Unpacking Diicot - Evolving Campaign Targeting Linux Environments
Wiz Threat Research uncovered a new malware campaign targeting Linux environments attributed to the Diicot threat group.
Gili Tikochinski
You can do anything with regex
Gili Tikochinski Posts
Critical vulnerabilities in Palo Alto Expedition: everything you need to know
Detect and mitigate critical vulnerabilities (CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, CVE-2024-9467) in Palo Alto Networks’ Expedition tool. Organizations should patch urgently.
Emerging phishing campaign targeting AWS accounts
Wiz Threat Research recently spotted a new phishing campaign targeting AWS accounts.
Introducing pattern-based agentless malware detection using YARA rules
Wiz is expanding our existing detection capabilities to include pattern-based malware detection using YARA rules written by the Wiz Research team
SeleniumGreed: Threat actors exploit exposed Selenium Grid services for Cryptomining
Wiz researchers discover ongoing threat to popular testing framework.
RCE vulnerability in OpenSSH: everything you need to know
Detect and mitigate CVE-2024-6387, a remote code execution vulnerability in OpenSSH. Organizations are advised to patch urgently.
Pause off my cluster: DERO cryptojacking takes a new shape
Learn how the threat actors behind the 2023 DERO cryptojacking campaign have adapted their techniques to evade detection, and the best practices for mitigation.
CVE-2024-4040 exploited in the wild: everything you need to know
Detect and mitigate CVE-2024-4040, a critical vulnerability in CrushFTP exploited in the wild. Organizations should patch urgently.
Authentication bypass vulnerabilities in TeamCity: everything you need to know
Detect and mitigate CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), authentication bypass vulnerabilities in JetBrains TeamCity.