Aqua News

March has been full of events for the cloud native community as many new vulnerabilities were discovered and the largest cloud native conference, KubeCon, unveiled its agenda. Discover everything you need to know about the notorious “Dirty Pipe” vulnerability and find out how CVE-2022-0811 in CRI-O can allow container escape. Software supply chain security is only becoming more important, so …

Aqua Security’s Team Nautilus recently discovered malware that has honed in on this popular data tool. While Jupyter Notebook allows users to share their content with trusted contacts, access to the app is secured through account credentials or tokens.

Other attackers have found ways to exploit the free tier of continuous integration, continuous deployment (CI/CD) pipeline services — such as Azure DevOps, BitBucket, CircleCI, GitHub, GitLab, and TravisCI — and string together the transient workloads into a cryptomining cloud service, according to cloud security firm Aqua Security.

The new sample was discovered by researchers at Aqua Security, after it was caught in one of its honeypots. The ransomware specifically targets Jupyter Notebooks, an open-source web app used by data professionals to work with data, write and execute code, and visualize the results.

In this Q&A, Itay Shakury, Aqua Security’s Director of Open Source, discusses cloud trends, Kubernetes security, hiring for InfoSec jobs, and everything in between.

Around a third of respondents say between half and three quarters of their apps are cloud native, yet 20 percent have no cloud native security strategy in place  Nearly half (44 percent) rely on ‘free’ offerings from their cloud providers  Less than a third of respondents consider cloud misconfiguration to be their biggest cyber security …

“The tech community is getting faster at fixing discovered security issues for a variety of reasons, including advancing DevOps and CI/CD technological advancements, adopting bug bounty programs into the mainstream, embracing open source platforms’ security issue tracking, and Project Zero making an impact,” said Eylam Milner, director, Argon Technology with Aqua Security.

“[The hack] highlights the need for secure development processes, SAST and DAST scans, secret scans, etc. It is also a good reminder that organizations should treat their code as if it were open source, and if their code is exposed, then minimal damage will occur,” according to Yakir Kadkoda, Lead Security Researcher at Aqua Security.