Aqua News

Contact Aqua PR

Aqua Security (Argon) Recognized as a Representative Vendor in Gartner® Innovation Insight for SBOMs Report

April 12, 2022

BOSTON — April 12, 2022 — Aqua Security, the leading pure-play cloud native security provider, today announced that Aqua Security has been recognized as a Representative Vendor in Gartner Innovation Insight for Software Bill of Materials (SBOMs) Report under Commercial SBOM Tools for Argon.* To realize the full benefits of SBOM, Gartner recommends software engineering […]

Read more

Almost 1/3 of Top npm Accounts Aren’t Protected with 2FA

April 7, 2022

A recent study by Aqua Security‘s Team Nautilus found that 32% of the top 35 npm packages are at risk of account takeover because their dependencies’ owners haven’t properly employed two-factor authentication (2FA).

Read more

Spring4Shell: Researchers still looking for exploitable real-world apps

April 1, 2022

The crucial thing to keep in mind, however, is that “even if the current exploit needs [a] specific configuration, the vulnerability is still general enough and can be exploited in different ways,” said Manasi Prabhavalkar, a product manager on the vulnerability response team at Aqua Security, in an email to VentureBeat.

Read more

Cloud native application security is a critical priority, risk perception is worryingly low

April 1, 2022

Aqua Security has announced the results of a study which reveals that UK organizations have a long road ahead when it comes to understanding, planning and deploying their cloud native security strategies.

Read more

Container, Serverless & Cloud Native Security Flash – March 2022

March 31, 2022

March has been full of events for the cloud native community as many new vulnerabilities were discovered and the largest cloud native conference, KubeCon, unveiled its agenda. Discover everything you need to know about the notorious “Dirty Pipe” vulnerability and find out how CVE-2022-0811 in CRI-O can allow container escape. Software supply chain security is only becoming more important, so […]

Read more

This new ransomware targets data visualization tool Jupyter Notebook

March 30, 2022

Aqua Security’s Team Nautilus recently discovered malware that has honed in on this popular data tool. While Jupyter Notebook allows users to share their content with trusted contacts, access to the app is secured through account credentials or tokens.

Read more

Fighting Over Cloud Workloads for Cryptomining

March 30, 2022

Other attackers have found ways to exploit the free tier of continuous integration, continuous deployment (CI/CD) pipeline services — such as Azure DevOps, BitBucket, CircleCI, GitHub, GitLab, and TravisCI — and string together the transient workloads into a cryptomining cloud service, according to cloud security firm Aqua Security.

Read more

Researchers Find Python-Based Ransomware Targeting Jupyter Notebook Web Apps

March 30, 2022

The new sample was discovered by researchers at Aqua Security, after it was caught in one of its honeypots. The ransomware specifically targets Jupyter Notebooks, an open-source web app used by data professionals to work with data, write and execute code, and visualize the results.

Read more