During a Black Hat USA 2024 session, Aqua Security researchers demonstrated how they discovered six cloud vulnerabilities in AWS services and a new attack vector.
The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft game servers.
BOSTON—July 11, 2024 — Aqua Security, the pioneer in cloud native security, today announced that 10 of North America’s largest and most influential banks have chosen its cloud native application protection platform (CNAPP), the Aqua Platform, to prevent attacks in the software supply chain and stop attacks as they happen in real time in production. With Aqua, customers …
The disclosure comes as cloud security firm Aqua discovered that sensitive information such as access tokens and passwords once hard-coded could remain permanently exposed even after removal from Git-based source code management (SCM) systems.
Aqua Security is featured in a list of tools to help secure software supply chains, along with a brief description of their offerings.
In this episode of DOS Won’t Hunt, Tsvi Korren, field CTO, Aqua Security joins thought leaders and Shane Snider, senior writer, InformationWeek to discuss ways cloud security must evolve.
Underlying processes within Git-based Source Code Management systems (SCMs) cause code to remain accessible even after being deleted or overwritten, continuing to expose previously leaked secrets, new Aqua Security research shows.
By scanning the most popular 100 organizations on Github, which collectively includes more than 50,000 publicly accessible repositories, Aqua researchers found active secrets from open source organizations and enterprises such as Cisco and Mozilla providing access to sensitive data and software.