Sagi Tzadik is a security researcher in Wiz Research Team. Sagi specializes in research and exploitation of web applications vulnerabilities, as well as reverse engineering and binary exploitation.
CVE-2023-38545 high severity vulnerability in cURL: everything you need to know
Detect and mitigate CVE-2023-38545, a high severity buffer overflow vulnerability in cURL. Organizations should upgrade to the patched version.
GameOver(lay): Easy-to-exploit local privilege escalation vulnerabilities in Ubuntu Linux affect 40% of Ubuntu cloud workloads
Wiz Research discovered CVE-2023-2640 and CVE-2023-32629, two easy-to-exploit privilege escalation vulnerabilities in the OverlayFS module in Ubuntu affecting 40% of Ubuntu cloud workloads.
The cloud has an isolation problem: PostgreSQL vulnerabilities affect multiple cloud vendors
How Wiz Research uncovered multiple related vulnerabilities in PostgreSQL-as-a-Service offerings from GCP, Azure, and others.
Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL
Wiz Research discovers a chain of critical vulnerabilities in the widely used Azure Database for PostgreSQL Flexible Server.
ChaosDB explained: Azure's Cosmos DB vulnerability walkthrough
This is the full story of the Azure ChaosDB Vulnerability that was discovered and disclosed by the Wiz Research Team, where we were able to gain complete unrestricted access to the databases of several thousand Microsoft Azure customers.
How we broke the cloud with two lines of code: the full story of ChaosDB
A summary and recording of Wiz's talk at BlackHat Europe 2021: the full extent of ChaosDB, the impact it had, and the questions it raises about security in managed cloud services.
ChaosDB: How we hacked thousands of Azure customers’ databases
As part of building a market-leading CNAPP, Wiz Research is constantly looking for new attack surfaces in the cloud. Two weeks ago we discovered an unprecedented breach that affects Azure’s flagship database service, Cosmos DB.