📺 Huge thanks to Amazon's CSO stephenschmidt for the big shoutout and kind words about Wiz on CNBC 🔥🔥🔥 It means the world to have the trust and validation of cloud security leaders like Stephen and Amazon. Can't wait to create more magic with you!🪄

We found a Remote Code Execution (RCE) vulnerability in @Ollama - one of the most popular AI inference projects on GitHub. Here is everything you need to know about #Probllama (CVE-2024-37032) 🧵👇

Spot on. AI infra is where most of the security risk in AI is today

Thank you, Wiz and Matt Johansen, for highlighting this point that many miss about vulnerability exploitation

☁️ Cloud Threat Landscape - Defenses Wiz has added a collection of security measures for defending cloud environments to their Cloud Threat Landscape Includes ~50 defenses Mapped to attacker technique and D3FEND Tactic threats.wiz.io/defenses

Does AI have an isolation problem?? Wiz researchers have been looking into cross tenant issues in leading AI services in recent months. Today disclosing a major vulnerability in SAP AI service. Thank you for the SAP security team for working closely with us.

Security starts from hands on experience with attack techniques, everyone interested in learning about AI security risks, should take some time and try this AMAZING capture the flag created by Wiz researchers

Wiz is now officially a 'CVE Numbering Authority' (#CNA) 🔓 We're thrilled to strengthen our support for this mission of transparency in disclosing cloud vulnerabilities. Big shout out to everyone who helped make this happen. 🕵️‍♂️ Learn more: wiz.io/blog/wiz-becom…

Check out the first entry in our new blog series on cloud IOCs, a subject I'm quite passionate about. We've also launched a new open source collection of such indicators, available here (we'll be updating this regularly): github.com/wiz-sec-public…

Cloud Threat intelligence is the corner stone for detecting threats in cloud. The dynamics of cloud attacks, the techniques and even the types of IOCs are different and require a dedicated approach. Amazing work by Wiz research to create a new open standard & KB for cloud TI

🚨 Breaking: Wiz Research discovered CVE-2024-0132 in NVIDIA Container Toolkit and NVIDIA GPU Operator exposing #AI workloads to container escape attacks that give attackers control over the host system.🚨 wiz.io/blog/wiz-resea…

We discovered a container escape vulnerability in the @NVIDIA Container Toolkit. It allows attackers to gain full access to the host's filesystem and achieve Remote Code Execution (RCE). Here's everything you need to know about CVE-2024-0132 🧵👇

NVIDIA GPUs are widely used for AI workloads in the cloud and on-premise. Wiz Research disclosed a critical vulnerability to NVIDIA that could allow attackers to break isolation and escape the container.

.Ami Luttwak, Co-Founder & CTO of Wiz, delivered key insights on cloud security for government, addressing the pressing challenges in today’s cloud environments. Ami emphasized the need for enhanced visibility, prioritization, and seamless security integration to safeguard

Amazing opportunity to talk about the vision for a better way to do cloud security focused on context, thank you #cybertalks for hosting us!

Network appliances are a major blindspot, as EDRs cannot run on appliances. Wiz research team released analysis of recent exploitation activities of the PANW RCE vulnerability using our unique agent-less EDR scanner wiz.io/blog/cve-2024-…

I was looking into how organizations deploy Spring Boot Actuator in the cloud and found 1 in 4 exposed Actuators had security flaws leading to data leaks or RCE. These risks are more common than you'd think..⚠️

Cloud risk is not just about CSPM, application level misconfigurations are probably the main risk Wiz researchers released an important threat update on Spring Boot Actuator leaks

We (+sagitz Ronen Shustin Hillai Ben-Sasson) found a series of unauthenticated RCEs in core @KubernetesIO project "Ingress-NGINX". The impact? From zero permissions ➡️ to complete cluster takeover 🤯 This is the story of #IngressNightmare 🧵⬇️

What happens if we find a vulnerability in the software the powers most of the AI in the world? wiz 🇸🇻 researchers found a 3 lines (!) container escape vulnerability that impacts all container runtimes using @NVIDIA GPU #NVIDIAScape