Attack Vector - Aqua https://www.aquasec.com/tag/attack-vector/ Cloud Native Security, Container Security & Serverless Security Mon, 15 Jul 2024 08:18:26 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 Can You Trust Your VSCode Extensions? https://www.aquasec.com/blog/can-you-trust-your-vscode-extensions/ Fri, 06 Jan 2023 11:00:00 +0000 https://www.aquasec.com/?p=14494 Can You Trust Your VSCode Extensions?Aqua Nautilus researchers have recently discovered that attackers can easily impersonate popular Visual Studio Code extensions and trick unknowing developers into downloading them. In original vulnerability research, we’ve uncovered a new attack method which could act as an entry point for an attack on many organizations. We’ve also discovered that some extensions may have already …]]> The Great Escape: A Blast Radius Analysis of Container Attacks https://www.aquasec.com/blog/container-attack-surface-analysis/ Wed, 27 Oct 2021 14:15:10 +0000 https://www.aquasec.com/?p=15110 The Great Escape: A Blast Radius Analysis of Container AttacksIn 2021, container attacks have been on the rise. We observed numerous attacks that were designed to escape container environments to the underlying host, increasing the impact of the attack. But how much damage can be caused when an attacker manages to escape a container? To answer this question, we conducted an analysis of real-world …]]> Threat Alert: Exploiting Open Docker Daemons for DDoS Attacks https://www.aquasec.com/blog/threat-alert-ddos-attack-docker-daemons/ Mon, 20 Jan 2020 13:04:58 +0000 https://www.aquasec.com/?p=15660 Threat Alert: Exploiting Open Docker Daemons for DDoS AttacksAqua’s research team continuously investigates and analyzes the anatomy of new attacks in the wild. Recently, we identified attacks that exploited misconfigured open Docker daemons, where attackers were actively using this attack vector to hijack environments in order to launch targeted DDoS attacks. Each of the attacks were carried out using a botnet of containers, …]]> DNS Spoofing on Kubernetes Clusters https://www.aquasec.com/blog/dns-spoofing-kubernetes-clusters/ Thu, 29 Aug 2019 11:58:25 +0000 https://www.aquasec.com/?p=15749 DNS Spoofing on Kubernetes ClustersIn this post I’ll describe how an attacker, who manages to run malicious code on a cluster can, with no special permissive permissions, successfully spoof DNS responses to all the applications running on the cluster, and from there execute a MITM (Man In The Middle) on all network traffic of pods. Before we get into …]]> Cryptocurrency Miners Abusing Containers: Anatomy of an (Attempted) Attack https://www.aquasec.com/blog/cryptocurrency-miners-abusing-containers-anatomy-of-an-attempted-attack/ Thu, 15 Feb 2018 13:55:22 +0000 https://www.aquasec.com/?p=16064 Cryptocurrency Miners Abusing Containers: Anatomy of an (Attempted) AttackThis isn’t a story about a Docker vulnerability; it’s a story about how hackers are looking for unsecured Docker deployments where they can mine cryptocurrency. You shouldn’t leave your Docker daemon unsecured  any more than you would leave your mail server unsecured. We’ve heard many accounts of attempted (sometimes successful) cryptocurrency mining attacks on container …]]>