PostgreSQL databases under attack 2024-08-21 at 16:16 By Zeljka Zorz Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access credentials. Once access is achieved, the threat actor: Creates a new […]
React to this headline:
PostgreSQL databases under attack Read More »
Traceeshark: Open-source plugin for Wireshark 2024-08-08 at 08:01 By Mirko Zorz Traceeshark is a plugin for Wireshark that enables security practitioners to quickly investigate security incidents. It enhances the capabilities of Aqua Tracee, an open-source runtime security and forensics tool, and allows users to analyze kernel-level event and behavioral detection alongside network traffic. With Traceeshark,
React to this headline:
Traceeshark: Open-source plugin for Wireshark Read More »
Developer errors lead to long-term exposure of sensitive data in Git repos 2024-06-26 at 15:01 By Help Net Security Credentials, API tokens, and passkeys – collectively referred to as secrets – from organizations around the globe were exposed for years, according to Aqua Security’s latest research. By scanning the most popular 100 organizations on GitHub,
React to this headline:
Developer errors lead to long-term exposure of sensitive data in Git repos Read More »
Understanding cyber risks beyond data breaches 2024-05-20 at 06:01 By Help Net Security While some may associate cyber risks primarily with technology and data breaches, they can also lead to brand or reputational harm, reduced productivity, and financial losses. This Help Net Security round-up presents excerpts from previously recorded videos featuring security experts covering a
React to this headline:
Understanding cyber risks beyond data breaches Read More »
Exposing the top cloud security threats 2024-04-15 at 07:01 By Help Net Security Many companies consider AI-powered threats to be the top cloud security threat to their business. Concerningly, less than half are confident in their ability to tackle those threats, according to a recent Aqua Security survey. In this Help Net Security video, Michal
React to this headline:
Exposing the top cloud security threats Read More »
Escalating cyber threats: Bots, fraud farms, and cryptojacking surge, urgently requiring attention 2024-01-05 at 06:32 By Help Net Security The motivations behind cyberattacks are as diverse as the methods employed. Whether driven by financial gain, political agendas, or sheer malice, cybercriminals exploit weaknesses in cybersecurity defenses, seeking entry points to compromise sensitive data, disrupt critical
React to this headline:
Aqua Security Scores $60M Series E Funding 2024-01-03 at 23:01 By Ryan Naraine Late-stage player in the CNAPP space secures a $60 million extended Series E funding round at a valuation north of $1 billion. The post Aqua Security Scores $60M Series E Funding appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
React to this headline:
Aqua Security Scores $60M Series E Funding Read More »
Tackling cloud security challenges head-on 2023-12-26 at 07:32 By Help Net Security Cloud security is a critical aspect of modern computing, as businesses and individuals increasingly rely on cloud services to store, process, and manage data. Cloud computing offers numerous benefits, including scalability, flexibility, and cost efficiency, but it also introduces unique security challenges that
React to this headline:
Tackling cloud security challenges head-on Read More »
Infosec products of the month: November 2023 30/11/2023 at 06:46 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Amazon, Aqua Security, ARMO, Datadog, Devo Technology, Druva, Entrust, Enzoic, Fortanix, GitHub, Illumio, Immuta, IRONSCALES, Kasada, Lacework, Malwarebytes, OneSpan, Paladin Cloud, Snappt, ThreatModeler, and Varonis.
