Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2022

Customizing the JFrog Xray Horizontal Pod Autoscaler

In cloud native computing (Kubernetes in our case), there is a requirement to automatically scale the compute resources used for performing a task. The autoscaling cloud computer strategy allows to dynamically adjust the active number of application servers and allocated resources instead of responding manually in real-time to traffic surges that necessitate more resources and instances.

How to set up a Private, Remote and Virtual Go Registry

The simplest way to manage and organize your Go dependencies is with a Go Repository. You need reliable, secure, consistent and efficient access to your dependencies that are shared across your team, in a central location. Including a place to set up multiple registries, that work transparently with the Go client. With the JFrog free cloud subscription, including JFrog Artifactory, Xray and Pipelines, you can set up a free local, remote and virtual Go Registry in minutes.

Malware Civil War - Malicious npm Packages Targeting Malware Authors

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. Most recently we disclosed 25 malicious packages in the npm repository that were picked up by our automated scanning tools.

Xray: New Year, New Security Features

As part of our ongoing efforts to offer you the most comprehensive and advanced SDLC protection capabilities, JFrog continues to boost the capabilities of our Xray security and compliance product. In this blog, we offer an overview of recent Xray improvements, all aimed at helping you fortify your software, reduce risk, scale security, streamline compliance and accelerate releases with confidence.

CVE-2021-44521 - Exploiting Apache Cassandra User-Defined Functions for Remote Code Execution

JFrog’s Security Research team recently disclosed an RCE (remote code execution) issue in Apache Cassandra, which has been assigned to CVE-2021-44521 (CVSS 8.4). This Apache security vulnerability is easy to exploit and has the potential to wreak havoc on systems, but luckily only manifests in non-default configurations of Cassandra.

JFrog Discloses 3 Remote Access Trojans in PyPI

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to detect and avert potential software supply chain security threats. After validating the findings, the team reports any security vulnerabilities or malicious packages discovered to repository maintainers and the wider community.

New Year, New Features in Xray

Let’s start 2022 off the right with new features and updates that will extend JFrog Xray’s power and reach in addressing challenges with securing your binaries from development to production. Join Sarit Tager, VP Product Security as she discusses how Xray provides intelligent supply chain security and compliance at DevOps speed. JFrog Xray is a software composition analysis (SCA) solution that scans your open source software (OSS) dependencies for security vulnerabilities and license compliance issues.

CVE-2021-44142: Critical Samba Vulnerability Allows Remote Code Execution

Recently, a critical out-of-bounds vulnerability, assigned to CVE-2021-44142, was disclosed in Samba versions prior to 4.13.17. The Samba vulnerability carries a critical CVSS of 9.9 and allows attackers to remotely execute code on machines running a Samba server with a vulnerable configuration. The vulnerability was disclosed as part of the Pwn2Own Austin competition where researchers are challenged to exploit widely-used software and devices with unknown vulnerabilities.

The Impact of CVE-2022-0185 Linux Kernel Vulnerability on Popular Kubernetes Engines

Last week, a critical vulnerability identified as CVE-2022-0185 was disclosed, affecting Linux kernel versions 5.1 to 5.16.1. The security vulnerability is an integer underflow in the Filesystem Context module that allows a local attacker to run arbitrary code in the context of the kernel, thus leading to privilege escalation, container environment escape, or denial of service.