Bar Kaduri, Author at Orca Security

Critical XZ Utils Supply Chain Compromise Affects Multiple Linux Distributions (CVE-2024-3094)

‘Orca Watch’ Series

Critical XZ Utils Supply Chain Compromise Affects Multiple Linux Distributions (CVE-2024-3094)

A malicious backdoor has been discovered in the XZ Utils package, a popular data compression library used in major Linux...

Mar 30, 2024

Jenkins Vulnerability Estimated to Affect 43% of Cloud Environments

‘Orca Watch’ Series

Jenkins Vulnerability Estimated to Affect 43% of Cloud Environments

On January 24th, Jenkins, a widely used open source CI/CD automation tool, released a security advisory regarding a new critical...

Feb 01, 2024

Diving into Exploit Prediction Scoring System (EPSS) for Effective Vulnerability Management

Technical Deep Dives

Diving into Exploit Prediction Scoring System (EPSS) for Effective Vulnerability Management

Publicly disclosed computer vulnerabilities are compiled into a list called Common Vulnerabilities and Exposures (CVE). To understand the severity of...

Feb 01, 2024

How to Protect Against Midnight Blizzard-Style Kill Chains

‘Orca Watch’ Series

How to Protect Against Midnight Blizzard-Style Kill Chains

Last week, Microsoft revealed that the Russia-based threat actor group known as Midnight Blizzard, Cozy Bear, and APT29 had compromised...

Jan 30, 2024

The Biggest Cloud Security Threats to Watch Out for in 2024

‘Orca Watch’ Series

The Biggest Cloud Security Threats to Watch Out for in 2024

It’s hard to believe that 2023 is nearing its end. As we look ahead to 2024, the Orca Research Pod...

Dec 27, 2023

The Great CVSS Bake Off: Testing How CVSS v4 Performs Versus v3

Research

The Great CVSS Bake Off: Testing How CVSS v4 Performs Versus v3

The highly anticipated Common Vulnerability Scoring System (CVSS) version 4 is planned to be released on October 31st by the...

Oct 24, 2023

2023 Honeypotting in the Cloud Report: Attackers Discover and Weaponize Exposed Cloud Assets and Secrets in Minutes

‘Orca Watch’ Series

2023 Honeypotting in the Cloud Report: Attackers Discover and Weaponize Exposed Cloud Assets and Secrets in Minutes

The state of cloud security is a dynamic and ever-evolving landscape, as both attackers and defenders continuously adapt their tactics...

Jun 20, 2023

The Top 5 Cloud Security Risks of 2023 (so far)

‘Orca Watch’ Series

The Top 5 Cloud Security Risks of 2023 (so far)

As we approach the middle of 2023, we thought it an appropriate time to reflect on the cloud security risks...

May 18, 2023

Five Things You Need to Know About Malware on Storage Buckets

‘Orca Watch’ Series

Five Things You Need to Know About Malware on Storage Buckets

Cloud storage buckets, such as Amazon S3 Buckets, Azure Blob storage and GCP storage buckets, are a popular storage solution...

Mar 02, 2023

All articles by Bar Kaduri

Critical XZ Utils Supply Chain Compromise Affects Multiple Linux Distributions (CVE-2024-3094)

Jenkins Vulnerability Estimated to Affect 43% of Cloud Environments

Diving into Exploit Prediction Scoring System (EPSS) for Effective Vulnerability Management

How to Protect Against Midnight Blizzard-Style Kill Chains

The Biggest Cloud Security Threats to Watch Out for in 2024

The Great CVSS Bake Off: Testing How CVSS v4 Performs Versus v3

2023 Honeypotting in the Cloud Report: Attackers Discover and Weaponize Exposed Cloud Assets and Secrets in Minutes

The Top 5 Cloud Security Risks of 2023 (so far)

Five Things You Need to Know About Malware on Storage Buckets

See Orca Security in Action

Cloud Security Platform

Technology Ecosystem

By Solution

By Industry

Comparisons