Research Pod Archives | Page 5 of 9

How to Protect Against Midnight Blizzard-Style Kill Chains

‘Orca Watch’ Series

How to Protect Against Midnight Blizzard-Style Kill Chains

Last week, Microsoft revealed that the Russia-based threat actor group known as Midnight Blizzard, Cozy Bear, and APT29 had compromised...

Bar Kaduri Neil Carpenter

Jan 30, 2024

Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise

Discovered Vulnerabilities

Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise

The Orca Research Pod has uncovered a dangerous loophole in Google Kubernetes Engine (GKE) that could allow an attacker with...

Roi Nisimi

Jan 24, 2024

How the Sys:All Loophole Allowed Us To Penetrate GKE Clusters in Production

Discovered Vulnerabilities

How the Sys:All Loophole Allowed Us To Penetrate GKE Clusters in Production

Following our discovery of a critical loophole in Google Kubernetes Engine (GKE) dubbed Sys:All, we decided to conduct research into...

Ofir Yakobi

Jan 24, 2024

The Biggest Cloud Security Threats to Watch Out for in 2024

‘Orca Watch’ Series

The Biggest Cloud Security Threats to Watch Out for in 2024

It’s hard to believe that 2023 is nearing its end. As we look ahead to 2024, the Orca Research Pod...

Bar Kaduri

Dec 27, 2023

Unauthenticated Access to GCP Dataproc Can Lead to Data Leak

Discovered Vulnerabilities

Unauthenticated Access to GCP Dataproc Can Lead to Data Leak

The Orca Research Pod has made an important discovery that puts Google Cloud Dataproc clusters at risk for data theft,...

Roi Nisimi

Dec 12, 2023

The Great CVSS Bake Off: Testing How CVSS v4 Performs Versus v3

Research

The Great CVSS Bake Off: Testing How CVSS v4 Performs Versus v3

The highly anticipated Common Vulnerability Scoring System (CVSS) version 4 is planned to be released on October 31st by the...

Bar Kaduri

Oct 24, 2023

Meet Orca Security Cloud Threat Researcher Lidor B.

Research

Meet Orca Security Cloud Threat Researcher Lidor B.

Fun Facts About Lidor Beverage of choice: Coffee or soda Go-to snack: Any kind of chocolate Hobbies (Present and Past):...

Deborah Galea

Oct 03, 2023

Azure HDInsight Riddled With XSS Vulnerabilities via Apache Services

Discovered Vulnerabilities

Azure HDInsight Riddled With XSS Vulnerabilities via Apache Services

The Orca Research Pod recently discovered a total of 8 important Cross-Site Scripting (XSS) vulnerabilities within various Apache services on...

Lidor Ben Shitrit

Sep 13, 2023

Beware the Azure Guest User: How to Detect When a Guest User Account Is Being Exploited

Research

Beware the Azure Guest User: How to Detect When a Guest User Account Is Being Exploited

In Azure environments, guest users are the go-to option when giving access to a user from a different tenant. Often,...

Roee Sagi

Aug 28, 2023

Research Pod

How to Protect Against Midnight Blizzard-Style Kill Chains

Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise

How the Sys:All Loophole Allowed Us To Penetrate GKE Clusters in Production

The Biggest Cloud Security Threats to Watch Out for in 2024

Unauthenticated Access to GCP Dataproc Can Lead to Data Leak

The Great CVSS Bake Off: Testing How CVSS v4 Performs Versus v3

Meet Orca Security Cloud Threat Researcher Lidor B.

Azure HDInsight Riddled With XSS Vulnerabilities via Apache Services

Beware the Azure Guest User: How to Detect When a Guest User Account Is Being Exploited

See Orca Security in Action

Cloud Security Platform

Technology Ecosystem

By Solution

By Industry

Comparisons