Research Pod

Blog

How Orca Found Server-Side Request Forgery (SSRF) Vulnerabilities in Four...

Tohar Braun Mar 09, 2023

Blog

2022 State of Public Cloud Security Report Reveals Critical Cloud...

Orca Security has released the 2022 State of the Public Cloud Security report, which provides crucial insights into the current...

Tohar Braun Mar 09, 2023

Blog

CosMiss: Azure Cosmos DB Notebook Remote Code Execution Vulnerability

The Orca Research Pod has discovered CosMiss, a vulnerability in Microsoft Azure Cosmos DB where authentication checks were missing from...

Tohar Braun Mar 09, 2023

All Articles (0)

Blog

Meet IAM APE: An Open Source Tool to Simplify AWS IAM Policy Management

Tohar Braun Mar 09, 2023

Blog

Everything You Didn’t Know About Cross-Account and Cross-Cloud Provider Attacks

Deborah Galea and Oren Margalit

Deborah Galea and Oren Margalit Mar 08, 2023

Blog

Five Things You Need to Know About Malware on Storage Buckets

Bar Kaduri and Deborah Galea

Bar Kaduri and Deborah Galea Mar 02, 2023

Blog

Cloud Native Security: OWASP Kubernetes Top 10

Ido Nidbach Jan 26, 2023

Blog

Elastic IP Transfer: Identifying and Mitigating Risks from a New Attack-Vector on AWS

Roi Nisimi Jan 18, 2023

Blog

How Orca Found Server-Side Request Forgery (SSRF) Vulnerabilities in Four Different Azure Services

Lidor Ben Shitrit Jan 17, 2023

Blog

Unauthenticated SSRF Vulnerability on Azure Digital Twins Explorer

Lidor Ben Shitrit Jan 17, 2023

Blog

Unauthenticated SSRF Vulnerability on Azure Functions

Lidor Ben Shitrit Jan 17, 2023

Blog

Authenticated SSRF Vulnerability on Azure API Management Service

Lidor Ben Shitrit Jan 17, 2023

Blog

Authenticated SSRF Vulnerability on Azure Machine Learning Service

Lidor Ben Shitrit Jan 17, 2023

Blog

The Top 5 Cloud Security Threats to Be Prepared For in 2023

Bar Kaduri Dec 06, 2022

Blog

FabriXss (CVE-2022-35829): How We Managed to Abuse a Custom Role User Using CSTI and Stored XSS in Azure Fabric Explorer

Lidor Ben Shitrit and Roee Sagi

Lidor Ben Shitrit and Roee Sagi Oct 19, 2022

Blog

2022 State of Public Cloud Security Report Reveals Critical Cloud Security Gaps

Bar Kaduri and Deborah Galea

Bar Kaduri and Deborah Galea Sep 13, 2022

Blog

Azure Synapse: Local Privilege Escalation Vulnerability in Spark

Tzah Pahima Sep 01, 2022

Blog

Infrastructure as Code: Common Security Risks and How to Prevent Them

Roy Aviram Aug 16, 2022

Blog

SynLapse – Technical Details for Critical Azure Synapse Vulnerability

Tzah Pahima Jun 14, 2022

Orca Security Critical Cloud Security Threat update

Blog

Supply Chain Attack: CTX Account Takeover and PHPass Hijack Explained

Lidor Ben Shitrit Jun 13, 2022

Security Advisory: Insufficient Tenant Separation in Azure Synapse Service

Blog

Security Advisory: Insufficient Tenant Separation in Azure Synapse Service

Avi Shua May 09, 2022

Protestware malicious code found in NPM package node-ipc in Russia / Belarus, overwriting entire file systems with heart emojis to symbolize peace.

Blog

Open Source Package Risks in Cloud Environments and How It Relates to the Russian-Ukrainian Conflict

Lidor Ben Shitrit Apr 27, 2022

A GCP Organization is the top node of the permissions hierarchy, making policies defined at this level powerful, automatically applying to all resources.

