Report: PowerShell Gallery susceptible to typosquatting and other package-management attacks
Aqua Security says PowerShell issue can allow attacks involving registration of malicious packages with names similar to existing popular package names when developers make mistakes.
PowerShell? More like PowerHell: Microsoft won’t fix flaws in package gallery ripe for supply chain attacks
A trio of PowerShell Gallery design flaws reported to Microsoft almost a year ago remain unfixed, leaving registry users vulnerable to typosquatting and supply chain attacks, according to Aqua Nautilus.
Aqua Security Named Platform Leader in Innovation in GigaOm Radar Report for CSPM
BOSTON—August 16, 2023—Aqua Security, the pioneer in cloud native security, today announced that it ranked as the Platform Leader in Innovation in the GigaOm Radar for Cloud Security Posture Management (CSPM). In this second annual report, Aqua is recognized as a full platform play with a unique approach to security, simple licensing and broadly applicable …
Kubernetes clusters under attack in hundreds of organizations
Kubernetes (K8s) clusters belonging to more than 350 organizations, open-source projects, and individuals have been detected as openly accessible and unprotected. That’s according to new findings from Aqua Security following a three-month-long investigation by its research team, Nautilus.
Addressing supply chain security compliance obligations
Aqua’s Eilon Elhadad weighs in on software supply chain security.
Aqua Nautilus Researchers Find Kubernetes Clusters Under Attack in Hundreds of Organizations
BOSTON—August 8, 2023—Aqua Security, the pioneer in cloud native security, today announced a three-month-long investigation by its research team. Aqua Nautilus uncovered Kubernetes clusters belonging to more than 350 organizations, open-source projects, and individuals, were openly accessible and unprotected. A notable subset of clusters was connected to vast conglomerates and Fortune 500 companies. At least …
Aqua Security unveils AI-guided remediation for vulnerability response
Cloud native security provider Aqua Security has announced enhancement of the Aqua cloud security platform with the availability of AI-guided remediation capabilities.
Aqua Security Unveils AI-Guided Remediation for Lightning-Fast Vulnerability Response
Boston—August 1, 2023—Aqua Security, the pioneer in cloud native security, today announced enhancement of the Aqua Cloud Security Platform with the availability of AI-Guided Remediation capabilities. Now overburdened security teams can better operationalize risk findings to rapidly reduce risk and help developers quickly fix issues. According to the Cybersecurity and Infrastructure Security Agency, adversaries exploit …
- Kubernetes Exposed: Exploiting the Kubelet API July 15, 2024
- Compliance to Implementation: Exploring DORA and NIS 2 Frameworks July 10, 2024
- Phantom Secrets: Undetected Secrets Expose Major Corporations June 23, 2024
- Catch Me If You Can: Uncovering Malicious Threats in Container Images June 18, 2024
- Understanding the Importance of Runtime Security in Cloud Native Environments June 17, 2024
- Muhstik Malware Targets Message Queuing Services Applications June 4, 2024
