In this blog post, we’ll provide a detailed analysis of a malicious payload we’ve dubbed “Impala Stealer”, a custom crypto stealer which was used as the payload for the NuGet malicious packages campaign we’ve exposed in our previous post. The sophisticated campaign targeted.NET developers via NuGet malicious packages, and the JFrog Security team was able to detect and report it as part of our regular activity of exposing supply chain attacks.

As the preferred method for packaging and deploying cloud-native applications, a comprehensive understanding of containers, and how to secure them, has never been so important. As cloud-native applications continue to proliferate, containers are becoming the preferred option to package and deploy these applications because of the agility and scalability they offer. In fact, Gartner predicts that 75% of global organizations are running containerized applications in production.

Code Signing Certificates are an essential part of the software security process. It is a form of digital signature that verifies to customers and other users of the software that the code has not been tampered with and remains secure. Code signing certificates come in three different types: Organization Validation (OV), Standard, and Extended Validation (EV). To understand them, we need to get to the basics of code signing and how it can change your life. So, let us get started.

The Food and Drug Administration (FDA) recently implemented new guidance regarding medical device cybersecurity. It’s not a moment too soon, as new cases arise in which healthcare technology is compromised by vulnerabilities that escalate risks, which could threaten patients’ lives. In a recent survey, over 20% of healthcare organizations said that after a cyberattack, their patient mortality rates had risen, and another 57% reported that cyberattacks led to poorer outcomes for patients.

Since the beginning of the year, we have witnessed the success of numerous operations by law authorities worldwide in the war against cybercrime. Totaling 120 arrests from Hive shutdown, Pompompurin’s arrest, BreachForums Shutdown, and now Genesis market, it seems that law authorities are managing to hunt some high-profile threat actors worldwide. These arrests are only possible due to corporation between several government agencies worldwide.

In November 2022, the Criminal Justice Information Services (CJIS) division of the FBI updated its cybersecurity policy, impacting state agencies, police departments, and other organizations that handle Criminal Justice Information (CJI). The updated policy poses challenges for organizations, especially smaller ones, to maintain compliance due to limited resources, lack of expertise and the policy’s complexity.

Researchers at Securonix are tracking an ongoing phishing campaign dubbed “TACTICAL#OCTOPUS” that’s been targeting users in the US with tax-related phishing emails.

Financial institutions (FIs) or Fintechs have historically been hotspots for fraudulent activity. The sector is a popular target for identity theft and online banking fraud, as well as financial crimes such as money laundering and terrorism funding. But, in the previous decade, its security has grown dramatically. It is now progressing to the next level of sophisticated security, Biometric Verification.

Digital transformation initiatives have pushed software development to the next level. Today's consumers demand an optimum customer experience and expect modern apps to live up to high expectations. So, the average developer in 2023 must keep up with faster delivery, more eye-catching features, and better functionality. This unprecedented growth in the software development industry has led to a massive disparity between development and security teams.

Recently, classified military documents have been showing up on social media sites around the internet. These documents are primarily about the war in Ukraine, and some released were Top Secret documents. Both the Pentagon and the Justice Department are concerned about this latest leak, and the classified documents could do real harm to the military's efforts if they keep being posted online.