Amitai Cohen🎗️🤟
@amitaico.bsky.social
personal website @ cloudcurio.us ✦ researching @ Wiz Security (threats.wiz.io) 🐞 maintaining @ cloudvulndb.org 🎙️ podcasting @ cryingoutcloud.io 🗺️ pivoting @ Pivot Atlas (gopivot.ing)
Reposted by Amitai Cohen🎗️🤟
RediShell security flaw in Redis:
-remotely exploitable
-CVSSv3 10/10
-impacts all versions released over the past 13 years
-impacts 75% of cloud instances
www.wiz.io/blog/wiz-res...
redis.io/blog/securit...
-remotely exploitable
-CVSSv3 10/10
-impacts all versions released over the past 13 years
-impacts 75% of cloud instances
www.wiz.io/blog/wiz-res...
redis.io/blog/securit...
Wiz Finds Critical Redis RCE Vulnerability: CVE‑2025‑49844 | Wiz Blog
A 13‑year Redis flaw (CVE‑2025‑49844) allows attackers to escape Lua sandbox and run code on hosts. See Wiz Research’s analysis and mitigations.
www.wiz.io
October 7, 2025 at 10:29 AM
RediShell security flaw in Redis:
-remotely exploitable
-CVSSv3 10/10
-impacts all versions released over the past 13 years
-impacts 75% of cloud instances
www.wiz.io/blog/wiz-res...
redis.io/blog/securit...
-remotely exploitable
-CVSSv3 10/10
-impacts all versions released over the past 13 years
-impacts 75% of cloud instances
www.wiz.io/blog/wiz-res...
redis.io/blog/securit...
New threat hunting blogpost from our team - by checking which Linux processes normally use the Instance Metadata Service across thousands of cloud environments, we can identify exploitation of novel SSRF & RCE vulnerabilities when a process that shouldn't use IMDS suddenly does.
IMDS Abused: Hunting Rare Behaviors to Uncover Exploits | Wiz Blog
Wiz uncovered a zero-day vulnerability using IMDS anomaly detection. Learn how attackers exploit metadata services and how Wiz helps stop them.
www.wiz.io
September 23, 2025 at 6:39 AM
New threat hunting blogpost from our team - by checking which Linux processes normally use the Instance Metadata Service across thousands of cloud environments, we can identify exploitation of novel SSRF & RCE vulnerabilities when a process that shouldn't use IMDS suddenly does.
Open-source supply chain attacks are often in the news, but they aren't all equally deserving of your time and attention - here's how they usually happen, and key questions to decide which ones are worth worrying about:
July 31, 2025 at 1:18 PM
Open-source supply chain attacks are often in the news, but they aren't all equally deserving of your time and attention - here's how they usually happen, and key questions to decide which ones are worth worrying about:
Reposted by Amitai Cohen🎗️🤟
💡 Eden hosts Nichole Dove, @sherrod.bsky.social & @alonsch.bsky.social.
Cloud chaos, career confessions & the future of cybersecurity. This one hits different.
Listen now:
🍏 open.spotify.com/episode/6vGW...
🎧 podcasts.apple.com/us/podcast/l...
📺 www.youtube.com/watch?v=7Kwi...
Cloud chaos, career confessions & the future of cybersecurity. This one hits different.
Listen now:
🍏 open.spotify.com/episode/6vGW...
🎧 podcasts.apple.com/us/podcast/l...
📺 www.youtube.com/watch?v=7Kwi...
Live Talk: Security Minds from Riot Games, Microsoft & Wiz
Crying Out Cloud · Episode
open.spotify.com
July 15, 2025 at 1:27 PM
💡 Eden hosts Nichole Dove, @sherrod.bsky.social & @alonsch.bsky.social.
Cloud chaos, career confessions & the future of cybersecurity. This one hits different.
Listen now:
🍏 open.spotify.com/episode/6vGW...
🎧 podcasts.apple.com/us/podcast/l...
📺 www.youtube.com/watch?v=7Kwi...
Cloud chaos, career confessions & the future of cybersecurity. This one hits different.
Listen now:
🍏 open.spotify.com/episode/6vGW...
🎧 podcasts.apple.com/us/podcast/l...
