https://www.aquasec.com/tag/advanced-malware-protection/ Cloud Native Security, Container Security & Serverless Security Mon, 15 Jul 2024 08:20:59 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 https://www.aquasec.com/blog/cicd-pipeline-security-tool-tracee/ Wed, 12 May 2021 09:04:28 +0000 https://www.aquasec.com/?p=15268 With the growing popularity of CI platforms to build software, bad actors are increasingly looking to exploit these environments to target organizations. In our post about the recent Codecov breach, we explored how an attacker was able to get access to credentials from within the CI/CD pipeline. To prevent this from happening, you need to …]]> https://www.aquasec.com/blog/monero-miners-target-bitbucket-dockerhub/ Thu, 04 Mar 2021 11:33:49 +0000 https://www.aquasec.com/?p=15325 In September 2020, Aqua’s Team Nautilus detected a campaign that targeted the automated build processes of GitHub and Docker Hub. At that time we notified the affected services and they blocked the attack. Now, this campaign has resurfaced with vengeance. In just four days, the attackers set up 92 malicious Docker Hub registries and 92 …]]> https://www.aquasec.com/blog/teamtnt-campaign-against-docker-kubernetes-environment/ Wed, 17 Feb 2021 16:07:51 +0000 https://www.aquasec.com/?p=15345 Last week, TeamTNT launched a new campaign against Docker and Kubernetes environments. Using a collection of container images that are hosted in Docker Hub, the attackers are targeting misconfigured docker daemons, Kubeflow dashboards, and Weave Scope, exploiting these environments in order to steal cloud credentials, open backdoors, mine cryptocurrency, and launch a worm that is …]]> https://www.aquasec.com/blog/container-image-scanning-aqua-wave/ Mon, 30 Nov 2020 15:30:00 +0000 https://www.aquasec.com/?p=15421 With an ever-evolving threat landscape, bad actors increasingly target container infrastructure, installing sophisticated malware into images that changes its behavior to evade detection. As static scanning is not designed to spot such advanced threats, it’s critical to perform dynamic analysis to detect suspicious behavior in real time. Image Scanning, the latest addition to Aqua, our …]]> https://www.aquasec.com/blog/container-attacks-on-redis-servers/ Wed, 30 Sep 2020 11:30:35 +0000 https://www.aquasec.com/?p=15486 Over the past few weeks, TeamTNT grabbed headlines after launching several novel attacks against cloud native infrastructure. In response, Docker Hub decided to remove TeamTNT’s malicious images from its community and deleted the user ‘Hildeteamtnt.’ But just a few days later, TeamTNT reemerged with a catchy logo “Still alive” embedded in their scripts (although “still …]]> https://www.aquasec.com/blog/ebpf-container-tracing-malware-detection/ Mon, 17 Aug 2020 10:49:27 +0000 https://www.aquasec.com/?p=15526 We have some exciting news about two new features in Tracee, Aqua’s open source container and system tracing utility. Now, Tracee is much more than just a system call tracer, it’s a powerful tool that can be used to perform forensic investigations and dynamic analysis of binaries – both are incredibly useful when looking for hidden malware. Tracee can provide users with timely insights that previously required special knowledge and tools. Capture …]]> https://www.aquasec.com/blog/container-vulnerability-dzmlt-dynamic-container-analysis/ Fri, 26 Jun 2020 09:10:30 +0000 https://www.aquasec.com/?p=15555 https://www.aquasec.com/blog/dynamic-container-analysis/ Wed, 22 Apr 2020 08:51:23 +0000 https://www.aquasec.com/?p=15602 Container images are a growing path for external code to enter an organization. Docker has simplified image workflow in order to encourage adoption by developers, so anyone can pull and run images that were built and pushed to Docker Hub, often by unknown individuals. This is being exploited by malicious actors to embed sophisticated malware …]]>