Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
2022 Cloud Native Threat Report: Key Trends in Cyber Attacks

2022 Cloud Native Threat Report: Key Trends in Cyber Attacks

As companies continue to adopt cloud native technologies at a rapid pace, an increasing number of cyber threats are targeting the cloud native environment. To defend against these threats, security practitioners must stay abreast of attackers’ evolving tactics, techniques, and procedures. For its 2022 Cloud Native …

Continue reading ›
Software Supply Chain Security with Trivy: Generating SBOMs

Software Supply Chain Security with Trivy: Generating SBOMs

Trivy is an easy-to-use, comprehensive open source scanner that helps developers gain visibility into the software components used in their applications. With the growing awareness about supply chain security, software bills of materials (SBOMs) have become the standard for creating software inventory lists. To …

Continue reading ›
Real-world Cyber Attacks Targeting Data Science Tools

Real-world Cyber Attacks Targeting Data Science Tools

With the accelerated move to the cloud, organizations increasingly rely on large data teams to make data-driven business decisions. In their job, data professionals are given high privileges and access to development and production environments. But what are the security threats that target data tools? And, more …

Continue reading ›
Kubernetes RBAC: How to Avoid Privilege Escalation via Certificate Signing

Kubernetes RBAC: How to Avoid Privilege Escalation via Certificate Signing

Following on from our previous post on the risks of privilege escalation in Kubernetes via the node/proxy resource, we’re going to take a look at how users who have rights to the certificate signing request (CSR) API in Kubernetes might be able to use them to escalate their privileges in a cluster. In addition to …

Continue reading ›
New npm Flaws Let Attackers Better Target Packages for Account Takeover

New npm Flaws Let Attackers Better Target Packages for Account Takeover

For the past few years, cybercriminals have been hijacking popular npm packages by taking over maintainers’ accounts. As part of our research at Team Nautilus, we discovered two flaws in the npm platform related to two-factor authentication (2FA). An attacker can use these flaws to target npm packages for account …

Continue reading ›
New Zero-day RCE Vulnerability Spring4Shell: What You Should Know

New Zero-day RCE Vulnerability Spring4Shell: What You Should Know

A new critical zero-day vulnerability has been discovered in Spring, a popular open source framework widely used in modern Java applications. The issue could allow an attacker to execute arbitrary code on the vulnerable system. The vulnerability has been assigned CVE-2022-22965, and Spring has already released a patch.

Continue reading ›
Threat Alert: First Python Ransomware Attack Targeting Jupyter Notebooks

Threat Alert: First Python Ransomware Attack Targeting Jupyter Notebooks

Team Nautilus has uncovered a Python-based ransomware attack that, for the first time, was targeting Jupyter Notebook, a popular tool used by data practitioners. The attackers gained initial access via misconfigured environments, then ran a ransomware script that encrypts every file on a given path on the server and …

Continue reading ›
CVE-2022-23648 in Containerd's CRI Plugin Could Allow for Container Breakout

CVE-2022-23648 in Containerd's CRI Plugin Could Allow for Container Breakout

A recently discovered CVE in containerd allows attackers who can run a custom image in a cluster to break out to the underlying node and, in some cases, escalate privileges to cluster-admin level.

This CVE is interesting for several reasons. First, the vulnerability shows up in the container image, not in the …

Continue reading ›
04-22-IBM-blog-Run Secure Applications on OpenShift with IBM Power Systemsupdate-image

Run Secure Applications on OpenShift with IBM Power Systems

As an important component of end-to-end application modernization and hybrid cloud adoption, Aqua Security integrates with OpenShift on Power to provide tools to help customers further secure the full lifecycle of Red Hat OpenShift containerized workloads.

Continue reading ›
The New Octocat Coin: How Attackers Bypass CI/CD Compute Limits

The New Octocat Coin: How Attackers Bypass CI/CD Compute Limits

Over the past few years, attackers have embraced cryptomining as a fast revenue source, easily converting compute power into digital coins. Unlike other types of cybercrime, cryptomining is perceived by the attacker as relatively harmless and reversible, with a low footprint and an immediate payoff. Last year, bad …

Continue reading ›
Scan IaC Code in Dev with Trivy’s Extensions for VS Code and JetBrains

Scan IaC Code in Dev with Trivy’s Extensions for VS Code and JetBrains

When developing new software, a key element of improving security is providing security feedback as early and seamlessly as possible. One way to do this is embed security tools directly into the development environment. Recently, Aqua’s open source scanner Trivy has added this functionality, integrating with popular …

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...