📺 www.youtube.com/watch?v=7Kwi...
these blippi recasts are getting out of hand
June 2, 2025 at 11:45 AM
these blippi recasts are getting out of hand
Reposted by Amitai Cohen🎗️🤟
🚨 New Wiz research: Active exploitation of Ivanti EPMM flaws (CVE-2025-4427 & 4428) enables RCE in the wild.
Cloud systems are at risk; patch now.
Wiz customers can find pre-built detection queries in the Threat Intelligence Center.
Full details 👉 www.wiz.io/blog/ivanti-...
Cloud systems are at risk; patch now.
Wiz customers can find pre-built detection queries in the Threat Intelligence Center.
Full details 👉 www.wiz.io/blog/ivanti-...
Ivanti EPMM RCE Vulnerability Chain Exploited in the Wild | Wiz Blog
Wiz Threat Research has observed exploitation in-the-wild of CVE-2025-4427 and CVE-2025-4428, the latest vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM).
www.wiz.io
May 22, 2025 at 11:20 AM
🚨 New Wiz research: Active exploitation of Ivanti EPMM flaws (CVE-2025-4427 & 4428) enables RCE in the wild.
Cloud systems are at risk; patch now.
Wiz customers can find pre-built detection queries in the Threat Intelligence Center.
Full details 👉 www.wiz.io/blog/ivanti-...
Cloud systems are at risk; patch now.
Wiz customers can find pre-built detection queries in the Threat Intelligence Center.
Full details 👉 www.wiz.io/blog/ivanti-...
Reposted by Amitai Cohen🎗️🤟
'Ongoing' Ivanti hijack bug exploitation reaches clouds
'Ongoing' Ivanti hijack bug exploitation reaches clouds
Nothing like insecure code in security suites
The "ongoing exploitation" of two Ivanti bugs has now extended beyond on-premises environments and hit customers' cloud instances, according to security shop Wiz.…
dlvr.it
May 21, 2025 at 1:30 AM
'Ongoing' Ivanti hijack bug exploitation reaches clouds
Our team at Wiz Research has observed ongoing exploitation of the latest Ivanti EPMM vulnerabilities (CVE-2025-4427 & CVE-2025-4428) - more details and IOCs available here: www.wiz.io/blog/ivanti-...
Ivanti EPMM RCE Vulnerability Chain Exploited in the Wild | Wiz Blog
Wiz Research has observed exploitation in-the-wild of CVE-2025-4427 and CVE-2025-4428, the latest vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM).
www.wiz.io
May 20, 2025 at 7:25 PM
Our team at Wiz Research has observed ongoing exploitation of the latest Ivanti EPMM vulnerabilities (CVE-2025-4427 & CVE-2025-4428) - more details and IOCs available here: www.wiz.io/blog/ivanti-...
If you'd like to learn more about this type of misconfiguration, how it can be exploited, and how to prevent it, @danielleaminov.bsky.social from my team at Wiz wrote a great introduction to this topic here: www.wiz.io/blog/spring-...
May 19, 2025 at 5:36 AM
If you'd like to learn more about this type of misconfiguration, how it can be exploited, and how to prevent it, @danielleaminov.bsky.social from my team at Wiz wrote a great introduction to this topic here: www.wiz.io/blog/spring-...
Reposted by Amitai Cohen🎗️🤟
wife: how was guarding the two paths today, honey?
guard: [looking away] fine
wife: did something happen?
guard: [tearing up] no
wife: would the other guard tell me something happened?
guard: [looking away] fine
wife: did something happen?
guard: [tearing up] no
wife: would the other guard tell me something happened?
May 18, 2025 at 9:13 PM
wife: how was guarding the two paths today, honey?
guard: [looking away] fine
wife: did something happen?
guard: [tearing up] no
wife: would the other guard tell me something happened?
guard: [looking away] fine
wife: did something happen?
guard: [tearing up] no
wife: would the other guard tell me something happened?
Reposted by Amitai Cohen🎗️🤟
So an expert on sin, but also cos and tan
May 9, 2025 at 4:49 AM
So an expert on sin, but also cos and tan
Reposted by Amitai Cohen🎗️🤟
🎙️All you need to know on bug bounty insights w/
@rhynorater.bsky.social! @amitaico.bsky.social & Eden dive into hacks, lessons & wild stories on Crying Out Cloud.
