Fun Facts About Lidor
Beverage of choice: Coffee or soda
Go-to snack: Any kind of chocolate
Hobbies (Present and Past): I used to play basketball, so other than watching NBA, I love spending time with my family, finding vulnerabilities, cooking, and fine dining.
First job: My father’s factory, that was a loooong time ago.
Bucket list: Relocate to Japan with my family for a few years. I went to Japan for two weeks and it was truly amazing.
Random fun fact: I can say with a lot of confidence that I’m probably the biggest fan of The Sopranos in Israel!
Where we would find you on a Saturday night: 99.9% with my family or my wife’s family.
Which tools do you use most in your job? Flycut, Google Chrome groups tab (yeah, not a tool per-se but still), Burpsuite, different post messages() extensions (shoutout to Posta by enso), Pycharm, github1s (VS for github) and of course – Notion.
Lidor’s Cloud Threat Research Work
With already 10+ CVEs under his belt and Microsoft MVR in 2022 and 2023, Lidor B. is an unassuming, yet very passionate cloud threat researcher at Orca Security with a keen interest in finding vulnerabilities in various cloud provider platforms, particularly in Azure.
When asked what makes him passionate about threat research, Lidor says: “The huge impact I have on millions of users, simple as that.” His most exciting find to date is when he discovered that any Azure Cosmos DB Jupyter Notebook could be reached without any authorization header (later dubbed the CosMiss vulnerability).
Lidor got started in the cloud security industry by participating in bug bounty programs in his free time. He realized he was very passionate about finding vulnerabilities and decided to apply for a job opening at Orca Security. Two and half years later, Lidor is clearly thriving at Orca.
Ever since joining Orca in 2021, Lidor has been one of the trail blazers of the Orca Research Pod. The Orca Research Pod is a dedicated team of over a dozen cloud threat researchers dedicated to discovering and analyzing cloud risks and vulnerabilities in cloud provider platforms. The aim of this research is to strengthen the Orca Cloud Security Platform, promote cloud security best practices, and increase the safety of existing cloud infrastructure.
Lidor’s Partnership with Microsoft
One of Lidor’s ‘specialities’ is finding vulnerabilities on Microsoft Azure, which recently earned him the #16 ranking on the Microsoft Most Valuable Researcher list, and a speaking slot at Microsoft’s prestigious BlueHat conference in Redmond, WA on October 13, 2023.
Adhering to the responsible vulnerability disclosure policy, Lidor always immediately reports any discoveries to the Microsoft Security Response Center (MSRC) along with a detailed explanation of the steps for replicating the issue. Lidor then works with Microsoft to ensure the vulnerability has been completely fixed.
“I’ve enjoyed a great partnership with MSRC over the years”, said Lidor. “They’re always very responsive, and move fast to prioritize fixing important issues. We cooperate on an appropriate date for public disclosure of the vulnerability, after the vulnerability is fixed in cloud infrastructure, or after an update has been released and organizations have had time to upgrade. Our top priority is always to help keep organizations and users as safe as possible and prevent exploits from happening.”
Vulnerabilities Lidor Has Discovered to Date
2022: Oracle Server Side Request Forgery (SSRF) vulnerability
2022: FabriXss (CVE-2022-35829): XSS on Azure Fabric Explorer
2022: CosMiss: Azure Cosmos DB Notebook RCE
2023: Server-Side Request Forgery (SSRF) Vulnerabilities in Four Azure Services
2023: SuperFabriXss: RCE in Azure Service Fabric Explorer (CVE-2023-23383)
2023: Two Azure XSS Vulnerabilities in embedded postMessage IFrames
2023: Eight Azure HDInsight XSS vulnerabilities
Another area of interest for Lidor is supply chain attacks. He worked with Tohar Braun, Security Research Tech Lead at Orca, on implementing Dependency Confusion Attack prevention in the Orca Platform. “That was really awesome, our clients loved it,” said Lidor.
Follow Lidor’s Research
You can stay up to date on Lidor’s research by following him on LinkedIn, checking out his Orca Security blogs, or visiting his personal website. And if you’re attending the Microsoft BlueHat conference in Redmond, WA you can see him speak on October 13, 2023.