eBPF is a popular and powerful technology embedded in the Linux kernel. It is widely used by many security tools for monitoring kernel activity to detect and protect organizations. eBPF, however, can potentially be a dual edged sword as it can be used by threat actors as part of their malicious arsenal. Lately, we …
Roi Kol
Roi is a Security Researcher at Aqua. His work focuses on researching threats in the cloud native world. When not at work, Roi is a B.A. student in Computer Science at the Open University. He also enjoys going out into nature and spending time with family and friends.
This blog was co-authored with Assaf Morag, Lead Security Analyst at Aqua Security
Ever notice how news about hidden malware almost always focuses on remediation AFTER the fact? So did we. Even now, there’s yet another news story about a rash of attacks by a group called TeamTNT. They used a crypto-mining worm to …
Aqua’s research team continuously investigates and analyzes the anatomy of new attacks in the wild. Recently, we identified attacks that exploited misconfigured open Docker daemons, where attackers were actively using this attack vector to hijack environments in order to launch targeted DDoS attacks. Each of the …