logo
ArticlesConferencesPresentations
Dates
Author
Conferences
Tags

Sort by:  

Sponsored Session: Malicious Package Trends Compared With Malware Evolution

Conference:  SupplyChainSecurityCon 2022
Authors: Daniel Elkabes
2022-06-22

tldr - powered by Generative AI

Malicious packages are a growing threat to organizations and communities, costing billions of dollars in damages. Attackers use various techniques to exfiltrate private information and evade detection. The community is exploring solutions such as Salsa and S-BOM to reduce the risk, but categorizing malicious packages is still a challenge.
  • Malicious packages are a significant threat, costing billions of dollars in damages
  • Attackers use various techniques such as dependency hijacking, typo squatting, and brain jacking to exfiltrate private information and evade detection
  • Solutions such as Salsa and S-BOM are being explored to reduce the risk of malicious packages
  • Categorizing malicious packages is a challenge for the community
Tags:
malware
package managers
Open Source
Daniel
forecast