2023 RSAC Subscribe

Malicious Packages Unwrapped – Getting Ahead of Application Infiltration – Jeff Martin – RSA23 #4

April 27, 2023

Unlike vulnerabilities, which can and do often exist for months or years in application code without being exploited, a malicious package represents an immediate threat to an organization, intentionally designed to do harm. In the war for cybersecurity, attackers are innovating faster than companies can keep up with the threats coming their way. A new approach is needed to stay ahead of the impacts of malicious packages within applications.

Findings from our latest report "Malicious Packages Special Report: Attacks Move Beyond Vulnerabilities" illustrate the growing threat of malicious packages. From 2021 to 2022, the number of malicious packages published to npm and rubygems alone grew 315 percent.

Mend.io technology detected thousands of malicious packages in existing code bases. The top four malicious package risk vectors were exfiltration, developer sabotage, protestware, and spam. Nearly 85 percent of malicious packages discovered in existing applications were capable of exfiltration – causing an unauthorized transmission of information. Threat actors leveraging this type of package can easily collect protected information before the package is discovered and removed.

We’ll share why as long as open source means open, the door will be left open to bad actors, so it’s especially critical to know when things are being brought into your code. Malicious packages represent an immediate threat, unlike vulnerabilities, and can not be taken lightly.

Segment Resources: 360° Malicious Package Protection - https://www.mend.io/malicious-open-source-package-protection/

Please download the Mend Malicious Packages Special Report and be on the lookout for a webinar reviewing the findings on May 30. You can learn more about how to get ahead of malicious packages at https://www.mend.io/malicious-open-source-package-protection/

This segment is sponsored by Mend.io. Visit https://securityweekly.com/mendrsac to learn more about them!

Sponsored By

Mend.io

Full episode and show notes

Guest

Jeff Martin

Vice President of Product at Mend.io

Jeff has spent the last 20 years in Product roles helping both the organizations he worked for and their customers transform and measure their software risk management processes and practices. He especially enjoys cultural and mindset transformations for their ability to create lasting progress.

Host

Tech Lead at Block

Related

Vulnerability Management

SEXi, Powerhost, Acuity, Layerslider, JSOutProx, Byakugan, Josh Marpet, and More – SWN #375

April 5, 2024

SEXi, AI Dreams, Powerhost, Acuity, Layerslider, JSOutProx, Byakugan, Josh Marpet, and More, on this edition of the Security Weekly News.

Vulnerability Management

Patrick Stewart, Colorama, Strelastealer, CVSS scores, CHUDS, Josh Marpet, and more – SWN #372

March 26, 2024

Patrick Stewart, Colorama, Strelastealer, CVSS scores, CHUDS, Josh Marpet, and more, on this Edition of the Security Weekly News.

Vulnerability Management

Robots, UDP, GoFetch, DCs, Pwn2Own, Verner Vinge, Reddit, Aaran Leyland, and More – SWN #371

March 22, 2024

Robots gone wild, UDP, GoFetch, Domain Controllers, Pwn2Own, Verner Vinge, Reddit, Aaran Leyland, and More on this edition of the Security Weekly News.