In the past few years I created some twitter threads (e.g. Windows Kernel Security Linux Kernel Security) on a number of publications I found the most interesting within the vulnerability research...

Permiso identified a credential harvesting campaign targeting cloud infrastructure for the purpose of harvesting credentials. The majority of the victim system were running public facing Juptyer...

Critical RCE vulnerability found in Linux kernel's `ksmbd` module: remote attackers can execute code without authentication. The module is not enabled by default on most operating systems.

Omni is an NFT money market on Ethereum. It allowed for borrowing and lending via NFTs. For instance, a user could borrow an ERC20 asset for the NFT put up as collateral. This makes the NFT more...

ping is a program to test network reachability of remote hosts. ping makes use of raw sockets in order to make ICMP messages. ping reads raw IP packages from the network responses. As part of this...

CheckMk is an IT infrastructure monitoring solution written in Python and C++, similar to Zabbix and Icinga. The architecture has an Apache reverse proxy which directs request to several web...

The NXP SoC chip has various fuse configurations for security sensitive operations. Once a fuse has been blown, the functionality is forever disabled. The fuse SDP_READ_DISABLE is used to prevent...

Riot Games is a video game creator with many different websites. Because of this, there are many different endpoints that need access to metadata associated with the user. In order to do this,...

A new exploit method targeting CVE-2022-41080 and CVE-2022-41082 vulnerabilities in Exchange servers, which can bypass previous workarounds, has been discovered and exploited in the wild....

Wiz enhances its Dynamic Scanner to detect publicly exposed, unauthenticated APIs

On 2022-12-21, an incident was reported, involving an unknown actor, gaining initial access via Unknown, targeting GitHub to achieve Data exfiltration.

Easily detect dangling domains to reduce the risk of phishing campaigns and cookie harvesting of organization’s customers.

In the previous post we talked about writing x64dbg scripts, now let’s dive deeper and write our own plugin to do the same job (automatically dumping unpacked PE payloads in memory). x64dbg comes...

Wiz extends its cloud analysis with an external scanner, giving customers an attacker's view of their externally exposed resources to reduce noise.

x64dbg is an open-source x64/x32 debugger for windows, it has dozens of features that make the life of reverse engineers and malware analysts easier. One of the coolest features of x64dbg is that...

Learn about how AWS's recently released Delegated Administrator for AWS Organization can be used to solve common problems at your company and the issues you might run into with it.

A step-by-step framework for modeling and improving SaaS and PaaS tenant isolation by reducing your cloud applications’ attack surface

Detect and mitigate CVE-2022-27518, a Citrix ADC and Gateway unauthenticated RCE 0-day exploited in the wild by a nation state actor. Organizations should patch urgently.

CI/CD pipelines, as an essential part of the software development process, are an attractive target to malicious actors. Based on our research of cloud environments, we share common...

Wiz extends its CIEM capabilities to enable least privilege access for Azure environments.

I would like to talk about some of the tricks and methods I have seen used to gain that all important initial access to remote systems. Specifically, the unexpected and unusual.

AWS re:Invent is the largest conference of the year for Amazon Web Services (AWS) with hundreds of talks. We picked our favorite cloud security talks that are available online.

Ransomware is a sophisticated malware that infects computing devices and holds the data hostage intending to extort money from its victims. Ransomware uses encryption techniques that render the...

Wiz adds full detection of cloud services for deeper visibility and control over shadow IT.

Hear from industry experts to understand the challenges ahead and best practices CISOs can follow to avoid issues in the future.

Wiz extends its risk assessment to support host and application level misconfigurations, enabling customers to ensure security and compliance posture for applications.

We'd like to take a moment this holiday season to recognize our greatest asset—our customers.

Kent Ickler // It’s been over two years since Jordan and I talked about a Blue Team’s perspective on Red Team tools. A Blue Team’s Perspective on Red Team Hack […] The post PlumHound Reporting...

Get all the news from Las Vegas and learn about how Wiz and AWS continue to strengthen a strategic relationship to secure customers’ AWS environments.

Two ways that things can be hacked in blockchain-land: attacking code running on the blockchain or attacking the blockchain itself. While auditing code for the EVM implementation for Polkadot...