In today's cloud security landscape, the challenge of keeping pace with evolving threats is daunting for security practitioners. Meanwhile, malicious actors operate at lightning speed, often breaching organizations and extracting valuable data within minutes, if not seconds. Imagine what they could accomplish in 24 …

As we gear up for another exciting RSA Conference, it's time to take stock of what's making waves in the world of cybersecurity. Sure, we all know that RSA is the go-to event for all things security, but what's the buzz this year? What are the hot topics? What’s really new?

The xz-utils is a popular compression tool used widely across Linux systems, indicating its critical role in the software ecosystem. The xz-utils backdoor, discovered on March 29, 2024, exposes systems to potential backdoor access and remote code execution. It specifically targets versions 5.6.0 and 5.6.1 of xz-utils …

Cloud workload security (CWS) plays a critical role in safeguarding the integrity and resilience of cloud-native workloads. Defined through the lens of GigaOm, CWS primarily revolves around fortifying the dynamic and continuously evolving workloads within cloud environments. Its significance lies in bolstering …

Containerization has revolutionized application development and deployment, providing enterprises with enhanced speed, agility, and consistency across different computing environments. However, this transformation introduces complexities, particularly regarding security. With the increasing adoption of containerized …

Mainframes and containers represent two distinct yet impactful elements in today's modern computing architecture. Mainframes are powerful, centralized computing systems known for their reliability, scalability, and ability to handle massive workloads. While containers, on the other hand, have emerged as a lightweight …

Aqua Nautilus has unveiled a new campaign targeting Apache big-data stack, specifically Apache Hadoop and Apache Druid. Upon investigation, it was discovered that the attacker exploits existing misconfigurations and vulnerabilities within our Apache cloud honeypots to execute the attacks.

Aqua Nautilus researchers have identified a security issue that arises from the interaction between Ubuntu's command-not-found package and the snap package repository. While command-not-found serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by …

We are excited to announce the upcoming support of the Aqua Cloud Native Application Platform (CNAPP) on IBM Z and LinuxONE, alongside IBM’s unveiling of its new LinuxONE 4 Express system. Support of the Aqua Cloud Native Application Platform (CNAPP) on IBM Z and LinuxONE will be available in 1Q 2024. 

On January 31, 2024, researchers revealed the discovery of four severe security vulnerabilities in the container ecosystem. These vulnerabilities, affecting key components including runc, BuildKit, Moby (Docker Engine), and Docker Desktop, pose significant risks to the security and integrity of applications that use …