According to an article in Security Magazine, 98% of organizations have been negatively impacted by a cybersecurity breach in their supply chain. Aqua’s 2021 Software Supply Chain Security Review notes that “attackers focused heavily on open source vulnerabilities and poisoning, code integrity issues, exploiting the …
We at Aqua Nautilus have discovered that npm’s API allows threat actors to execute a timing attack that can detect whether private packages exist on the package manager. By creating a list of possible package names, threat actors can detect organizations’ scoped private packages and then masquerade public packages, …
Threat actors are ramping up their game by deploying Phishing as a Service (PhaaS) to code and package managers (such as GitHub, PyPI, Ruby, NPM). This tactic circumvents Multi-Factor Authentication (MFA) mechanisms leading to session cookie hijacks and account takeovers. As we’ve learned in recent years, account …
A fileless attack is a technique that takes incremental steps toward gaining control of your environment while remaining undetected. In a fileless attack, the malware is directly loaded into memory and executed, evading common defenses and static scanning.
As CI/CD pipelines have become an increasingly popular attack vector, 2021 saw a huge rise in software supply chain attacks. With their number more than tripling in the past year, securing the software delivery process is one of the most urgent needs. In our latest study, we examine the top supply chain security …
Last year, Argon set out on an exciting mission to solve one of the industry’s most urgent problems: secure the way companies build and release software. Today, we’re thrilled to hit another milestone on this journey as we join forces with Aqua Security, the well-known leader in cloud native security. This …
In late October, a supply chain attack affected a popular npm library, ua-parser-js, which put many companies at risk of compromise. In this blog, we will describe the attack and outline a few ways that organizations can mitigate similar threats. This is an example in a growing trend of cyberattacks that leverage the …
With the rise in attacks targeting the supply chain of cloud native applications, it’s important to understand how you can prepare for and stifle risks that enter your environments through third-party packages and tools. This post outlines the top software supply chain security best practices that should be included …
Team Nautilus, Aqua Security’s threat research team, has uncovered several supply chain attacks that use malicious container images to compromise their victim. These five container images were found on Docker Hub, which we scan daily for signs of malicious activity. The images hijack organizations’ resources to mine …
Hot on the heels of highly publicized attacks like those affecting Solarwinds and Codecov, organizations are taking a firm stance on software supply chain security. But in order to be effective at securing the slurry of artifacts that get incorporated into cloud native applications, we must first understand the enemy. …