Ofir Yakobi
About Ofir Yakobi
Ofir Yakobi is a Security Researcher at Orca Security in Tel Aviv-Yafo, Israel, with a strong background in malware analysis, Windows internals, and threat hunting.
Title and Current Role
Ofir Yakobi is currently a Security Researcher at Orca Security, based in Tel Aviv-Yafo, Tel Aviv District, Israel. He began his role in April 2023 and has been involved in a variety of research projects related to cybersecurity, particularly focusing on cloud environments.
Previous Experience in Cybersecurity
Ofir Yakobi has extensive experience in cybersecurity, having worked in various roles over the years. He served as a Security Researcher at Datto, Inc. from 2021 to 2023, a Cyber Security Analyst at OTORIO from 2020 to 2021, a Security Analyst at BDO from 2019 to 2020, and a Network Operations Center specialist at the Office of the Prime Minister of Israel from 2017 to 2019. His career began with his roles as a System And Network Administrator at Zefat Academic College (2015-2017) and a Network Engineer at the Israeli Defence Forces (2013-2015).
Educational Background
Ofir Yakobi studied at See-Security: Cyber & Information Security College, specializing in Information Security. He achieved the designation of Hacking Defined Expert during his one-year study period from 2018 to 2019. His education has provided a strong foundation for his various roles in cybersecurity.
Expertise in Threat Analysis and Security Research
Ofir Yakobi has a strong background in malware analysis and Windows internals, enhancing his effectiveness as a security researcher and threat hunter. His practical skills include identifying and mitigating security threats, making him a valuable asset in the field of cybersecurity.
Significant Contributions and Research
At Orca Security, Ofir Yakobi conducted research into the real-world impacts of the Sys:All loophole in Google Kubernetes Engine (GKE). He discovered over a thousand vulnerable GKE clusters due to misconfigured RBAC bindings and developed a Python script to extract sensitive information from these clusters. He collaborated with a NASDAQ listed company to address these vulnerabilities and published his findings, which highlighted the exposure of various sensitive data types such as JWT tokens, GCP API keys, AWS keys, Google OAuth credentials, and private keys. He also provided practical recommendations for securing GKE clusters against threats and ran Orca Secret-Detector on retrieved data to identify and match known secret patterns and regexes.