2023 RSAC Subscribe

Malicious Packages Unwrapped – Getting Ahead of Application Infiltration – Jeff Martin – RSA23 #4

April 27, 2023

Unlike vulnerabilities, which can and do often exist for months or years in application code without being exploited, a malicious package represents an immediate threat to an organization, intentionally designed to do harm. In the war for cybersecurity, attackers are innovating faster than companies can keep up with the threats coming their way. A new approach is needed to stay ahead of the impacts of malicious packages within applications.

Findings from our latest report "Malicious Packages Special Report: Attacks Move Beyond Vulnerabilities" illustrate the growing threat of malicious packages. From 2021 to 2022, the number of malicious packages published to npm and rubygems alone grew 315 percent.

Mend.io technology detected thousands of malicious packages in existing code bases. The top four malicious package risk vectors were exfiltration, developer sabotage, protestware, and spam. Nearly 85 percent of malicious packages discovered in existing applications were capable of exfiltration – causing an unauthorized transmission of information. Threat actors leveraging this type of package can easily collect protected information before the package is discovered and removed.

We’ll share why as long as open source means open, the door will be left open to bad actors, so it’s especially critical to know when things are being brought into your code. Malicious packages represent an immediate threat, unlike vulnerabilities, and can not be taken lightly.

Segment Resources: 360° Malicious Package Protection - https://www.mend.io/malicious-open-source-package-protection/

Please download the Mend Malicious Packages Special Report and be on the lookout for a webinar reviewing the findings on May 30. You can learn more about how to get ahead of malicious packages at https://www.mend.io/malicious-open-source-package-protection/

This segment is sponsored by Mend.io. Visit https://securityweekly.com/mendrsac to learn more about them!

Sponsored By

Mend

Full episode and show notes

Guest

Jeff Martin

Jeff Martin

Vice President of Product at Mend.io

Jeff has spent the last 20 years in Product roles helping both the organizations he worked for and their customers transform and measure their software risk management processes and practices. He especially enjoys cultural and mindset transformations for their ability to create lasting progress.

Host

Mike Shema

Mike Shema

Tech Lead at Block

Related

Vulnerability management

Brain Implants, Volt Typhoon, CosmicEnergy, OAuth, ILoveYou , Aaran Leyland, and More – SWN #301

May 26, 2023

Ferret Legging, Elon's Brain Implants, Volt Typhoon, CosmicEnergy, OAuth, ILoveYou (and that's not just the Molly talking), Aaran Leyland, and More on this episode of the Security Weekly News.

Vulnerability management

Post-Exploit, Vocal Passports, Will it Run DOOM!?!, & Coldplay Lyrics in Firmware – PSW #786

May 24, 2023

In the Security News: a cross-platform, post-exploit, red teaming framework, cover your backups, your voice should never be your passport, time to change your fingerprints, a drop in the bucket sucka, Thor will take out those pesky drones, never give your AI friends money, bye-bye PyPi for a while anyhow, bug bounties are broken, you say you want ...

Vulnerability management

Wemo Vulnerability, EXSI Threats, Critical Cisco Flaws, IAM, Malware, and More – SWN #299

May 19, 2023

$10M reward, a serious wemo vulnerability, EXSI threats, critical Cisco flaws, millions of smart phones with preinstalled malware and Bill Brenner