Blog

GCP Organization Policies: Governing Your Inheritance

Tohar Braun Apr 20, 2022

Orca researcher Lidor Ben Shitrit reveals how Log4 shell TTPs in an AWS cloud environment can be used to open up a Log4j security vulnerability

Blog

Unfolding the Log4j Security Vulnerability and Log4shell TTPs in AWS

Lidor Ben Shitrit Apr 13, 2022

Blog

CVE-2018-25032: Zlib Memory Corruption Vulnerability

Tohar Braun Mar 29, 2022

Blog

BreakingFormation: Technical Vulnerability Walkthrough

Tzah Pahima Mar 28, 2022

Overview of key threats for cloud environments, with a focus on Linux malware, database malware, malicious cryptomining code, and ransomware.

Blog

The Expansion of Malware to the Cloud

Bar Kaduri Mar 24, 2022

Kubernetes was designed for functionality, not security, but it does include several key settings and policies. Learn more about Kubernetes and Security.

Blog

Key Security Capabilities in Kubernetes

Yonatan Broder Mar 18, 2022

The ‘Google Cloud Platform Storage Explorer’ tool crawls all of your Google Cloud projects and detects which have access to all storage data.

Blog

Google Cloud Storage Explorer: Enumerating Google Cloud’s Bucket Access Permissions

Liat Vaknin Mar 17, 2022

Blog

Cyber Attacks in Russia’s Invasion of Ukraine: Orca Security Research Pod Perspectives

Bar Kaduri Mar 11, 2022

Blog

CVE-2022-0847: Linux Dirty Pipe Local Privilege Escalation Vulnerability

Roy Aviram and Bar Kaduri

Roy Aviram and Bar Kaduri Mar 10, 2022

AutoWarp is a serious vulnerability in Microsoft Azure Automation Service that allows access to a server that manages the sandboxes of other customers.

Blog

AutoWarp: Critical Cross-Account Vulnerability in Microsoft Azure Automation Service

Yanir Tsarimi Mar 07, 2022

Blog

Lateral Movement in Google Cloud: Abusing the Infamous Default Service Account Misconfiguration

Liat Vaknin Mar 04, 2022

A misconfigured service can play a crucial role in facilitating a Server Side Request Forgery (SSRF) attack. Oracle SSRF metadata can help predict it.

Blog

Oracle Server Side Request Forgery (SSRF) Metadata

Lidor Ben Shitrit Feb 08, 2022

Blog

A Tale About Vulnerability Research and Early Detection

Yanir Tsarimi Feb 04, 2022

Blog

Linux Privilege Escalation Vulnerability in Polkit’s pkexec

Bar Kaduri Jan 27, 2022

Blog

HTTP Protocol Stack Remote Code Execution Vulnerability

Liat Vaknin Jan 17, 2022

Orca Security’s vulnerability researcher, Tzah Pahima, discovered a zero day AWS CloudFormation vulnerability, which AWS quickly mitigated within 6 days.

Blog

BreakingFormation: Orca Security Research Team Discovers AWS CloudFormation Vulnerability

Tzah Pahima Jan 13, 2022

Orca's Research Team discovered a critical vulnerability that could allow an actor to create resources and access data of AWS Glue customers.

Blog

Superglue: Orca Security Research Team Discovers AWS Glue Vulnerability

Yanir Tsarimi Jan 13, 2022

Blog

Azure AD & IAM (Part III) – Leveraging Managed Identities for Privilege Escalation

Roee Sagi Jan 04, 2022

Blog

Azure AD & IAM (Part II) – Leveraging Managed Identities For Privilege Escalation

Roee Sagi Dec 23, 2021

Google Cloud Platform IAM: Google’s approach to Identity and Access Management is relatively the most straightforward among the three major cloud providers.

Blog

Google Cloud Platform IAM

Tohar Braun Dec 02, 2021

Research Pod

Privilege Escalation on Azure (Part I): An Introduction to Azure AD & IAM

Roee Sagi Oct 19, 2021

Research Pod

The Anatomy of an IAM Cyber Attack on AWS

Dror Zalman Sep 23, 2021

See Orca in action

See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.