Aqua Blog

Supply Chain Attacks

Zero-Day Attack Prevention Through Supply Chain Security

Zero-Day Attack Prevention Through Supply Chain Security

Supply chain security has made lots of headlines recently thanks to events like the SolarWinds breach. That and similar events highlight the importance of having a strategy in place to respond to zero-day attacks which can take advantage of vulnerable software components.

Continue reading ›
Supply Chain Security: Shifting Left to the Golden Pipeline

Supply Chain Security: Shifting Left to the Golden Pipeline

According to an article in Security Magazine, 98% of organizations have been negatively impacted by a cybersecurity breach in their supply chain. Aqua’s 2021 Software Supply Chain Security Review notes that “attackers focused heavily on open source vulnerabilities and poisoning, code integrity issues, exploiting the …

Continue reading ›
Threat Alert: Private npm Packages Disclosed via Timing Attacks

Threat Alert: Private npm Packages Disclosed via Timing Attacks

We at Aqua Nautilus have discovered that npm’s API allows threat actors to execute a timing attack that can detect whether private packages exist on the package manager. By creating a list of possible package names, threat actors can detect organizations’ scoped private packages and then masquerade public packages, …

Continue reading ›
Threat Alert: Phishing as a Service to Ramp Up Supply Chain Attacks

Threat Alert: Phishing as a Service to Ramp Up Supply Chain Attacks

Threat actors are ramping up their game by deploying Phishing as a Service (PhaaS) to code and package managers (such as GitHub, PyPI, Ruby, NPM). This tactic circumvents Multi-Factor Authentication (MFA) mechanisms leading to session cookie hijacks and account takeovers. As we’ve learned in recent years, account …

Continue reading ›
Intro to Fileless Malware in Containers

Intro to Fileless Malware in Containers

A fileless attack is a technique that takes incremental steps toward gaining control of your environment while remaining undetected. In a fileless attack, the malware is directly loaded into memory and executed, evading common defenses and static scanning. 

Continue reading ›
Software Supply Chain Attacks: 2021 in Review

Software Supply Chain Attacks: 2021 in Review

As CI/CD pipelines have become an increasingly popular attack vector, 2021 saw a huge rise in software supply chain attacks. With their number more than tripling in the past year, securing the software delivery process is one of the most urgent needs. In our latest study, we examine the top supply chain security …

Continue reading ›
Securing the World’s Software Supply Chains: Why Argon Joined Aqua

Securing the World’s Software Supply Chains: Why Argon Joined Aqua

Last year, Argon set out on an exciting mission to solve one of the industry’s most urgent problems: secure the way companies build and release software. Today, we’re thrilled to hit another milestone on this journey as we join forces with Aqua Security, the well-known leader in cloud native security. This …

Continue reading ›
A Popular npm Library Compromised in a Supply Chain Attack: What to Do

A Popular npm Library Compromised in a Supply Chain Attack: What to Do

In late October, a supply chain attack affected a popular npm library, ua-parser-js, which put many companies at risk of compromise. In this blog, we will describe the attack and outline a few ways that organizations can mitigate similar threats. This is an example in a growing trend of cyberattacks that leverage the …

Continue reading ›
A Brief Guide to Supply Chain Security Best Practices

A Brief Guide to Supply Chain Security Best Practices

With the rise in attacks targeting the supply chain of cloud native applications, it’s important to understand how you can prepare for and stifle risks that enter your environments through third-party packages and tools. This post outlines the top software supply chain security best practices that should be included …

Continue reading ›
Threat Alert: Supply Chain Attacks Using Container Images

Threat Alert: Supply Chain Attacks Using Container Images

Team Nautilus, Aqua Security’s threat research team, has uncovered several supply chain attacks that use malicious container images to compromise their victim. These five container images were found on Docker Hub, which we scan daily for signs of malicious activity. The images hijack organizations’ resources to mine …

Continue reading ›
Innovation in the Hands of Threat Actors: Analyzing Supply Chain Attacks

Innovation in the Hands of Threat Actors: Analyzing Supply Chain Attacks

Hot on the heels of highly publicized attacks like those affecting Solarwinds and Codecov, organizations are taking a firm stance on software supply chain security. But in order to be effective at securing the slurry of artifacts that get incorporated into cloud native applications, we must first understand the enemy. …

Continue reading ›