From wiz.io
The many ways to obtain credentials in AWS | Wiz Blog
1 1
Explore how AWS services provide IAM credentials. Learn key risks and detection strategies to secure your cloud environment against credential misuse.
#aws #ec2 #iam #infosec #cybersecurity
23h ago
From wiz.io
Making Sense of Kubernetes Initial Access Vectors Part 1 – Control Plane | Wiz Blog
0 1
Explore Kubernetes control plane access vectors, risks, and security strategies to prevent unauthorized access and protect your clusters from potential threats.
on Thu, 8AM
From wiz.io
Unpacking the Diicot Malware Targeting Linux Environments | Wiz Blog
0 2
We uncovered a new malware campaign targeting cloud environments that we attribute to the Diicot threat group.
on Tue, 11PM
From wiz.io
Exploring Spring Boot Actuator Misconfigurations | Wiz Blog
0 1
Misconfigurations in Spring Boot Actuator’s endpoints can leak environment variables, passwords, and API keys, and even lead to remote code execution.
on Tue, 7PM
From wiz.io
Inside a New Wave of LLM Hijacking on AWS | Wiz Blog
0 3
Discover the latest in LLM hijacking activity, including a dive into the JINX-2401 campaign targeting AWS environments with IAM privilege escalation tactics.
on Sun, 9PM
From wiz.io
Ultralytics AI Library Hacked via GitHub for Cryptomining | Wiz Blog
0 0
A supply chain attack on Ultralytics exploited GitHub Actions to inject malicious PyPI packages. Discover how it unfolded and the steps to mitigate the risk.
on Dec 9
From wiz.io
Wiz Defend: Delivering Cloud-Native Security Operations | Wiz Blog
0 0
SecOps teams can realize the promise of cloud-native security operations to detect, investigate, and respond to real-time threats in cloud environments.
on Dec 5
From wiz.io
Introducing Wiz Defend | Wiz Blog
0 0
We’re excited to announce the public preview of Wiz Defend, a cloud-native detection and response solution.
on Dec 2
From wiz.io
Kubernetes Initial Access Vectors Part 2: Data Plane | Wiz Blog
0 0
Learn about Kubernetes data plane access, including applications running on the cluster, container images, and execution-as-a-service workload types.
on Dec 1
From wiz.io
Wiz observes CVE-2024-0012 and CVE-2024-9474 exploitation | Wiz Blog
0 0
Wiz observes exploitation in the wild of PAN-OS vulnerabilities CVE-2024-0012 and CVE-2024-9474.
on Nov 22
From wiz.io
Overcoming Kubernetes Log Challenges in Detection | Wiz Blog
0 0
Learn key strategies to tackle Kubernetes audit log challenges across clouds for better detection and forensics in managed and unmanaged K8s clusters.
on Nov 17
From wiz.io
Unmasking Phishing: Strategies for identifying 0ktapus domains and beyond | Wiz Blog
0 0
Wiz Research looks at phishing tactics, along with how to trace and investigate these campaigns.
on Nov 8
From wiz.io
AI Security Posture Management (AI-SPM) Buyer’s Guide | Wiz
0 0
This buyer’s guide cuts through the noise and highlights the key features you should look for when evaluating solutions.
on Oct 21
From wiz.io
AWS Account Vending | Wiz Blog
0 0
How an AWS account vending strategy differs from a landing zone.
on Oct 17
From wiz.io
Wiz: #1 Cloud Security Software for Modern Cloud Protection
0 0
Wiz is the unified cloud security platform with prevention and response capabilities, enabling security and development teams to build faster and more securely.
on Oct 9
From wiz.io
Getting Started with AI Security | Wiz
0 0
Wiz is the unified cloud security platform with prevention and response capabilities, enabling security and development teams to build faster and more securely.
on Oct 1
From wiz.io
0 0
Critical severity vulnerability CVE-2024-0132 affecting NVIDIA Container Toolkit and GPU Operator presents high risk to AI workloads and environments.
on Sep 26
From wiz.io
Mastering Cloud-Specific IOCs for Enhanced Threat Detection | Wiz Blog
0 0
Discover how cloud-specific indicators of compromise differ from traditional IOCs and why they're crucial for threat detection in modern cloud environments.
on Sep 23
From wiz.io
Developers Deserve Better: Why Wiz Code Is Built for You. | Wiz Blog
0 0
Wiz Code helps developers integrate security into their workflow, with real-time guidance from code to cloud. Reduce last-minute fixes. Build with confidence.
on Sep 23
From wiz.io
DevOps Security Best Practices [Cheat Sheet] | Wiz
0 0
In this 12 page cheat sheet we'll cover best practices in core areas of DevOps: Secure coding practices, Infrastructure security, Monitoring and response.
on Sep 17
From wiz.io
Posts tagged #Research | Wiz Blog
0 0
Wiz is the unified cloud security platform with prevention and response capabilities, enabling security and development teams to build faster and more securely.
on Sep 11
From wiz.io
Introducing Wiz Code: Transform Your AppSec with Wiz | Wiz Blog
0 0
Wiz Code is here! Discover how this launch unifies security for cloud-native applications, protecting your code and infrastructure from development to runtime.
on Sep 11
From wiz.io
SeleniumGreed Cryptomining Campaign Exploiting Grid Services | Wiz Blog
0 0
SeleniumGreed is an active crypto-mining campaign targeting older versions of Grid services. Explore the risks, attack methods, and essential security measures.
on Jul 26
From wiz.io
$100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog
0 0
Wiz has become the fastest-growing software company ever, scaling from $1M to $100M ARR in only 18 months.