React to this headline:
Infosec products of the month: November 2023 Read More »
Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets 22/11/2023 at 20:31 By Ryan Naraine Researchers at Aqua call urgent attention to the public exposure of Kubernetes configuration secrets, warning that hundreds of organizations are vulnerable to this “ticking supply chain attack bomb.” The post Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets appeared first on
React to this headline:
Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets Read More »
New infosec products of the week: November 10, 2023 10/11/2023 at 08:48 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Aqua Security, ARMO, Druva, IRONSCALES, Malwarebytes, and Varonis. Varonis enhances its Microsoft 365 offering to prevent sensitive email exposure Varonis announced major enhancements to
React to this headline:
New infosec products of the week: November 10, 2023 Read More »
Open-source vulnerability disclosure: Exploitable weak spots 09/11/2023 at 15:17 By Zeljka Zorz Flaws in the vulnerability disclosure process of open-source projects could be exploited by attackers to harvest the information needed to launch attacks before patches are made available, Aqua Security researchers worry. The risk arises from “half-day” and “0.75-day” vulnerabilities “Half-day” vulnerabilities are known
React to this headline:
Open-source vulnerability disclosure: Exploitable weak spots Read More »
Aqua Trivy open-source security scanner now finds Kubernetes security risks 08/11/2023 at 08:31 By Mirko Zorz The Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials (KBOM) generation. Now, companies can better understand the components within their Kubernetes environment and how secure they are to reduce risk. “Aqua
React to this headline:
Aqua Trivy open-source security scanner now finds Kubernetes security risks Read More »
Looney Tunables bug exploited for cryptojacking 07/11/2023 at 12:46 By Helga Labus Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that has been active since late 2021, targeting cloud-native environments and applications
React to this headline:
Looney Tunables bug exploited for cryptojacking Read More »
Kubernetes clusters face widespread attacks across numerous organizations 17/08/2023 at 07:02 By Help Net Security In this Help Net Security video, Assaf Morag, Lead Threat Intelligence Analyst at Aqua Security, discusses research that discovered openly accessible and unprotected Kubernetes clusters belonging to more than 350 organizations, open-source projects, and individuals. At least 60% of these
React to this headline:
Kubernetes clusters face widespread attacks across numerous organizations Read More »
Black Hat USA 2023 video walkthrough 11/08/2023 at 15:04 By Help Net Security Help Net Security is in Las Vegas this week for Black Hat USA 2023, and this video provides a closer look at the event. The exhibitors featured in this video are: 1Password, Aqua Security, CISA, Cisco, CyberFOX, Darktrace, Dasera, Fortanix, Fortinet, Fortra,
React to this headline:
Black Hat USA 2023 video walkthrough Read More »
Fileless attacks increase 1,400% 04/07/2023 at 07:11 By Help Net Security Aggregated honeypot data, over a six-month period, showed that more than 50% of the attacks focused on defense evasion, according to Aqua Security. Threat actors avoid detection These attacks included masquerading techniques, such as files executed from /tmp, and obfuscated files or information, such
React to this headline:
Fileless attacks increase 1,400% Read More »
Infosec products of the month: May 2023 01/06/2023 at 05:32 By Industry News Here’s a look at the most interesting products from the past month, featuring releases from: Aqua Security, Axiado, Bitwarden, Cloudflare, ComplyAdvantage, Dashlane, Delinea, Enzoic, Feedzai, Immersive Labs, Intruder, Nebulon, NETSCOUT, Neurotechnology, Nozomi Networks, OpenVPN, Private AI, Radware, Satori, Trua, Vanta, Veriff, and
React to this headline:
Infosec products of the month: May 2023 Read More »
Aqua Security collaborates with ServiceNow to accelerate cloud native risk remediation 18/05/2023 at 14:05 By Industry News Aqua Security integrates with the ServiceNow to enable joint customers to identify vulnerabilities in running containers with the broadest coverage across operating systems and programming languages, and with the highest accuracy. Security and application teams can automate vulnerability
React to this headline:
Aqua Security collaborates with ServiceNow to accelerate cloud native risk remediation Read More »
Aqua Security launches Real-Time CSPM to help teams focus on critical threats 16/05/2023 at 21:02 By Industry News Aqua Security has launched Real-Time CSPM, a next-gen cloud security posture management (CSPM) solution, which provides a complete view of multi-cloud security risk, pinpoints threats that evade agentless detection, and reduces noise so security practitioners can identify,
React to this headline:
Aqua Security launches Real-Time CSPM to help teams focus on critical threats Read More »