Operations | Monitoring | ITSM | DevOps | Cloud

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to report vulnerable and malicious packages to repository maintainers. Earlier this year we disclosed several malicious packages targeting developers’ private data that were downloaded approximately 30K times. Today, we will share details about 11 new malware packages that we’ve recently discovered and disclosed to the PyPI maintainers (who promptly removed them).

Ransomware continues to be a costly and growing problem. According to Infosecurity Magazine, the number of ransomware attacks grew 288% between the first and second quarters of 2021. Cybersecurity Ventures estimated a ransomware attack occurs every 11 seconds, Cybercrime Magazine reports. The resulting price tag from ransomware is truly staggering.

Ransomware experienced a stunning surge in prevalence and sophistication throughout the pandemic. Threat actors capitalized on a frequently shaky transition to a remote, digital business landscape. With so many businesses prioritizing basic functionality over proactive security, vulnerabilities have been unprecedented – and very much exploited.

The Forge team at Puppet has been hard at work for the past few months building out a malware scanning framework in order to help folks be more proactive about their security posture. Now, to be clear, this doesn't replace your own security mitigations. You should still audit untrusted code. You should still run your own virus protections. There are many layers in a robust security profile, and this is only one of them.

Cyberthreats including malware, viruses, and other security hazards are constantly evolving and becoming more dangerous and harder to detect. This makes it quite difficult to keep your data and information protected nowadays. Unless you are sure that you are absolutely protected, which is wishful thinking, you remain at risk of attacks by the latest strains of malware and security threats.

Ransomware is a strain of malware that blocks users (or a company) from accessing their personal data or apps on infected iOS, iPadOS, and Android mobile devices, macOS laptops, Windows personal computers and servers, and Linux servers. Then the exploit demands cryptocurrency as payment to unblock the locked or encrypted data and apps. This form of cyber extortion has been increasing in frequency and ferocity over the past several years.

We have been warning for a long time: Pandora FMS will control the world. We have given time to world governments to prepare, to North American villagers to prepare their bunker, for sects to draw their banners with “THE END IS NEAR”. And it is, it is indeed. Today, in our blog we reveal the secret plans of this company to overthrow the institutions and rule the world, then you will say that we did not warn you.

The Splunk Threat Research team has researched two of the current payloads involved in these heinous campaigns against healthcare and first responder organizations such as Conti & REvil. In the first blog, we explored the REvil ransomware group and in this blog, we will explore Conti.