on Jul 20
From wiz.io
0 0
Wiz Research uncovers vulnerabilities in SAP AI Core, allowing malicious actors to take over the service and access customer data.
on Jul 18
From wiz.io
Gartner® Emerging Tech: Top 4 Security Risks of GenAI | Wiz
0 0
Wiz is the unified cloud security platform with prevention and response capabilities, enabling security and development teams to build faster and more securely.
on Jul 15
From wiz.io
Kubernetes Security For Dummies | Wiz
0 0
Discover new approaches to securing your containerized apps and Kubernetes clusters in this user-friendly book.
on Jul 2
From wiz.io
RCE vulnerability in OpenSSH: everything you need to know | Wiz Blog
0 0
Detect and mitigate CVE-2024-6387, a remote code execution vulnerability in OpenSSH. Organizations are advised to patch urgently.
on Jul 2
From wiz.io
CVE-2024-4577 RCE in PHP CGI: Everything you need to know | Wiz Blog
0 0
Detect and mitigate CVE-2024-4577, a critical remote code execution vulnerability in PHP CGI. Organizations are advised to patch urgently.
on Jun 26
From wiz.io
0 0
Wiz Research discovered CVE-2024-37032, an easy-to-exploit Remote Code Execution vulnerability in the open-source AI Infrastructure project Ollama.
on Jun 25
From wiz.io
CVE-2024-3094: Critical RCE Vulnerability Found in XZ Utils | Wiz Blog
0 0
CVE-2024-3094 is a malicious code vulnerability in versions 5.6.0 and 5.6.1 of XZ Utils, enabling an SSH authentication bypass in certain Linux distributions
on Jun 25
From wiz.io
DERO cryptojacking adopts new techniques to evade detection | Wiz Blog
0 0
Wiz research shares how threat actors behind the 2023 DERO cryptojacking campaign have adapted their techniques, and how to mitigate your risk.
on Jun 24
From wiz.io
CI/CD Pipeline Security Best Practices [Cheat Sheet] | Wiz
0 0
Get technical background information, actionable tips, code snippets, and screenshots, to secure your CI/CD pipelines.
on May 6
From wiz.io
Hugging Face works with Wiz to strengthen AI cloud security | Wiz Blog
0 0
Wiz researchers find architecture risks that may compromise AI-as-a-Service providers and risk customer data; works with Hugging Face on mitigations.
on Apr 19
From wiz.io
New EKS Access and Identity Features: A Security Analysis | Wiz Blog
0 0
The Wiz research team unpacks the security implications of the new EKS access and identity management features and recommends best practices when using them.
on Mar 22
From wiz.io
Announcing the K8s LAN Party Challenge | Wiz Blog
0 0
Test your investigation skills and K8s network security knowledge with the K8s LAN Party Challenge!
on Mar 12
From wiz.io
State of AI in the cloud 2024 | Wiz
0 0
In this report, we examine the explosive adoption of AI services and tools by cloud customers using the major cloud service providers (CSPs).
on Feb 22
From wiz.io
New attack vectors emerge via recent EKS updates | Wiz Blog
0 0
We explore how advancements in EKS Access Entries and Pod Identity have opened new attack vectors and offer examples of how adversaries could exploit them.
on Feb 14
From wiz.io
"Kubernetes Security for Dummies" by Wiz | Wiz Blog
0 0
Wiz presents a comprehensive guide to mastering Kubernetes security
on Feb 13
From wiz.io
The Top 10 AI Security Articles You Must Read in 2024 | Wiz Blog
0 0
We've curated a collection of 10 AI security articles that cover novel threats to AI models as well as strategies for developers to safeguard their models.
on Jan 25
From wiz.io
Cloud Threat Landscape: A Cloud Threat Intelligence Database | Wiz
0 0
The Cloud Threat Landscape is a growing threat intelligence database of cloud security incidents, actors, tools and techniques curated by Wiz's Research team.
on Jan 25
From wiz.io
0 0
A comprehensive threat intelligence database of cloud security incidents, actors, tools and techniques. Powered by Wiz Research.
on Jan 25
From wiz.io
Setting secure AWS defaults and avoiding misconfigurations | Wiz Blog
0 0
Wiz cloud security researcher, Scott Piper, suggests measures organizations can adopt to ensure secure defaults on AWS and improve their security posture.
on Jan 20
From wiz.io
0 0
Agentless cloud security and compliance for AWS, Azure, Google Cloud, and Kubernetes.
on Jan 20
From wiz.io
AWS Security Best Practices [Cheat Sheet] | Wiz
0 0
Agentless cloud security and compliance for AWS, Azure, Google Cloud, and Kubernetes.
on Dec 11, 2023
From wiz.io
AWS Security Foundations For Dummies | Wiz
0 0
Agentless cloud security and compliance for AWS, Azure, Google Cloud, and Kubernetes.
on Nov 23, 2023
From wiz.io
Unveiling eBPF: Harnessing Its Power to Solve Real-World Issues | Wiz Blog
0 0
Dive in a Kubernetes attack and see how eBPF and other security best practices can prevent these attacks.
on Nov 23, 2023
From wiz.io
Key Takeaways from the 2023 Kubernetes Security Report | Wiz Blog
0 0
Get the key highlights from the 2023 Kubernetes Security Report, which analyzed 200,000+ cloud accounts to to break down the state of Kubernetes security.
on Nov 16, 2023
From wiz.io
The 2023 Cloud Vulnerability Report | Wiz
0 0
Agentless cloud security and compliance for AWS, Azure, Google Cloud, and Kubernetes.
on Nov 15, 2023