Aqua Nautilus Researchers Find Kubernetes Clusters Under Attack in Hundreds of Organizations
BOSTON—August 8, 2023—Aqua Security, the pioneer in cloud native security, today announced a three-month-long investigation by its research team. Aqua Nautilus uncovered Kubernetes clusters belonging to more than 350 organizations, open-source projects, and individuals, were openly accessible and unprotected. A notable subset of clusters was connected to vast conglomerates and Fortune 500 companies. At least …
Aqua Security unveils AI-guided remediation for vulnerability response
Cloud native security provider Aqua Security has announced enhancement of the Aqua cloud security platform with the availability of AI-guided remediation capabilities.
Aqua Security Unveils AI-Guided Remediation for Lightning-Fast Vulnerability Response
Boston—August 1, 2023—Aqua Security, the pioneer in cloud native security, today announced enhancement of the Aqua Cloud Security Platform with the availability of AI-Guided Remediation capabilities. Now overburdened security teams can better operationalize risk findings to rapidly reduce risk and help developers quickly fix issues. According to the Cybersecurity and Infrastructure Security Agency, adversaries exploit …
Unpatched Apache Tomcat servers spread Mirai botnet malware
The Nautilus researchers’ analysis established the threat actors were specifically targeting misconfigurations in the Tomcat web application manager app which allows users to manage deployed web applications.
AWS Cloud Credential Stealing Campaign Spreads to Azure, Google Cloud
The findings add to the research from Aqua Security that recently showed malicious activity targeting public-facing Docker and JupyterLab APIs. Aqua researchers attributed the activity — with a high level of confidence — to TeamTNT.
TeamTNT’s Cloud Credential Stealing Campaign Now Targets Azure and Google Cloud
They also overlap with an ongoing TeamTNT campaign disclosed by Aqua called Silentbob that leverages misconfigured cloud services to drop malware as part of what’s said to be a testing effort, while also linking SCARLETEEL attacks to the threat actor, citing infrastructure commonalities.
Aqua Security Appoints Former Microsoft Azure Executive as Chief Product Officer
BOSTON—July 6, 2023—Aqua Security, the pioneer in cloud native security, today announced the appointment of Gilad Elyashar as Chief Product Officer. Elyashar will be Aqua’s first Chief Product Officer responsible for leading the product management organization from strategy to execution. Working closely with Aqua’s customers and Aqua’s technology team, he will guide the evolution of …
Fileless attacks surge as cybercriminals evade cloud security defenses
Based on analysis by Aqua Nautilus researchers of 700,000 real-world attacks, the report covers three key areas: software supply chain, risk posture (including vulnerabilities and misconfigurations), and runtime protection.
- Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources August 9, 2024
- TrailShark: Understanding AWS API and Service Interactions August 9, 2024
- Go deeper: Linux runtime visibility meets Wireshark August 7, 2024
- Panamorfi: A New Discord DDoS Campaign August 2, 2024
- Kubernetes History: How It Conquered Cloud Native Orchestration July 25, 2024
- Kubernetes Exposed: Exploiting the Kubelet API July 15, 2024
