategy for your Cloud Workloads

The use of Application Control—commonly referred to as whitelisting or Zero Trust Execution—is considered to be a robust and essential Cloud Workload...

< 1

Intezer Recognized as Key Player in Latest Gartner Market Guide

Intezer Protect, Intezer’s new Cloud Workload Protection Platform (CWPP), has been recognized in the latest Gartner Market Guide only four months since...

Exploitation of SaltStack Vulnerabilities Signals Increase in Cloud Server Attacks

Recently attackers exploited vulnerabilities in the popular SaltStack infrastructure automation software to infect cloud servers. Several organizations and open-source projects had to...

What is Cloud Workload Protection?

Cloud Workload Protection is the protection and overall security of workloads running in the cloud in any type of computing environment. As...

Pre-runtime vulnerability scans or runtime protection: Which is better for your IaaS security?

Under Armour’s famous slogan sums up the mission perfectly: We Must Protect this House. As adoption of cloud services continues, security teams...

TTPs matrix for Linux cloud servers

Checklist for protecting your Linux cloud servers against cyber attacks Taking inspiration from the MITRE ATT&CK® framework, we have developed a matrix categorizing...

< 1

Maintain compliance while transitioning to the cloud

Conducting business in a cloud environment presents unique security challenges, including achieving and maintaining compliance with regulations that were designed with traditional...

Introducing runtime Cloud Workload Protection Platform (CWPP) Intezer Protect

Unveiling our Cloud Workload Protection Platform (CWPP) which defends your cloud servers in runtime against the leading cause of cyber attacks: unauthorized and malicious...

Intezer Protect: How it Works

Intezer Protect is our NEW runtime Cloud Workload Protection Platform (CWPP). Powered by Genetic Malware Analysis technology, this solution continuously monitors the code...

A Straw-by-Straw Analysis: The Zero-Trust Approach for your Alert Haystack

This blog post serves as a preview to an Infosecurity Europe tech talk that will be presented on Wednesday, June 5, 2019....

Technical Analysis: Pacha Group Competing against Rocke Group for Cryptocurrency Mining Foothold on the Cloud

Pacha Group is a crypto-mining threat actor we at Intezer discovered and profiled in a blog post published on February 28, 2019....

< 1

War on the Cloud: Cybercriminals Competing for Cryptocurrency Mining Foothold

The Pacha Group is a threat actor discovered by Intezer and profiled in a blog post published on February 28, 2019. Dating back...

Used by

Used for

Capabilities

Security for