🔗 Listen now:
🍏 podcasts.apple.com/us/podcast/b...
🎧 open.spotify.com/episode/6B6q...
📺 youtube.com/watch?v=eW6k...
@rhynorater.bsky.social! @amitaico.bsky.social & Eden dive into hacks, lessons & wild stories on Crying Out Cloud.
🔗 Listen now:
🍏 podcasts.apple.com/us/podcast/b...
🎧 open.spotify.com/episode/6B6q...
📺 youtube.com/watch?v=eW6k...
Bug Bounty Secrets, Hacker Communities, and a Hit of Volleyball with Justin Gardner
Podcast Episode · Crying Out Cloud · 05/08/2025 · 40m
podcasts.apple.com
May 8, 2025 at 3:26 PM
🎙️All you need to know on bug bounty insights w/
@rhynorater.bsky.social! @amitaico.bsky.social & Eden dive into hacks, lessons & wild stories on Crying Out Cloud.
🔗 Listen now:
🍏 podcasts.apple.com/us/podcast/b...
🎧 open.spotify.com/episode/6B6q...
📺 youtube.com/watch?v=eW6k...
@rhynorater.bsky.social! @amitaico.bsky.social & Eden dive into hacks, lessons & wild stories on Crying Out Cloud.
🔗 Listen now:
🍏 podcasts.apple.com/us/podcast/b...
🎧 open.spotify.com/episode/6B6q...
📺 youtube.com/watch?v=eW6k...
Reposted by Amitai Cohen🎗️🤟
🚨 OH NOOOO! Someone stole the secret recipe of ExfilCola.
We need your help tomorrow to get it back.
Set your clocks for 9 a.m. ET ⏰
You'll need curiosity, cloud IR skills, and a taste for solving mysteries.
🧠 Do you think you can crack it?
We need your help tomorrow to get it back.
Set your clocks for 9 a.m. ET ⏰
You'll need curiosity, cloud IR skills, and a taste for solving mysteries.
🧠 Do you think you can crack it?
May 5, 2025 at 1:32 PM
🚨 OH NOOOO! Someone stole the secret recipe of ExfilCola.
We need your help tomorrow to get it back.
Set your clocks for 9 a.m. ET ⏰
You'll need curiosity, cloud IR skills, and a taste for solving mysteries.
🧠 Do you think you can crack it?
We need your help tomorrow to get it back.
Set your clocks for 9 a.m. ET ⏰
You'll need curiosity, cloud IR skills, and a taste for solving mysteries.
🧠 Do you think you can crack it?
Reposted by Amitai Cohen🎗️🤟
This. is. massive! 🥁✨
Meet the Wiz Vulnerability Database—for CVEs that actually matter in the cloud. AI-powered reports, expert insights & fix guidance. No fluff, just essentials.
🔍 Explore: wiz.io/vulnerabilit...
Meet the Wiz Vulnerability Database—for CVEs that actually matter in the cloud. AI-powered reports, expert insights & fix guidance. No fluff, just essentials.
🔍 Explore: wiz.io/vulnerabilit...
March 26, 2025 at 3:46 PM
This. is. massive! 🥁✨
Meet the Wiz Vulnerability Database—for CVEs that actually matter in the cloud. AI-powered reports, expert insights & fix guidance. No fluff, just essentials.
🔍 Explore: wiz.io/vulnerabilit...
Meet the Wiz Vulnerability Database—for CVEs that actually matter in the cloud. AI-powered reports, expert insights & fix guidance. No fluff, just essentials.
🔍 Explore: wiz.io/vulnerabilit...
Reposted by Amitai Cohen🎗️🤟
#IngressNightmare: Wiz Research uncovers a critical vulnerability in Ingress-NGINX 🚨
Wiz Research found a novel attack vector in one of Kubernetes's most fundamental projects, Ingress-NGINX, which is rated CVSS 9.8.
Wiz Research found a novel attack vector in one of Kubernetes's most fundamental projects, Ingress-NGINX, which is rated CVSS 9.8.
