Cloud Security Archives - Page 4 of 4 - Intezer
10

Make your First Malware Honeypot in Under 20 Minutes

A “honeypot” is a metaphor that references using honey as bait for a lure or trap. Honeypots have served many purposes in...

3

Log4Shell (Log4j RCE): Detecting Post-Exploitation Evidence is Best Chance for Mitigation

Vulnerabilities like Log4Shell (CVE-2021-44228) are difficult to contain using traditional mitigation options and they can be hard to patch. It can be hard to...

5

Implement these MITRE D3FEND™ Techniques with Intezer Protect

The MITRE Corporation released D3FEND™ (aka MITRE DEFEND™), a complementary framework to its industry acclaimed MITRE ATT&CK® matrix. MITRE D3FEND provides defense techniques...

9

Misconfigured Airflows Leak Thousands of Credentials from Popular Services

This research refers to misconfigured Apache Airflow managed by individuals or organizations (“users”). As a result of the misconfiguration, the credentials of...

5

Essential Security Tools for GCP

Cloud security constructs are always aligned with the concept of shared responsibility. GCP emulates this principle with its own shared responsibility model,...

4

What is a Cloud Workload Protection Platform (CWPP)? And Why Do You Need It?

The cloud has completely transformed the IT landscape over the last few years. And it’s now entering a new era of hybrid-cloud...

10

Guide to Digital Forensics Incident Response in the Cloud

Enterprises today rely on a wide range of cloud services—infrastructure as a service (IaaS), platform as a service (PaaS), software as a...

6

New Attacks on Kubernetes via Misconfigured Argo Workflows

Key Points Intezer has detected a new attack vector against Kubernetes (K8s) clusters via misconfigured Argo Workflows instances. Attackers are already taking advantage of this...

2

Reduce the Attack Surface with These Unique Runtime Features

Prioritize immediate risks in your cloud production environment Recently added Intezer Protect features for reducing the likelihood of an attack have a unique...

5

Why Relying on the Cloud Provider for Security is Not Enough

73% of organizations using the cloud are not sure which parts of security fall under their responsibility. Ultimately, the customer is responsible for...

5

9 Tools to Use Right Now to Improve Azure Platform Security

Security is changing as companies move their mission-critical workloads to the cloud, with Azure as one of the preferred destinations. Security in Azure follows...

5

7 Most Important AWS Security Tools

Like all leading cloud service providers, AWS follows a shared responsibility model for security and compliance. While platform-level security is owned and managed...

6

CVE-2021-27075: Microsoft Azure Vulnerability Allows Privilege Escalation and Leak of Private Data

In this post I will explain how the Microsoft Azure Virtual Machine (VM) extension works and how we found a fatal vulnerability in...

7

HabitsRAT Used to Target Linux and Windows Servers

We have discovered a new malware written in Go, which we are calling HabitsRAT, targeting both Windows and Linux machines. The Windows version of...

4

How to Secure Cloud Non-Native Workloads

Not All Applications are Cloud-Native Companies are adopting cloud at a faster pace but not all applications are born cloud-native. Many traditional...

5

Royal Flush: Privilege Escalation Vulnerability in Azure Functions

One of the most common benefits of transitioning to cloud services is the shared responsibility for securing your assets. But cloud providers...

6

Rocke Group Actively Targeting the Cloud: Wants Your SSH Keys

New Malware Variant Exploits Production Environment Rocke Group is a Chinese-based threat actor most known for running cryptojacking malware on Linux machines. The...

5

Cloud-Native Security 101

The arrival of the cloud has changed the application development process. Agile cloud-native applications have replaced traditional monolithic application architectures, and components...

5

Cloud Security Fundamentals: Servers to Containers & Everything In-Between

With Linux being the operating system for 96% of the cloud, the landscape has changed beyond endpoint detection. Intezer Protect is built...

3

Announcing Configuration Checks and Vulnerability Management

We’re excited to announce the release of two new Intezer Protect features. Intezer Protect now offers under the same roof not only...

4

Top 10 Cloud Malware Threats

They all target Linux systems For a long time Linux has not been seen as a serious target of threat actors. This...

5

New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor

We discovered a new sophisticated backdoor targeting Linux endpoints and servers Based on Tactics, Techniques, and Procedures (TTPs) the backdoor is believed to...

4

Kaiji Goes Through Update but Code Reuse Detects It

Kaiji is a Linux malware that targets cloud servers Last week we detected a new Kaiji variant. It was undetected by all...

3

Year of the Gopher: 2020 Go Malware Round-Up

Developers are not the only ones that have adopted Go. Malware written in Go has been steadily increasing. In the last few...

3

2020 Set a Record for New Linux Malware Families

Intezer’s 2021 X-Force Threat Intel Index Highlights It was a lot of fun collaborating with IBM on their 2021 X-Force Threat Intelligence...

6

Do You Really Need Kubernetes?

Kubernetes is one of the top open-source container orchestration projects, as it dramatically simplifies the creation and management of applications by providing...

3

Fix your Misconfigured Docker API Ports

It can be the difference between maintaining a safe environment for your applications or a compromised machine running malicious code. Misconfiguration of...

8

How We Escaped Docker in Azure Functions

Summary of Findings What is Azure Functions? Technical Analysis Proof of Concept Why Does this Matter? Summary of Findings In previous months...

3

Swat Away Pesky Linux Cryptominers in Runtime

Cryptocurrency is trending. Bitcoin traded at a record high nearly $42,000 this month. Now Ether, the world’s second largest cryptocurrency, is closing in...

7

Transitioning Traditional Apps into the Cloud

For organizations, cloud adoption is the primary driver of digital transformation and modernizing traditional applications to cloud constructs is a major milestone....

6

A Rare Look Inside a Cryptojacking Campaign and its Profit

Intro Linux threats are becoming more frequent. A common type of Linux threat is cryptojacking, which is the unauthorized use of an...

6

Early Bird Catches the Worm: New Golang Worm Drops XMRig Miner on Servers

Intro In early December, we discovered a new, undetected worm written in Golang. This worm continues the popular 2020 trend of multi-platform malware developed...

3

Top Linux Cloud Threats of 2020

We tagged 2019 as The Year of the Linux Threat. That trend continued in 2020 with high profile APTs launching ELF malware,...

9

Cloud Workload Security: What You Need to Know - Part 1

Cloud proliferation is on the rise, and more than ever before, security teams are on the lookout for solutions that align with...

5

Complementing Your CSPM with Runtime Cloud Workload Protection

There are many solutions available for securing your cloud applications and workloads. Even after doing your due diligence and making an investment,...

4

Introducing runtime Cloud Workload Protection Platform (CWPP) Intezer Protect

Unveiling our Cloud Workload Protection Platform (CWPP) which defends your cloud servers in runtime against the leading cause of cyber attacks: unauthorized and malicious...

2

Intezer Protect: How it Works

Intezer Protect is our NEW runtime Cloud Workload Protection Platform (CWPP). Powered by Malware Analysis technology, this solution continuously monitors the code running...

3

Genetic Malware Analysis for Golang

Intezer Analyze now proudly supports genetic analysis for files created with the Golang programming language. Community and enterprise users can detect and...

© Intezer.com 2022 All rights reserved
Integrate with EDRs like CrowdStrike and SentinelOne to automate alert triage & response tasks.Integrate with EDRs like CrowdStrike and SentinelOne Learn more