Collaborate Disseminate
Researchers at Aqua call urgent attention to the public exposure of Kubernetes configuration secrets, warning that hundreds of organizations are vulnerable to this “ticking supply chain attack bomb.”
The post Researchers Discover Dangerous Exposure of… Continue reading Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets
Here’s a look at the most interesting products from the past week, featuring releases from Aqua Security, ARMO, Druva, IRONSCALES, Malwarebytes, and Varonis. Varonis enhances its Microsoft 365 offering to prevent sensitive email exposure Varonis announ… Continue reading New infosec products of the week: November 10, 2023
Flaws in the vulnerability disclosure process of open-source projects could be exploited by attackers to harvest the information needed to launch attacks before patches are made available, Aqua Security researchers worry. The risk arises from “ha… Continue reading Open-source vulnerability disclosure: Exploitable weak spots
The Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials (KBOM) generation. Now, companies can better understand the components within their Kubernetes environment and how secure … Continue reading Aqua Trivy open-source security scanner now finds Kubernetes security risks
Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that has… Continue reading Looney Tunables bug exploited for cryptojacking
In this Help Net Security video, Assaf Morag, Lead Threat Intelligence Analyst at Aqua Security, discusses research that discovered openly accessible and unprotected Kubernetes clusters belonging to more than 350 organizations, open-source projects, an… Continue reading Kubernetes clusters face widespread attacks across numerous organizations
Help Net Security is in Las Vegas this week for Black Hat USA 2023, and this video provides a closer look at the event. The exhibitors featured in this video are: 1Password, Aqua Security, CISA, Cisco, CyberFOX, Darktrace, Dasera, Fortanix, Fortinet, F… Continue reading Black Hat USA 2023 video walkthrough
Aggregated honeypot data, over a six-month period, showed that more than 50% of the attacks focused on defense evasion, according to Aqua Security. Threat actors avoid detection These attacks included masquerading techniques, such as files executed fro… Continue reading Fileless attacks increase 1,400%
Here’s a look at the most interesting products from the past month, featuring releases from: Aqua Security, Axiado, Bitwarden, Cloudflare, ComplyAdvantage, Dashlane, Delinea, Enzoic, Feedzai, Immersive Labs, Intruder, Nebulon, NETSCOUT, Neurotechnology… Continue reading Infosec products of the month: May 2023
Aqua Security integrates with the ServiceNow to enable joint customers to identify vulnerabilities in running containers with the broadest coverage across operating systems and programming languages, and with the highest accuracy. Security and applicat… Continue reading Aqua Security collaborates with ServiceNow to accelerate cloud native risk remediation