Lock down your cloud infrastructure with the new Wiz integration with Microsoft Sentinel. Gain full context, support thorough investigations, and automate your response for ultimate security.

According to Microsoft Threat Research, during a campaign by Iranian state-sponsored actor Peach Sandstorm, they were observed utilizing password spray attacks to gain unauthorized access to...

Online court filings place Kent McLellan, who goes by the alias Boneface, in Florida at the same time he claims he was fighting in last year’s bloody siege of Mariupol. The post US neo-Nazi says...

The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.

Cryptsetup is used to unlock the system partition when using the Linux Unified Key Setup (LUKS). This is all about full disk encryption! When booting up in Linux, there is a special file system...

Full disk encryption for an unintended computer is a surprising difficult problem to solve. A classic way of doing this is using a TPM to store an encryption key but only having the encryption key...

A commit-reveal scheme is a mechanism to have a secret value on chain without actually disclosing it until it's necessary. This is useful since everything on the blockchain is public. The commit...

The security breach was discovered by Rollbar on September 6 when reviewing data warehouse logs showing that a service account was used to log into the cloud-based bug monitoring platform.Once...

The threat actors gained access to the customer's Azure portal, where they obtained the Azure key required to access the storage account programmatically. The adversary encoded the keys using...

The Wiz Runtime Sensor for Kubernetes graduates to general availability with proven ability to detect cloud attacks, greater customization for detections, and new cloud-native response capabilities

Joint customers can now detect and prioritize public exposures with Wiz and automatically remediate unwanted exposures with FortiGate NGFW.

Authored by Joshua Kamp (main author) and Alberto Segura. Summary Hook and ERMAC are Android based malware families that are both advertised by the actor named “DukeEugene”. Hook is the latest...

Authored by Joshua Kamp (main author) and Alberto Segura. Summary Hook and ERMAC are Android based malware families that are both advertised by the actor named “DukeEugene”. Hook is the latest...

Learn about the process of preventing security issues by changing things outside of your environment by looking at how a misconfiguration was occurring when Github Actions were integrated with AWS...

Authored by Yashvi Shah Agent Tesla functions as a Remote Access Trojan (RAT) and an information stealer built on the... The post Agent Tesla’s Unique Approach: VBS and Steganography for Delivery...

The researchers observed a malicious IP address, previously flagged for conducting SSH brute force attempts, communicating with a malicious shell script named hoze. This script downloads xrx.tar,...

The Wiz research team examines Microsoft's latest Storm-0558 findings and summarizes the key learnings cloud customers should take away from the incident.

Patterson Cake // PART 1 PART 2 In part one of “Wrangling the M365 UAL,” we talked about acquiring, parsing, and querying UAL data using PowerShell and SOF-ELK. In part […] The post Wrangling the...

Threat Analysis Group shares findings on a new campaign by North Korean actors targeting security researchers.

The Cosmos SDK is a blockchain development framework for application specific blockchains. Built into its core is blockchain interoperability by IBC (interblockchain communication). Within the...

During the summer of 2023, using the Wiz Sensor, Wiz Research detected several different cryptomining campaigns targeting cloud workloads. Learn about these campaigns and their associated IoCs,...

1. EXECUTIVE SUMMARY ​CVSS v3 9.8 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Softneta ​Equipment: MedDream PACS ​Vulnerabilities: Exposed Dangerous Method or Function,...

On 2023-09-04, a campaign was reported, involving an unknown actor, gaining initial access via 1-day vulnerability, targeting MinIO with unknown impact.

Tornado Cash is a smart contract cryptocurrency mixer. This allows users at one address to withdraw funds at another address without creating a traceable link between the two addresses. Seems...

The integration of Wiz’s CNAPP and Google Cloud helps both cloud defenders and builders improve security and innovate faster.

Cypher is a protocol for lending, borrowing and trading using margin. Margin is the process of betting on assets using value that you are borrowing from somebody else. There are two types of...

The Content Security Policy (CSP) is used to restrict what can be done on a web page. This is useful for defense-in-depth on issues, like XSS, as well as framing. The origin of resources and the...

Authored by Preksha Saxena McAfee labs observed a Remcos RAT campaign where malicious VBS files were delivered via phishing email.... The post Peeling Back the Layers of RemcosRat Malware appeared...

On 2023-08-29, a campaign was reported, involving Kinsing operator, gaining initial access via 1-day vulnerability, Software misconfig, while using Misconfigured PostgreSQL abuse, targeting...

On 2023-08-29, a campaign was reported, involving UNC4841, gaining initial access via 0-day vulnerability, targeting Barracuda ESG to achieve Data exfiltration.