Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Software Supply Chain Security Threats: 2021 in Review

Software Supply Chain Attacks: 2021 in Review

As CI/CD pipelines have become an increasingly popular attack vector, 2021 saw a huge rise in software supply chain attacks. With their number more than tripling in the past year, securing the software delivery process is one of the most urgent needs. In our latest study, we examine the top supply chain security …

Continue reading ›
CVE-2022-0185 in Linux Kernel Can Allow Container Escape in Kubernetes

CVE-2022-0185 in Linux Kernel Can Allow Container Escape in Kubernetes

Last week, a new high-severity CVE was released that affects the Linux kernel. This vulnerability provides an opportunity for an attacker who has access to a system as an unprivileged user to escalate those rights to root. To do this, the attacker must have a specific Linux capability, CAP_SYS_ADMIN, which reduces …

Continue reading ›
Transforming Cloud Native Security: The Allure of Becoming Aqua's CISO

Transforming Cloud Native Security: The Allure of Becoming Aqua's CISO

Cybersecurity has always been to me the most fascinating thing on the planet. I was lucky to discover my passion and get exposed to the security world early on, when the industry was just taking shape. More than two decades later, as companies are rapidly shifting to the cloud and deploying digital services, I’m …

Continue reading ›
The Nightmare Before Christmas: Looking Back at Log4j Vulnerabilities

The Nightmare Before Christmas: Looking Back at Log4j Vulnerabilities

Last month, a zero-day vulnerability in the extremely popular Log4j logging framework overwhelmed the security community during the already busy end-of-year rush. Just keeping up with Log4j news and updates has been no easy task, let alone fixing the multiple vulnerabilities discovered almost daily. Organizations …

Continue reading ›
Welcome to Aqua’s Open Source Community on Slack!

Welcome to Aqua’s Open Source Developer Slack Community!

We’re lucky to have an outstanding open source community with contributors who help us build leading open source cloud native security tools. Over the years, the community has in many ways shaped the direction of what we do. To drive this engagement further, we’re excited to launch our Slack workspace to make it …

Continue reading ›
Looking Ahead: 7 Cloud Native Security Predictions for 2022

Looking Ahead: 7 Cloud Native Security Predictions for 2022

It’s been an incredibly busy year for cloud native and security practitioners! As we wrap up 2021, it’s time to look at what will shape our industry in the year ahead. In that spirit, we asked experts from across the company to share their take on what’s coming next for cloud native security and what to expect in …

Continue reading ›
CVE-2021-44832 Arbitrary Code Execution Log 4j Vulnerability

CVE-2021-44832: New Arbitrary Code Execution Vulnerability in Log4j

This holiday season, adversaries aren’t taking a vacation, massively exploiting multiple vulnerabilities in Log4j, a highly popular Java logging library. Amid the ongoing efforts of organizations to patch their vulnerable systems, a new Log4j vulnerability, tracked as CVE-2021-44832, has been discovered. It allows …

Continue reading ›
Threat Alert: Evolving Techniques of the Autom Cryptomining Campaign

Threat Alert: Evolving Attack Techniques of Autom Cryptomining Campaign

Over the past three years, we at Team Nautilus have been tracking an ongoing cryptomining campaign attacking our honeypots. It got the name Autom due to a shell script that was downloaded and that initiated the attack. Through the years, the campaign has evolved, demonstrating new techniques to hide the attack. In …

Continue reading ›
Stopping a DreamBus Botnet Attack with Aqua’s CNDR

Stopping a DreamBus Botnet Attack with Aqua’s CNDR

We recently came across a real-life scenario that is very common for organizations. A developer with admin access launched a cloud native application but made a mistake and misconfigured it with weak credentials. Just 12 hours later, the environment was attacked by the DreamBus botnet, which proceeded to evade …

Continue reading ›
Log4j attacks analysis

Threat Alert: Tracking Real-World Apache Log4j Attacks

This blog was co-authored with Ori Glassman, a security researcher at Aqua Security

Until last week, Log4j was just a popular Java logging framework, one of the numerous components that run in the background of many modern web applications. But since a zero-day vulnerability (CVE-2021-44228) was published, Log4j …

Continue reading ›
CVE-2021-45046: Second Log4j Security Vulnerability Discovered

CVE-2021-45046: Second Log4j Security Vulnerability Discovered

Dec 17 update: The CVSSv3 score for CVE-2021-45046 has been raised from 3.7 to 9.0.

While many organizations are still dealing with the discovery and mitigation process for the previous Log4j CVE, the project has announced that another vulnerability CVE-2021-45046 has been discovered due to an incomplete fix in …

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...