Since September 2021, the threat actor has compromised at least 1,200 Redis servers — that thousands of mostly smaller organizations use as a database or a cache — and taken complete control over them. Researchers from Aqua Nautilus, who spotted the campaign when an attack hit one of its honeypots, are tracking the malware as …
BOSTON—January 31, 2023—Aqua Security, the leading pure-play cloud native security provider, today announced that it ranked as an Outperformer and Leader in innovation in the GigaOm Radar for Container Security. The report highlights key vendors in container security, defines criteria for evaluating solutions and validates that Aqua is the leader and innovator in cloud native …
BOSTON— January 18, 2023—Aqua Security, the leading pure-play cloud native security provider, today announced that it has been named the Best Cloud Native Security Solution/Service in Techstrong Group’s DevOps Dozen Awards. Aqua was honored for its innovative Cloud Native Application Protection Platform (CNAPP) and influential commitment to the DevOps and security community. “The term ‘cloud-native …
CircleCI is assuming responsibility and taking steps to protect its customers, Assaf Morag, lead data analyst at cloud native security company Aqua Security, notes. But is important for customers to respond proactively to the security incident as well.
Aqua researchers have found it surprisingly easy to upload malicious Visual Studio Code extensions to the VSCode Marketplace, and discovered signs of threat actors already exploiting this weakness.
Aqua Security, in its own analysis of the bogus torchtriton module, said the package is almost 100% identical to its legitimate counterpart except for one crucial change that enables it to run a malicious binary called triton for harvesting the sensitive data.
Eilon Elhadad, Aqua’s Senior Director of Supply Chain, shared his predictions on software supply chain security.
Itay Shakury, VP Open Source, conducted a Q&A sharing details on Trivy, the all-in-one, open source security scanner that helps teams incorporate security into their workflow.