Assaf Morag, lead data analyst with Aqua’s Team Nautilus, said this discovery underscores the significance of detecting and fixing cloud misconfigurations promptly or preventing them from occurring before app deployment. Morag said security pros need to understand that the slightest misconfiguration might expose their containers and Kubernetes clusters to a cyberattack.
With this growth in volume has come an increase in sophistication, especially in terms of evasion techniques. “Adversaries are using more and more techniques designed to detect and remove security software,” note the Aqua researchers.
Cryptocurrency mining is the objective of many attacks, however adversaries are also using these attacks to deploy malware, create backdoors and steal credentials, according to the report. The report analyzes attacks during a six-month period using Aqua’s Dynamic Threat Analysis tool, which is backed by an open source project called Tracee.
Cloud-native security startup Aqua Security Software Ltd. today published new research revealing that it can now take less than an hour for vulnerable software container infrastructure to be exploited.
The latest threat report from cloud-native security company Aqua Security offers a detailed analysis of how bad actors are getting better at hiding their increasingly sophisticated attacks.
Organizations of all sizes and industries are increasingly adopting cloud native approaches. The benefits to the business are enormous, but at the same time, the transition introduces new threats and a wider attack surface. Aqua’s Assaf Morag shares an overview of new research from Aqua Security revealing that organizations struggle to keep pace and to […]
Over the last five years, the use of containers and container orchestration tools has grown prodigiously. Driven by popular tools such as Docker and Kubernetes, containerized workflows have become commonplace across many organizations. With this rapid evolution, there is a risk of getting lost in the blizzard of buzzwords and overlooking key security risks, as well as possible security solutions. […]