Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets

Aqua Cloud Native Blog

Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance.

Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets
What happens when employees at some of the world’s largest organizations like Microsoft and RedHat use personal GitHub repos for their side projects? They can unknowingly expose corporate secrets and credentials opening the doors for a security incident. Unfortunately, this isn’t just a hypothetical situation.  
Read more
Popular Posts
2023 Nautilus Cyber Security Report – Insights Revealed
CorePlague: Critical Vulnerabilities in Jenkins Server Lead to RCE
Deceptive Deprecation: The Truth About npm Deprecated Packages
Threat Alert
Threat Alert: First Python Ransomware Attack Targeting Jupyter Notebooks
Threat Alert: Massive Cryptomining Campaign Abusing GitHub, Docker Hub, Travis CI & Circle CI
CONTAINER SECURITY
Elevating AWS Kubernetes Security and Compliance  
Amazon Elastic Kubernetes Service (Amazon EKS) streamlines the process of deploying, managing, and scaling Kubernetes clusters on Amazon Web Services (AWS), sparing users the complexities of setting up and maintaining their own Kubernetes control plane. Kubernetes itself is an open-source platform designed to automate the management, scaling, and deployment of applications within containers.   
Read more
CLOUD SECURITY
Securing GenAI: Safeguarding LLM-Powered Applications with Aqua
In the rapidly evolving world of artificial intelligence, the rise of Generative AI (GenAI) has sparked a revolution in how we interact with and leverage this technology. GenAI is based on large language models (LLMs) that have demonstrated remarkable capabilities, from generating human-like text to powering conversational interfaces and automating complex tasks. 
Read more
Subscribe to Aqua Blog
CLOUD SECURITY
Setting Sail: Keeping a Weathered Eye on the Horizon of Cloud Security
As I hoist the sail on this new journey with Aqua, I was asked why did I join? Why am I thrilled to be part of this organization and what is it about Aqua’s approach to safeguarding cloud native systems that resonates with me?  For close to 20 years I have experienced building, transforming, and …
Read more
Cloud Security Posture Management
Discover Cloud Security Issues Faster with Event-based Scanning
In today’s cloud security landscape, the challenge of keeping pace with evolving threats is daunting for security practitioners. Meanwhile, malicious actors operate at lightning speed, often breaching organizations and extracting valuable data within minutes, if not seconds. Imagine what they could accomplish in 24 hours — can any modern organization afford such a gap in …
Read more
CLOUD SECURITY
Empowering Security: Bridging Talk to Action at RSA 2024
As we gear up for another exciting RSA Conference, it’s time to take stock of what’s making waves in the world of cybersecurity. Sure, we all know that RSA is the go-to event for all things security, but what’s the buzz this year? What are the hot topics? What’s really new?
Read more
CONTAINER SECURITY
CVE-2024-3094: Newly Discovered Backdoor in XZ tools
The xz-utils is a popular compression tool used widely across Linux systems, indicating its critical role in the software ecosystem. The xz-utils backdoor, discovered on March 29, 2024, exposes systems to potential backdoor access and remote code execution. It specifically targets versions 5.6.0 and 5.6.1 of xz-utils on systems using glibc, systemd, and patched OpenSSH. …
Read more
CLOUD WORKLOAD PROTECTION
Cloud Workload Security: Aqua Shines in GigaOm’s Radar Report 
Cloud workload security (CWS) plays a critical role in safeguarding the integrity and resilience of cloud native workloads. Defined through the lens of GigaOm, CWS primarily revolves around fortifying the dynamic and continuously evolving workloads within cloud environments. Its significance lies in bolstering security measures by pinpointing vulnerabilities, ensuring adherence to compliance standards, and swiftly …
Read more
CONTAINER SECURITY
Aqua: Leading the Charge in Container Security Innovation
Aqua named a leader and an outperformer in GigaOm Container Security Radar  Containerization has revolutionized application development and deployment, providing enterprises with enhanced speed, agility, and consistency across different computing environments. However, this transformation introduces complexities, particularly regarding security. With the increasing adoption of containerized applications, there’s a growing demand for specialized security solutions tailored …
Read more
CONTAINER SECURITY
Elevating Security: Protecting Containerized Workloads on Mainframes
Mainframes and containers represent two distinct yet impactful elements in today’s modern computing architecture. Mainframes are powerful, centralized computing systems known for their reliability, scalability, and ability to handle massive workloads. While containers, on the other hand, have emerged as a lightweight and flexible solution for deploying, scaling, and managing cloud native applications across various …
Read more
SECURITY RESEARCH
Lucifer DDoS botnet Malware is Targeting Apache Big-Data Stack 
Threat Alert
Aqua Nautilus has unveiled a new campaign targeting Apache big-data stack, specifically Apache Hadoop and Apache Druid. Upon investigation, it was discovered that the attacker exploits existing misconfigurations and vulnerabilities within our Apache cloud honeypots to execute the attacks.
Read more
SECURITY RESEARCH
Snap Trap: The Hidden Dangers Within Ubuntu’s Package Suggestion System
Aqua Nautilus researchers have identified a security issue that arises from the interaction between Ubuntu’s command-not-found package and the snap package repository. While command-not-found serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the snap repository, leading to deceptive recommendations of malicious packages. Additionally, our …
Read more
Page 1 of 3212345Next ›
Need to secure enterprise workloads?
Aqua Cloud Native Application Protection Platform (CNAPP)
Go cloud native with the experts!
Get Demo
Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer in cloud native security, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), protecting the application lifecycle from code to cloud and back. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries.
Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use | Cookie Settings |  
Accessibility Tools
Normal text size Medium text size Large text size
Normal display Black & White display High contrast display
Stop transitions and animations Underline Links