Defending against database ransomware attacks
How attackers exploit exposed databases for extortion—and the defenses that work.
Hila Ramati
Hila is a threat hunting researcher at Wiz, where she focuses on identifying and investigating malicious behaviors across cloud environments. Her work focuses on uncovering misconfigurations, privilege abuse, and identity-based threats to support proactive detection and incident response.
Hila Ramati Posts
IMDS Abused: Hunting Rare Behaviors to Uncover Exploits
When common processes start asking the wrong questions
Widespread npm Supply Chain Attack: Breaking Down Impact & Scope Across Debug, Chalk, and Beyond
A deeper look at the npm debug/chalk supply-chain incident: deobfuscating the wallet-hijacking browser interceptor, quantifying the ~2-hour exposure with Wiz telemetry (~99% package prevalence, ~10% malware presence), and unpacking what made it spread so fast.
From Compromised Keys to Phishing Campaigns: Inside a Cloud Email Service Takeover
Exposed cloud credentials become the launchpad for mass phishing, highlighting email services as a prime target in cloud exploitation campaigns.
SharePoint Vulnerabilities (CVE-2025-53770 & CVE-2025-53771): Everything You Need to Know
Detect and mitigate CVE-2025-53770 and CVE-2025-53771 - critical vulnerabilities in Microsoft SharePoint Server currently under active exploitation.