• All Articles
  • Research Pod
  • CISO Corner

    • Research Pod

    Security Advisory: Insufficient Tenant Separation in Azure Synapse Service
    Blog

    Security Advisory: Insufficient Tenant Separation in Azure Synapse Service

    This security advisory addresses a tenant separation issue in the Microsoft Azure Synapse service.

    Avi Shua

    Avi Shua May 09, 2022

    AutoWarp is a serious vulnerability in Microsoft Azure Automation Service that allows access to a server that manages the sandboxes of other customers.
    Blog

    AutoWarp: Critical Cross-Account Vulnerability in Microsoft Azure Automation Service

    AutoWarp is a critical vulnerability in Microsoft Azure Automation Service that allows unauthorized access to other customer accounts using the...

    Yanir Tsarimi

    Yanir Tsarimi Mar 07, 2022

    Blog

    Lateral Movement in Google Cloud: Abusing the Infamous Default Service...

    How a malicious actor can conduct lateral movement in Google Cloud across compute engine instances using the default service account.

    Liat Vaknin

    Liat Vaknin Mar 04, 2022

    Sort by
    All Articles (24)
    Security Advisory: Insufficient Tenant Separation in Azure Synapse Service

    Blog

    Security Advisory: Insufficient Tenant Separation in Azure Synapse Service
    Avi Shua

    Avi Shua May 09, 2022

    Protestware malicious code found in NPM package node-ipc in Russia / Belarus, overwriting entire file systems with heart emojis to symbolize peace.

    Open Source Package Risks in Cloud Environments and How It Relates to the Russian-Ukrainian Conflict
    Lidor Ben Shitrit

    Lidor Ben Shitrit Apr 27, 2022

    A GCP Organization is the top node of the permissions hierarchy, making policies defined at this level powerful, automatically applying to all resources.

    GCP Organization Policies: Governing Your Inheritance
    Tohar Braun

    Tohar Braun Apr 20, 2022

    Orca researcher Lidor Ben Shitrit reveals how Log4 shell TTPs in an AWS cloud environment can be used to open up a Log4j security vulnerability

    Unfolding the Log4j Security Vulnerability and Log4shell TTPs in AWS
    Lidor Ben Shitrit

    Lidor Ben Shitrit Apr 13, 2022

    CVE-2018-25032: Zlib Memory Corruption Vulnerability
    Tohar Braun

    Tohar Braun Mar 29, 2022

    BreakingFormation: Technical Vulnerability Walkthrough
    Tzah Pahima

    Tzah Pahima Mar 28, 2022

    Overview of key threats for cloud environments, with a focus on Linux malware, database malware, malicious cryptomining code, and ransomware.

    The Expansion of Malware to the Cloud
    Bar Kaduri

    Bar Kaduri Mar 24, 2022

    Kubernetes was designed for functionality, not security, but it does include several key settings and policies. Learn more about Kubernetes and Security.

    Research Pod

    Key Security Capabilities in Kubernetes
    Yonatan Broder

    Yonatan Broder Mar 18, 2022

    The ‘Google Cloud Platform Storage Explorer’ tool crawls all of your Google Cloud projects and detects which have access to all storage data.

    Blog

    Google Cloud Storage Explorer: Enumerating Google Cloud’s Bucket Access Permissions
    Liat Vaknin

    Liat Vaknin Mar 17, 2022

    Cyber Attacks in Russia’s Invasion of Ukraine: Orca Security Research Pod Perspectives
    Bar Kaduri

    Bar Kaduri Mar 11, 2022

    CVE-2022-0847: Linux Dirty Pipe Local Privilege Escalation Vulnerability
    Roy Aviram and Bar Kaduri

    Roy Aviram and Bar Kaduri Mar 10, 2022

    AutoWarp is a serious vulnerability in Microsoft Azure Automation Service that allows access to a server that manages the sandboxes of other customers.

    Blog

    AutoWarp: Critical Cross-Account Vulnerability in Microsoft Azure Automation Service
    Yanir Tsarimi

    Yanir Tsarimi Mar 07, 2022

    Blog

    Lateral Movement in Google Cloud: Abusing the Infamous Default Service Account Misconfiguration
    Liat Vaknin

    Liat Vaknin Mar 04, 2022

    A misconfigured service can play a crucial role in facilitating a Server Side Request Forgery (SSRF) attack. Oracle SSRF metadata can help predict it.

    Oracle Server Side Request Forgery (SSRF) Metadata
    Lidor Ben Shitrit

    Lidor Ben Shitrit Feb 08, 2022

    A Tale About Vulnerability Research and Early Detection
    Yanir Tsarimi

    Yanir Tsarimi Feb 04, 2022

    Blog

    Linux Privilege Escalation Vulnerability in Polkit’s pkexec
    Bar Kaduri

    Bar Kaduri Jan 27, 2022

    Research Pod

    HTTP Protocol Stack Remote Code Execution Vulnerability
    Liat Vaknin

    Liat Vaknin Jan 17, 2022

    Orca Security’s vulnerability researcher, Tzah Pahima, discovered a zero day AWS CloudFormation vulnerability, which AWS quickly mitigated within 6 days.

    BreakingFormation: Orca Security Research Team Discovers AWS CloudFormation Vulnerability
    Tzah Pahima

    Tzah Pahima Jan 13, 2022

    Orca's Research Team discovered a critical vulnerability that could allow an actor to create resources and access data of AWS Glue customers.

    Superglue: Orca Security Research Team Discovers AWS Glue Vulnerability
    Yanir Tsarimi

    Yanir Tsarimi Jan 13, 2022

    Azure AD & IAM (Part III) – Leveraging Managed Identities for Privilege Escalation
    Roee Sagi

    Roee Sagi Jan 04, 2022

    Azure AD & IAM (Part II) – Leveraging Managed Identities For Privilege Escalation
    Roee Sagi

    Roee Sagi Dec 23, 2021

    Google Cloud Platform IAM: Google’s approach to Identity and Access Management is relatively the most straightforward among the three major cloud providers.

    Google Cloud Platform IAM
    Tohar Braun

    Tohar Braun Dec 02, 2021

    Blog

    Privilege Escalation on Azure (Part I): An Introduction to Azure AD & IAM
    Roee Sagi

    Roee Sagi Oct 19, 2021

    The Anatomy of an IAM Cyber Attack on AWS
    Dror Zalman

    Dror Zalman Sep 23, 2021

    See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.