Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool
The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft game servers.
Aqua Security Chosen by 10 of the top North American Banks for Cloud Native Application Protection
BOSTON—July 11, 2024 — Aqua Security, the pioneer in cloud native security, today announced that 10 of North America’s largest and most influential banks have chosen its cloud native application protection platform (CNAPP), the Aqua Platform, to prevent attacks in the software supply chain and stop attacks as they happen in real time in production. With Aqua, customers …
Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service
The disclosure comes as cloud security firm Aqua discovered that sensitive information such as access tokens and passwords once hard-coded could remain permanently exposed even after removal from Git-based source code management (SCM) systems.
A guide to supply chain security tools
Aqua Security is featured in a list of tools to help secure software supply chains, along with a brief description of their offerings.
In the Wake of Breaches, How and Why Cloud Security Must Change
In this episode of DOS Won’t Hunt, Tsvi Korren, field CTO, Aqua Security joins thought leaders and Shane Snider, senior writer, InformationWeek to discuss ways cloud security must evolve.
‘Phantom’ Source Code Secrets Haunt Major Organization
Underlying processes within Git-based Source Code Management systems (SCMs) cause code to remain accessible even after being deleted or overwritten, continuing to expose previously leaked secrets, new Aqua Security research shows.
Enterprise secrets leaked in code management systems
By scanning the most popular 100 organizations on Github, which collectively includes more than 50,000 publicly accessible repositories, Aqua researchers found active secrets from open source organizations and enterprises such as Cisco and Mozilla providing access to sensitive data and software.
Aqua Security Finds Significant Exposure of Enterprise Secrets in Leading Source Code Management Systems
BOSTON—June 26, 2024—Aqua Security, the pioneer in cloud native security, today revealed new research that shows how credentials, API tokens, and passkeys – collectively referred to as secrets – from organizations around the globe were exposed for years. By scanning the most popular 100 organizations on Github, which collectively includes more than 50,000 publicly accessible …
- Threat Actors Hijack Misconfigured Servers for Live Sports Streaming November 19, 2024
- New Aqua User Experience: Streamlined Vulnerability Management November 14, 2024
- Enhancing UK Cybersecurity and Resilience: Impact of the New National Bill November 8, 2024
- 5 Must-See Sessions at KubeCon North America November 4, 2024
- TeamTNT’s Docker Gatling Gun Campaign October 25, 2024
- AWS CDK Risk: Exploiting a Missing S3 Bucket Allowed Account Takeover October 24, 2024
