Empowering Security: Bridging Talk to Action at RSA 2024

Aqua Cloud Native Blog

Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance.

Empowering Security: Bridging Talk to Action at RSA 2024
As we gear up for another exciting RSA Conference, it’s time to take stock of what’s making waves in the world of cybersecurity. Sure, we all know that RSA is the go-to event for all things security, but what’s the buzz this year? What are the hot topics? What’s really new?
Read more
Popular Posts
2023 Nautilus Cyber Security Report – Insights Revealed
CorePlague: Critical Vulnerabilities in Jenkins Server Lead to RCE
Deceptive Deprecation: The Truth About npm Deprecated Packages
Threat Alert
Threat Alert: First Python Ransomware Attack Targeting Jupyter Notebooks
Threat Alert: Massive Cryptomining Campaign Abusing GitHub, Docker Hub, Travis CI & Circle CI
CONTAINER SECURITY
CVE-2024-3094: Newly Discovered Backdoor in XZ tools
The xz-utils is a popular compression tool used widely across Linux systems, indicating its critical role in the software ecosystem. The xz-utils backdoor, discovered on March 29, 2024, exposes systems to potential backdoor access and remote code execution. It specifically targets versions 5.6.0 and 5.6.1 of xz-utils on systems using glibc, systemd, and patched OpenSSH. …
Read more
CLOUD WORKLOAD PROTECTION
Cloud Workload Security: Aqua Shines in GigaOm’s Radar Report 
Cloud workload security (CWS) plays a critical role in safeguarding the integrity and resilience of cloud native workloads. Defined through the lens of GigaOm, CWS primarily revolves around fortifying the dynamic and continuously evolving workloads within cloud environments. Its significance lies in bolstering security measures by pinpointing vulnerabilities, ensuring adherence to compliance standards, and swiftly …
Read more
Subscribe to Aqua Blog
CONTAINER SECURITY
Aqua: Leading the Charge in Container Security Innovation
Aqua named a leader and an outperformer in GigaOm Container Security Radar  Containerization has revolutionized application development and deployment, providing enterprises with enhanced speed, agility, and consistency across different computing environments. However, this transformation introduces complexities, particularly regarding security. With the increasing adoption of containerized applications, there’s a growing demand for specialized security solutions tailored …
Read more
CONTAINER SECURITY
Elevating Security: Protecting Containerized Workloads on Mainframes
Mainframes and containers represent two distinct yet impactful elements in today’s modern computing architecture. Mainframes are powerful, centralized computing systems known for their reliability, scalability, and ability to handle massive workloads. While containers, on the other hand, have emerged as a lightweight and flexible solution for deploying, scaling, and managing cloud native applications across various …
Read more
SECURITY RESEARCH
Lucifer DDoS botnet Malware is Targeting Apache Big-Data Stack 
Threat Alert
Aqua Nautilus has unveiled a new campaign targeting Apache big-data stack, specifically Apache Hadoop and Apache Druid. Upon investigation, it was discovered that the attacker exploits existing misconfigurations and vulnerabilities within our Apache cloud honeypots to execute the attacks.
Read more
SECURITY RESEARCH
Snap Trap: The Hidden Dangers Within Ubuntu’s Package Suggestion System
Aqua Nautilus researchers have identified a security issue that arises from the interaction between Ubuntu’s command-not-found package and the snap package repository. While command-not-found serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the snap repository, leading to deceptive recommendations of malicious packages. Additionally, our …
Read more
PARTNERS & ALLIANCES
Unleashing Scale for Hybrid Cloud: Aqua to Protect Containerized Environments on LinuxONE 4 Express
We are excited to announce the upcoming support of the Aqua Cloud Native Application Platform (CNAPP) on IBM Z and LinuxONE, alongside IBM’s unveiling of its new LinuxONE 4 Express system. Support of the Aqua Cloud Native Application Platform (CNAPP) on IBM Z and LinuxONE will be available in 1Q 2024.
Read more
SECURITY RESEARCH
Mitigating Leaky Vessels Vulnerabilities in runc, BuildKit and Moby with Aqua
Threat Alert
On January 31, 2024, researchers revealed the discovery of four severe security vulnerabilities in the container ecosystem. These vulnerabilities, affecting key components including runc, BuildKit, Moby (Docker Engine), and Docker Desktop, pose significant risks to the security and integrity of applications that use containerization applications.  
Read more
SECURITY RESEARCH
HeadCrab 2.0: Evolving Threat in Redis Malware Landscape
At the beginning of 2023, Aqua Nautilus researchers uncovered HeadCrab – an advanced threat actor utilizing a state-of-the-art, custom-made malware that compromised 1,200 Redis servers. As you know in the ever-evolving world of cybersecurity, threat actors continually adapt and refine their techniques. Recently, our researchers detected a new version of the HeadCrab malware targeting our …
Read more
SECURITY RESEARCH
The Gaps in Open Source Governance That Threaten the Software Supply Chain
Security Threat
The widespread issue of unmaintained and deprecated npm packages recently discovered by Aqua researchers affects more than a fifth of open source packages. Presenting yet another silent example of hidden threats to the software supply chain, it demonstrates how poor operational and structural integrity of dependencies can be just as risky as code vulnerabilities, while …
Read more
SECURITY RESEARCH
Deceptive Deprecation: The Truth About npm Deprecated Packages
Threat Alert
Researchers at Aqua Nautilus found that 8.2% percent of the most downloaded npm packages are officially deprecated, but due to inconsistent practices in handling package dependencies, the real number is much larger, closer to 21.2%. Moreover, some package maintainers, when confronted with security flaws, deprecate their packages instead of reporting them, getting a CVE assigned …
Read more
Page 1 of 3212345Next ›
Need to secure enterprise workloads?
Aqua Cloud Native Application Protection Platform (CNAPP)
Go cloud native with the experts!
Get Demo
Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer in cloud native security, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), protecting the application lifecycle from code to cloud and back. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries.
Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use | Cookie Settings |  
Accessibility Tools
Normal text size Medium text size Large text size
Normal display Black & White display High contrast display
Stop transitions and animations Underline Links