Aqua Security

ICYMI: Aqua Nautilus researchers uncovered a stealthy malware strain, 'Perfctl,' that has been infecting #Linux systems since 2021. 🕵️♂️ Perfctl persists through reboots, evades detection, and exploits over 20,000 common misconfigurations, including the critical CVE-2023-33426 vulnerability. 🛡️ From crypto-mining to data exfiltration, this malware poses a significant threat to Linux environments. Read the full research breakdown and learn how to protect your systems. 🔍 Check out this article from WIRED 👉 https://lnkd.in/dxX6Nfx4 Assaf Morag Idan Revivo #aquanautilus #threatresearch

🚨 Uncovering "perfctl": The stealthy Linux malware targeting millions. Aqua Nautilus researchers, Assaf Morag and Idan Revivo, shed light on perfctl – a powerful malware exploiting over 20,000 types of misconfigurations on #Linux servers worldwide. This blog dives into how perfctl uses advanced evasion tactics like rootkits, TOR communication, and process masquerading. In this post, you’ll learn about: ➡️ The intricate architecture of perfctl and how it targets misconfigurations. ➡️ Its use of vulnerabilities like Polkit (CVE-2021-4043) to escalate privileges. ➡️ Key indicators of compromise and how Aqua can help safeguard your Linux environments. Don't let perfctl go unnoticed on your servers. 👇 🔗 Read the full analysis to discover how Aqua Security is staying one step ahead of this evolving threat. https://lnkd.in/e56wTXUU #AquaNautilus #threatresearch

Alma, a fast-growing fintech startup, needed a unified solution to secure their rapidly expanding cloud native environment without the complexity of multiple point solutions. 🌐 Enter Aqua Security—providing comprehensive protection from code to cloud. With Aqua, Alma now: ✅ Secures its entire application lifecycle with a single platform ✅ Integrates security seamlessly into existing workflows ✅ Supports compliance across 10 European countries ✅ Gains real-time threat detection and response Hear from Alma’s Product Security Engineer, Rémi Charbonnel, on how Aqua transformed their security processes and empowered their team to respond faster to security findings. 🔗 Read the full story here: https://lnkd.in/eCN-W9Aq #customersuccess #cnapp #cloudsecurity #fintech

🔎 Unpacking the State of Cloud Native Security in 2024 🔍 Our recent survey reveals that AI-powered threats, third-party vendor risks, and a lack of understanding are key barriers in cloud native security. As organizations navigate these evolving challenges, integrating the right tools and strategies becomes crucial. Survey Highlights: 🤖 AI Risks: AI is seen as the biggest risk by 50% of respondents, with mixed confidence in tackling these threats. 🔗 Third-Party Vendor Risks: 64% identify third-party vendor risk as a major concern for supply chain security. ⚠️ Knowledge Gap: A significant number of organizations struggle with understanding cloud security, impacting their ability to deploy effective solutions. The cloud security landscape is changing rapidly. Dive deeper into the survey findings and discover strategies to stay ahead. Download our ebook here ➡️ https://lnkd.in/eNybyiEu #cloudsecurity #ai #sscs #devsecops

We're just 2 weeks away from GovWare in Singapore! ✨ Stop by booth #P02 to meet the Aqua Security team and explore how we’re protecting cloud native applications. 📅 October 15 at 1:50 PM (SGT): Join Zhihao Tan, Director, Solution Architects - APJ, for "The Anatomy of Cloud Attacks." Discover the latest threats and how to stay one step ahead! 📅 October 17 at 4:00 PM (SGT): Don't miss Philip TM Pearson, our Field Chief Information Security Officer, on the panel "Preparing for a Quantum-Safe Future: Key Considerations and Strategies." Essential insights for future-proofing your cybersecurity strategy. Mark your calendars and swing by the booth to chat with the team! 👋 https://lnkd.in/gu9U7V73 #GovWare2024 #SICW Singapore International Cyber Week

Cloud 🗣️ News 🗣️ Now 🗣️ Get up to speed on Aqua Nautilus' latest research, from breaking down the CUPS vulnerability to introducing our new historical secret scanning tool. Plus, find out why 2024's vulnerability wave is bigger than ever. Check it out 👇 #AquaNautilus #cybersecurity #cloudsecurity #threatresearch

Master the art of securing your cloud native workloads on Amazon Web Services (AWS)! Below is a sneak peek of our Best Practices guide, packed with insights into handling the unique challenges of securing containers and serverless functions. 🔐 With Aqua, you can confidently protect against vulnerabilities, unauthorized access, and anomalous behavior. Ready to strengthen your security posture? Click here to download the complete guide: https://lnkd.in/dy5FKyfA 🗓️ And don't forget – this week marks the kickoff of our #AWS Immersion Day Workshops! Register to join a session and master cloud security with Aqua. ➡️ https://lnkd.in/dV6DrXx3 Comment below if you'll be joining us! 👇 #containersecurity

In today's fast-paced cloud native environments, delivering applications quickly is essential, and security must be seamlessly integrated into the process. ☁️🔐 This upcoming webinar explores how #DevSecOps unites development, operations, and security to proactively identify and mitigate security risks, improving both development speed and security. Join this webinar to learn: 🌟 Best Practices 🤨 Challenges in Cloud Native Environments 👏 Real World Success Stories Register below to see how you can accelerate delivery without compromising security. #LinkedInLive #cloudnative #cloudsecurity #cybersecurity

👋 Meet Arun Kumar! As a Solution Architect, Arun works to secure Cloud Native Applications while building strong technical communities. At Aqua, he loves the “winning as one” mindset. 🏆 He’s also a sports fanatic—recently winning the National Handball League in Singapore! Swipe through ➡️ to get to know Arun better!

🚨 Threat Alert: CUPS - A Critical 9.9 Linux Vulnerability Reviewed 🚨 There’s been a lot of concern about a recent critical Linux vulnerability in the Common UNIX Printing System (CUPS). While it may sound alarming, our Aqua Nautilus researchers found that several preconditions need to be met for this vulnerability to be exploited. In our latest blog, we break down the details, offer steps to detect potential exposure, and guide you through simple mitigation strategies. 🔍 What's Inside: • A current overview of the CUPS vulnerabilities and their conditions. • Steps to check if your system is at risk. • How Aqua can help block and identify non-compliant hosts using our Enforcer and Runtime Policies. Stay informed and protected by diving into the full analysis from our researchers. ➡️ https://lnkd.in/eynb_4w8 ⚠️ CUPS Vulnerability (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-47177) #threatalert #aquanautilus #threatresearch