Detect and mitigate CVE-2022-44877, a CentOS Control Web Panel (CWP) unauthenticated RCE exploited in the wild. Security teams are advised to patch urgently.
In this second blog post, we will discuss lateral movement risks from Kubernetes to the cloud. We will explain attacker TTPs, and outline best practices for security practitioners and cloud builders to help secure their cloud environments and mitigate risk.
The developers of PyTorch (a popular machine-learning framework) recently identified a malicious dependency confusion attack on the open-source project. Security teams are advised to check for infected resources and rotate any exposed keys.
CI/CD pipelines, as an essential part of the software development process, are an attractive target to malicious actors. Based on our research of cloud environments, we share common misconfigurations and provide tips on how to remediate them in order to prevent supply-chain attacks.
In this first blog post, we will introduce lateral movement as it pertains to the VPC. We will discuss attacker TTPs, and outline best practices for security practitioners and cloud builders to help secure their cloud environment and reduce risk.
Before it was patched, #AttachMe could have allowed attackers to access and modify any other users' OCI storage volumes without authorization, thereby violating cloud isolation. Upon disclosure, the vulnerability was fixed within hours by Oracle. No customer action was required.
Wiz finds Azure customers remain unpatched from cloud middleware vulnerability and collaborates with Microsoft to introduce an auto-patching solution against cloud middleware security issues and make the cloud safer
As more organizations move to the cloud, so do attackers. What can you do to better protect your cloud environment in 2022? Wiz Research has compiled the most pressing cloud security threats and how you can protect against them.
Wiz and EY (Ernest & Young) analyzed more than 200 enterprise cloud environments with thousands of cloud accounts. The results were striking: While 93% of all cloud environments are at risk from Log4Shell, on average organizations have patched 45% of their vulnerable cloud resources by Day 10.
This is the full story of the Azure ChaosDB Vulnerability that was discovered and disclosed by the Wiz Research Team, where we were able to gain complete unrestricted access to the databases of several thousand Microsoft Azure customers.
A summary and recording of Wiz's talk at BlackHat Europe 2021: the full extent of ChaosDB, the impact it had, and the questions it raises about security in managed cloud services.
Wiz Research recently found 4 critical vulnerabilities in OMI, which is one of Azure's most ubiquitous yet least known software agents and is deployed on a large portion of Linux VMs in Azure.
Wiz Research recently discovered a series of alarming vulnerabilities that highlight the supply chain risk of open source code, particularly for customers of cloud computing services.
Wiz Research found an unprecedented critical vulnerability in Azure Cosmos DB. The vulnerability gives any Azure user full admin access (read, write, delete) to another customers Cosmos DB instances without authorization.
As part of building a market-leading CNAPP, Wiz Research is constantly looking for new attack surfaces in the cloud. Two weeks ago we discovered an unprecedented breach that affects Azure’s flagship database service, Cosmos DB.
Last November, Wiz Research mapped all the services in AWS that allow access from other accounts to see if any of them might inadvertently expose customers and discovered 3 vulnerabilities in different AWS services that allowed anyone to read or write into the accounts of other AWS customers.
Wiz CTO Ami Luttwak discusses a new class of vulnerabilities discovered by Wiz Research, which exposed valuable dynamic DNS data from millions of endpoints worldwide.
Cloud identity permissions are complex. So complex that innocent looking permissions provided to 3rd party vendors can lead to unintended exposure of all of your data.
With an estimated 90% of cloud workloads running Linux based OS, with sudo being common across distributions, many Linux cloud assets are at risk and may be affected. Versions released as far back as 2011 are affected by this vulnerability.