🚨 Exposed #Kubernetes secrets pose a significant risk, impacting top blockchain & Fortune 500 companies. From the mismanagement of Kubernetes Secrets to the inefficacy of common scanners, this read sheds light on the ticking supply chain attack bomb. Learn more ➡️

During #BHEU Briefing "REDIScovering HeadCrab - A Technical Analysis of a Novel Malware and the Mind Behind It" UltraLutra will unveil the story of HeadCrab - a highly elusive and sophisticated malware. Register now >> bit.ly/49VHxNo

🚨 Alert: #AquaNautilus researchers uncover security vulnerabilities in Ubuntu's package suggestion mechanism. 👉 aquasec.com/blog/snap-trap… 🕵️Ilay Goldman #threatresearch #linux #cybersecurity

Aqua Nautilus researchers analyse a Lucifer DDoS botnet campaign targeting Apache Hadoop & Apache Druid. The attacker exploits existing misconfigurations and vulnerabilities to execute the attacks. aquasec.com/blog/lucifer-d…

ICYMI: #AquaNautilus researchers recently discovered a new campaign targeting Apache big-data stack, exploiting existing misconfigurations and vulnerabilities in Apache Hadoop and Apache Druid. Read more about the findings in this article from Jaikumar Vijayan at Dark Reading.

.volatility #PluginContest #Contender UltraLutra: eBPF Programs plugin provides the ability to detect + perform automated code analysis of eBPF programs, including eBPF rootkits, loaded into kernel memory #DFIR #memoryforensics

AquaSec found exposed, often unencrypted Kubernetes Secrets in public repositories, with 46% exploitable, stressing the need for robust practices and proper secret scanning tool usage ➤ blog.aquasec.com/the-ticking-su…

Ever wondered how innocent side projects on #GitHub could turn into corporate security nightmares? Dive into our latest blog to uncover real cases from industry giants like #Microsoft and #RedHat, where personal repos unwittingly exposed sensitive data. ow.ly/8CeW50RIkC1

Thrilled to share that we'll be presenting our research at Black Hat Vegas Briefings and Arsenal! We'll reveal critical AWS vulnerabilities and showcase our vulnerability hunting tool. More details: blackhat.com/us-24/briefing… blackhat.com/us-24/arsenal/… #BlackHat #BHUSA Black Hat

🚨 Your secrets may not be as safe as you think. This morning, we shared Aqua Nautilus' latest findings on widespread enterprise secrets exposure in leading Source Code Management Systems. Read here ➡️ aquasec.com/blog/undetecte… #AquaNautilus #CommitOnceExposeForever

Watch as Ali Mokhtari, Solution Architect at Aqua Security, takes you through a short demo on Dynamic Threat Analysis (DTA). Discover how DTA helps you identify hidden threats in container images, ensuring your applications stay secure. 👇 youtube.com/watch?v=B63IJh…

Exciting news! 🚀 We are thrilled to launch Traceeshark, combining the best of Tracee and Wireshark for unparalleled Linux malware and network traffic analysis. Click here for details 👉 aquasec.com/news/traceesha…

WOW. We had a full house yesterday for Aqua Nautilus' talk, "Breaching AWS Accounts Through Shadow Resources". Huge THANK YOU to everyone who came! 👏 Black Hat #blackhat2024

For full details on the vulnerabilities and how to protect yourself, check out our blog. 🔐aquasec.com/blog/bucket-mo… Ofek itach Michael #AWS #Security #CloudSecurity #Cybersecurity #Infosec #TechNews [7/7]

📢 Tracee v0.22.0 is released! To learn more about what's new and changed, see here: github.com/aquasecurity/t…

🔍 Aqua Nautilus researchers have discovered Hadooken, a powerful Linux malware exploiting weak credentials to infiltrate systems. Once inside, it drops a Tsunami malware and deploys a cryptominer, wreaking havoc on your cloud environment. 🔒 Is your cloud security ready for an

perfctl - Indepth Analysis : A Stealthy Malware Targeting Millions of Linux Servers : aquasec.com/blog/perfctl-a…

300K+ Prometheus Servers and Exporters Exposed to DoS Attack aquasec.com/blog/300000-pr…

At LucidBitLabs, we broke commercial root detection in apps with top-tier app protections in place (RASP). Full write up - lucidbitlabs.com/blog/commercia…