YoVDO

The Evolution of the Software Supply Chain Attack

Offered By: Pluralsight

Tags

Supply Chain Courses Software Development Courses Cybersecurity Courses Code Injection Courses Software Supply Chain Attacks Courses Credential Theft Courses

Course Description

Overview

Join Ilkka as he shares the proprietary research gathered from 36,000 OSS projects and 5,000+ development teams. Ilkka will walk through how hackers are becoming more successful at breaching Software Supply Chains and what you can do about it.

Malicious hackers are becoming increasingly adept at attacking the underbelly of the Software Supply Chain. To cause the most damage while remaining undetected, hackers are rapidly evolving their attack methods. For the past 4 years, the State of the Software Supply Chain Report has documented multiple forms of Open Source Software (OSS) Supply Chain attacks including malicious code injection, stealing project credentials, and typosquatting. However, recent reports (March 9, 2020) have surfaced a new type of Software Supply Chain attack. So far, the Octopus Scanner malware has compromised 26 open source projects hosted on GitHub targeting a well known IDE. Join Ilkka as he shares the proprietary research gathered from 36,000 OSS projects and over 5,000 development teams. Ilkka will walk through how hackers are becoming increasingly successful at breaching Software Supply Chains and what you can do about it.

Taught by

DevSecCon

Related Courses

Early Detection through Deception
YouTube
How to Hunt for Lateral Movement on Your Network
YouTube
TeamTNT - Explosive Cryptomining
Black Hat via YouTube
Certified Pre-Owned - Abusing Active Directory Certificate Services
Black Hat via YouTube
Post-Exploitation of Cloud Service Providers
RSA Conference via YouTube