Millions of Repos on GitHub Are Potentially vulnerable to Hijacking
What Aqua discovered was twofold: millions of such repositories — including those belonging to companies such as Google and Lyft — are present on GitHub; and tools are easily available to attackers to find these repos and hijack them.
Alert: Millions of GitHub Repositories Likely Vulnerable to RepoJacking Attack
“When a repository owner changes their username, a link is created between the old name and the new name for anyone who downloads dependencies from the old repository,” researchers Ilay Goldman and Yakir Kadkoda said. “However, it is possible for anyone to create the old username and break this link.”
More than a third of UK organisations believe inadequate software supply chain security is the biggest security risk
Aqua Security, the pioneer in cloud native security, has announced the results of a new study which reveals that, whilst UK firms are realising the benefits of cloud native security, the software supply chain has become a top security concern for them.
More than a third of UK organisations believe inadequate software supply chain security is the biggest security risk to their business, reveals new Aqua Security study
LONDON – June 14, 2023 – Aqua Security, the pioneer in cloud native security, has announced the results of a new study which reveals that, whilst UK firms are realising the benefits of cloud native security, the software supply chain has become a top security concern for them. The survey was conducted at Cloud Expo …
Aqua Security Wins U.S. Army Contract for Cloud Native Security
BOSTON, MA — June 13, 2023 — Aqua Security, the pioneer in cloud native security, today announced it has won a multi-million-dollar contract with the U.S. Army to provide cloud native application protection platform (CNAPP) security. Under this contract, Aqua Security will provide technology and services that will enable the Army to expand their cloud, …
Aqua security delivers cloud native security data to AWS Security Lake
Aqua’s integration with the Security Lake utilises the open cybersecurity schema framework (OCSF), which allows security teams to collect data from various sources and correlate it with their sources to get an enhanced security evaluation and reduce the time to detect issues and resolve them.
Infosec products of the month: May 2023
Powered by eBPF technology, Aqua’s pipeline integrity scanner detects and blocks suspicious behaviour and malware in real time, preventing code tampering and countering threats in the software build process.
Aqua Security Delivers the Industry’s Most Comprehensive Cloud Native Security Data to Amazon Security Lake
BOSTON — May 30, 2023 — Aqua Security, the pioneer in cloud native security, today announced support for Amazon Security Lake from Amazon Web Services (AWS), which is now generally available. The integration delivers the industry’s most comprehensive cloud native security data to Amazon Security Lake to help security teams accurately determine their risk posture …
- Kubernetes Exposed: Exploiting the Kubelet API July 15, 2024
- Compliance to Implementation: Exploring DORA and NIS 2 Frameworks July 10, 2024
- Phantom Secrets: Undetected Secrets Expose Major Corporations June 23, 2024
- Catch Me If You Can: Uncovering Malicious Threats in Container Images June 18, 2024
- Understanding the Importance of Runtime Security in Cloud Native Environments June 17, 2024
- Muhstik Malware Targets Message Queuing Services Applications June 4, 2024
