Aqua News

Researchers at container security solution company Aqua Security observed such an attack on a honeypot, which the threat actor breached due to weak credentials. 

Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access credentials. 

Aqua cybersecurity researchers have discovered a new variant of the Gafgyt botnet that’s targeting machines with weak SSH passwords to ultimately mine cryptocurrency on compromised instances using their GPU computational power. 

BOSTON, August 12, 2024 – Aqua Security, the pioneer in cloud native security, today announced that it has been named as a Representative Vendor in the Gartner® Market Guide for Cloud-Native Application Protection Platforms (CNAPP). The new Gartner report examines the extensive CNAPP market and its growth potential, and it recognizes vendors as Representative Vendors. …

Researchers from security firm Aqua Security identified six AWS services that were creating predictably named S3 buckets and that were vulnerable to the new hijacking technique. They presented their findings in a talk at the Black Hat USA security conference this week. 

BOSTON—August 7, 2024—Aqua Security, the pioneer in cloud native security, today unveiled Traceeshark, an innovative plugin for Wireshark that enables security practitioners to quickly investigate security incidents. Traceeshark enhances the capabilities of Aqua Tracee, an open source runtime security and forensics tool for Linux, and empowers users to analyze kernel-level event and behavioral detection alongside …

BOSTON—August 7, 2024—Aqua Security, the pioneer in cloud native security, today unveiled new research by its cyber research team, Nautilus, addressing critical vulnerabilities in six AWS services. The potential impacts include remote code execution (RCE), full-service user takeover which might provide powerful administrative access, manipulation of AI modules, exposing sensitive data, data exfiltration and denial …

During a Black Hat USA 2024 session, Aqua Security researchers demonstrated how they discovered six cloud vulnerabilities in AWS services and a new attack vector.