This is according to a new report from cybersecurity researchers Aqua Nautilus, which notes how when a Ubuntu user wants to run a specific program that’s currently not installed on the endpoint they can bring up the “command-not-found” utility and have it suggest packages to install.
The complexity of this architecture was done deliberately, because Kubernetes “was designed to allow users to have a lot of freedom and used an open architecture and a default security model of being open by default,” Assaf Morag, a data analyst with Aqua Security, tells CSO.
The development, which comes exactly a year after the malware was first publicly disclosed by Aqua, is a sign that the financially-motivated threat actor behind the campaign is actively adapting and refining their tactics and techniques to stay ahead of the detection curve.
BOSTON—January 31, 2024—Aqua Security, the pioneer in cloud native security, today announced it was named a Leader and Fast Mover in Innovation and Platform Play in the first-ever GigaOm Radar Report for Cloud Workload Security (CWS). As a standout force in hybrid and multi-cloud security, Aqua solidifies itself as a trailblazer in safeguarding diverse cloud …
“Companies must consider deploying advanced AI-driven security measures to safeguard cloud environments and counteract the sophisticated strategies employed by malicious actors,” Moshe Weis, CISO of cloud native security company Aqua Security, shares in an interview.
Determining where and how best to prioritize resources can prove a complex proposition that makes the implementation of fast and effective DevSecOps collaboration frameworks difficult to achieve,” asserts Gilad Elyashar, chief product officer at Aqua Security.
As part of CRN’s Cloud 100, Aqua is featured among the top 20 cloud security companies you should know about in 2024.
The disclosure comes as cloud security firm Aqua revealed that 21.2% of the top 50,000 most downloaded npm packages are deprecated, exposing users to security risks. In other words, the deprecated packages are downloaded an estimated 2.1 billion times weekly.