March 25, 2025 at 11:52 AM
#IngressNightmare: Wiz Research uncovers a critical vulnerability in Ingress-NGINX 🚨
Wiz Research found a novel attack vector in one of Kubernetes's most fundamental projects, Ingress-NGINX, which is rated CVSS 9.8.
Wiz Research found a novel attack vector in one of Kubernetes's most fundamental projects, Ingress-NGINX, which is rated CVSS 9.8.
Reposted by Amitai Cohen🎗️🤟
BREAKING: Internal #DeepSeek database publicly exposed 🚨
Wiz Research has discovered "DeepLeak" - a publicly accessible ClickHouse database belonging to DeepSeek, exposing highly sensitive information, including secret keys, plain-text chat messages, backend details, and logs.
Wiz Research has discovered "DeepLeak" - a publicly accessible ClickHouse database belonging to DeepSeek, exposing highly sensitive information, including secret keys, plain-text chat messages, backend details, and logs.
January 30, 2025 at 6:17 PM
BREAKING: Internal #DeepSeek database publicly exposed 🚨
Wiz Research has discovered "DeepLeak" - a publicly accessible ClickHouse database belonging to DeepSeek, exposing highly sensitive information, including secret keys, plain-text chat messages, backend details, and logs.
Wiz Research has discovered "DeepLeak" - a publicly accessible ClickHouse database belonging to DeepSeek, exposing highly sensitive information, including secret keys, plain-text chat messages, backend details, and logs.
Reposted by Amitai Cohen🎗️🤟
New phone, Houthis
March 24, 2025 at 6:01 PM
New phone, Houthis
Pantheon is such an amazing show, I feel so late to the game only watching it now. I also appreciate how it was released slightly before Gen AI became mainstream, otherwise I suspect the script might have been different. Almost makes it seem like an alternate history.
March 18, 2025 at 7:01 AM
Pantheon is such an amazing show, I feel so late to the game only watching it now. I also appreciate how it was released slightly before Gen AI became mainstream, otherwise I suspect the script might have been different. Almost makes it seem like an alternate history.
Reposted by Amitai Cohen🎗️🤟
Turns out when you investigate a compromised Github Actions you ... find another compromised Github Action:
www.wiz.io/blog/new-git...
www.wiz.io/blog/new-git...
GitHub Action supply chain attack: reviewdog/action-setup | Wiz Blog
A supply chain attack on tj-actions/changed-files leaked secrets. Wiz Research found another attack on reviewdog/actions-setup, possibly causing the compromise.
www.wiz.io
March 17, 2025 at 10:16 PM
Turns out when you investigate a compromised Github Actions you ... find another compromised Github Action:
www.wiz.io/blog/new-git...
www.wiz.io/blog/new-git...
Reposted by Amitai Cohen🎗️🤟
Reposted by Amitai Cohen🎗️🤟
What an honor to share our talk on “In-the-Wild Abuse of App Misconfigs” at @districtcon.bsky.social year 0! So much talent in one place, and massive kudos to the organizers for creating such an epic event and overcoming an entire-block power outage. Looking forward to next year! 🪩✨🌸
February 24, 2025 at 3:33 PM
What an honor to share our talk on “In-the-Wild Abuse of App Misconfigs” at @districtcon.bsky.social year 0! So much talent in one place, and massive kudos to the organizers for creating such an epic event and overcoming an entire-block power outage. Looking forward to next year! 🪩✨🌸
Reposted by Amitai Cohen🎗️🤟
Reposted by Amitai Cohen🎗️🤟
This is cool @feedly.com. Thanks for working with us on it.
It's true- Feedly uplevels our detection game in a big way @ GreyNoise.
feedly.com/customers/po...
It's true- Feedly uplevels our detection game in a big way @ GreyNoise.
feedly.com/customers/po...
Case Study: GreyNoise Doubles Detection Output with Feedly | Feedly
Discover how GreyNoise used Feedly Threat Intelligence to automate OSINT workflows, double detection output, and save hours of manual effort daily.
feedly.com
January 30, 2025 at 9:16 PM
This is cool @feedly.com. Thanks for working with us on it.
It's true- Feedly uplevels our detection game in a big way @ GreyNoise.
feedly.com/customers/po...
It's true- Feedly uplevels our detection game in a big way @ GreyNoise.
feedly.com/customers/po...