Tomcat Under Attack: Exploring Mirai Malware and Beyond

Aqua Cloud Native Blog

Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance.

SECURITY RESEARCH
Tomcat Under Attack: Exploring Mirai Malware and Beyond
A recent Java Developer Productivity Report  showed that almost 50% of developers are using Apache Tomcat, indicating its widespread usage in the cloud, big data and website development. We will begin by presenting statistics and examples from recent attacks. Afterward, we will delve into a detailed analysis of a single attack directed at one of …
Read more
SECURITY RESEARCH
Detecting eBPF Malware with Tracee
eBPF is a popular and powerful technology embedded in the Linux kernel. It is widely used by many security tools for monitoring kernel activity to detect and protect organizations. eBPF, however, can potentially be a dual edged sword as it can be used by threat actors as part of their malicious arsenal. Lately, we have …
Read more
SECURITY RESEARCH
TeamTNT Reemerged with New Aggressive Cloud Campaign
Threat Alert
In part one of this two-part blog series, titled The Anatomy of Silentbob’s Cloud Attack we provided an overview of the preliminary stages of an aggressive botnet campaign that aimed at cloud native environments. This post will dive into the full extent of the campaign and provide a more comprehensive exploration of an extensive botnet …
Read more
CLOUD SECURITY
From Cloud Security Posture Management to Real-Time CSPM
With the growing sophistication of cyber-attacks and increasing complexity of multi-cloud environments, partial visibility alone isn’t enough. Real-Time CSPM improves upon traditional CSPM by bringing deep, real-time context and prioritization to discovered issues. Providing you with complete visibility to reduce the noise so you can focus on remediating the biggest security risks across your multi-cloud …
Read more
SECURITY RESEARCH
Threat Alert: Anatomy of Silentbob’s Cloud Attack
Security Threat
Aqua Nautilus researchers identified an infrastructure of a potentially massive campaign against cloud native environments. This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to deploy on exposed JupyterLab and Docker APIs in order to deploy Tsunami malware, cloud credentials hijack, resource hijack and …
Read more
KUBERNETES SECURITY
Introducing KBOM – Kubernetes Bill of Materials
SBOM (Software Bill of Materials) is an accepted best practice to map the components and dependencies of your applications in order to better understand your applications’ risks. SBOMs are used as a basis for vulnerability assessment, licensing compliance, and more. There are plenty of available tools, such as Aqua Trivy, that help you easily generate …
Read more
SECURITY RESEARCH
2023 Nautilus Cyber Security Report – Insights Revealed
The adoption of cloud native technologies has become a cornerstone to helping businesses build and run applications. Cloud computing has revolutionized the way organizations design, develop, deploy, and manage their applications. While it has brought many benefits such as scalability, flexibility, and agility, it has also come with inherent complexities that have led to compromise …
Read more
SECURITY RESEARCH
GitHub Dataset Research Reveals Millions Potentially Vulnerable to RepoJacking
Threat Alert
Millions of GitHub repositories are potentially vulnerable to RepoJacking. New research by Aqua Nautilus sheds light on the extent of RepoJacking, which if exploited may lead to code execution on organizations’ internal environments or on their customers’ environments. As part of our research, we found an enormous source of data that allowed us to sample …
Read more
CNAPP
The Agent vs Agentless Debate is Over
It’s humbling to see customers adopt Aqua’s cloud security vision. It’s humbling to see our predictions come true, doubly so when competitors start to follow us. The proof came over the last few months as cloud visibility vendors either released their own agent or partnered with an agent provider. This validates what we all know: …
Read more
PARTNERS & ALLIANCES
Aqua CNAPP Integrates with Amazon Security Lake
Enabling Customers with Visibility and Remediation at Scale As the pioneer in cloud native security, Aqua has been at the forefront of CNAPP innovation. Today, we are pleased to announce our integration with Amazon Security Lake.   This integration allows customers the insights needed to determine their risk posture across all their AWS cloud workloads. …
Read more
PARTNERS & ALLIANCES
Remediate Vulnerabilities with Integrated Aqua and ServiceNow Workflows
The move to cloud native changed the daily operations of security teams. This shift requires teams to monitor the risk embedded within cloud environments, which increases the noise level, and piles up thousands of security issues to handle. This new reality requires different measures to handle relevant incidents based on the risk they impose and …
Read more
CLOUD SECURITY
Conquer Cloud Security Risk: Introducing Real-Time CSPM
What if someone handed you a static picture of a highway and asked you to drive using only the picture? Would you still drive even if you knew you could not see all the traffic around you? Yet traditional CSPM solutions show the state of your environment as a snapshot in time, usually once per …
Read more
Page 4 of 32‹ Prev12345678Next ›
Need to secure enterprise workloads?
Aqua Cloud Native Application Protection Platform (CNAPP)
Go cloud native with the experts!
Get Demo
Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer in cloud native security, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), protecting the application lifecycle from code to cloud and back. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries.
Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use | Cookie Settings |  
Accessibility Tools
Normal text size Medium text size Large text size
Normal display Black & White display High contrast display
Stop transitions and animations Underline Links