The Gaps in Open Source Governance That Threaten the Software Supply Chain

Cloud Native Security Research Blog

Aqua Nautilus research team

SECURITY RESEARCH

The Gaps in Open Source Governance That Threaten the Software Supply Chain

Security Threat

The widespread issue of unmaintained and deprecated npm packages recently discovered by Aqua researchers affects more than a fifth of open source packages. Presenting yet another silent example of hidden threats to the software supply chain, it demonstrates how poor operational and structural integrity of dependencies can be just as risky as code vulnerabilities, while …

SECURITY RESEARCH

Deceptive Deprecation: The Truth About npm Deprecated Packages

Researchers at Aqua Nautilus found that 8.2% percent of the most downloaded npm packages are officially deprecated, but due to inconsistent practices in handling package dependencies, the real number is much larger, closer to 21.2%. Moreover, some package maintainers, when confronted with security flaws, deprecate their packages instead of reporting them, getting a CVE assigned …

SECURITY RESEARCH

Apache Applications Targeted by Stealthy Attacker

Researchers at Aqua Nautilus have uncovered a new attack targeting Apache Hadoop and Flink applications. This attack is particularly intriguing due to the attacker’s use of packers and rootkits to conceal the malware. The simplicity with which these techniques are employed presents a significant challenge to traditional security defenses.

SECURITY RESEARCH

The Ticking Supply Chain Attack Bomb of Exposed Kubernetes Secrets

Exposed Kubernetes secrets pose a critical threat of supply chain attack. Aqua Nautilus researchers found that the exposed Kubernetes secrets of hundreds of organizations and open-source projects allow access to sensitive environments in the Software Development Life Cycle (SDLC) and open a severe supply chain attack threat. Among the companies were SAP’s Artifacts management system …

SECURITY RESEARCH

50 Shades of Vulnerabilities: Uncovering Flaws in Open-Source Vulnerability Disclosures

Aqua Nautilus researchers evaluated the vulnerability disclosure process for tens of thousands of open-source projects and found flaws in the process. These flaws allowed harvesting the vulnerabilities before they were patched and announced. This could enable attackers to exploit security holes before the project’s users are alerted.

SECURITY RESEARCH

Looney Tunables Vulnerability Exploited by Kinsing

Researchers from Aqua Nautilus have successfully intercepted Kinsing’s experimental incursions into cloud environments. Utilizing a rudimentary yet typical PHPUnit vulnerability exploit attack, a component of Kinsing’s ongoing campaign, we have uncovered the threat actor’s manual efforts to manipulate the Looney Tunables vulnerability (CVE-2023-4911). This marks the first documented instance of such an exploit, to the …

SECURITY RESEARCH

Exploited SSH Servers Offered in the Dark web as Proxy Pools

Security Threat

Aqua Nautilus researchers have shed brighter light on a long-standing threat to SSH in the context of the cloud. More specifically, the threat actor harnessed our SSH server to be a slave proxy and pass traffic through it. In this blog, we will explain this threat, demonstrate how attackers exploit SSH, what actions they take …

SECURITY RESEARCH

New Vulnerability in curl and libcurl Could Lead to Heap Buffer Overflow

A new high severity vulnerability (CVE-2023-38545) was published today along with a technical blog around the popular open source project, curl. This vulnerability could potentially, under various conditions, cause a heap overflow, which might lead to unexpected behavior, crashes, or potentially code execution. Therefore, the developer community should pay extra attention to this vulnerability and …

SECURITY RESEARCH

Kinsing Malware Exploits Novel Openfire Vulnerability

Aqua Nautilus discovered a new campaign that exploits the Openfire vulnerability (CVE-2023-32315), that was disclosed in May of this year, to deploy Kinsing malware and a cryptominer. This vulnerability leads to a path traversal attack, which grants an unauthenticated user access to the Openfire setup environment. This then allows the threat actor to create a …

SECURITY RESEARCH

PowerHell: Active Flaws in PowerShell Gallery Expose Users to Attacks

Security Threat

Recent findings by Aqua Nautilus have exposed significant flaws that are still active in the PowerShell Gallery’s policy regarding package names and owners. These flaws make typosquatting attacks inevitable in this registry, while also making it extremely difficult for users to identify the true owner of a package. Consequently, these flaws pave the way for …

SECURITY RESEARCH

Kubernetes Exposed: One Yaml away from Disaster

If you thought that falling victim to ransomware, or a hacker hijacking your workstation was a nightmare, consider the potential catastrophe of having your Kubernetes (k8s) cluster hijacked. It could be a disaster magnified a million times over.

SECURITY RESEARCH

Three Years Later: The Meow Campaign Reaches Jupyter

In 2017 and 2020 we saw the oddest campaign – ‘Meow’ – targeting unsecured databases such as MongoDB, Elasticsearch, Cassandra, CouchDB, and other software such as Hadoop clusters, FTPs, Jenkins etc. The Modus Operandi was very simple finding an exposed instance, deleting everything, and destroying data without any explanation. Back in 2017 and 2020, it …

Page 2 of 10‹ Prev 123 4 5 6 Next ›

Need to secure enterprise workloads?

Aqua Cloud Native Application Protection Platform (CNAPP)

Go cloud native with the experts!

Get Demo

Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.

Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started

Copyright © 2024 Aqua Security Software Ltd. Privacy Policy | Terms of Use | |