The Evolution of the Software Supply Chain Attack
Offered By: Pluralsight
Course Description
Overview
Join Ilkka as he shares the proprietary research gathered from 36,000 OSS projects and 5,000+ development teams. Ilkka will walk through how hackers are becoming more successful at breaching Software Supply Chains and what you can do about it.
Malicious hackers are becoming increasingly adept at attacking the underbelly of the Software Supply Chain. To cause the most damage while remaining undetected, hackers are rapidly evolving their attack methods. For the past 4 years, the State of the Software Supply Chain Report has documented multiple forms of Open Source Software (OSS) Supply Chain attacks including malicious code injection, stealing project credentials, and typosquatting. However, recent reports (March 9, 2020) have surfaced a new type of Software Supply Chain attack. So far, the Octopus Scanner malware has compromised 26 open source projects hosted on GitHub targeting a well known IDE. Join Ilkka as he shares the proprietary research gathered from 36,000 OSS projects and over 5,000 development teams. Ilkka will walk through how hackers are becoming increasingly successful at breaching Software Supply Chains and what you can do about it.
Malicious hackers are becoming increasingly adept at attacking the underbelly of the Software Supply Chain. To cause the most damage while remaining undetected, hackers are rapidly evolving their attack methods. For the past 4 years, the State of the Software Supply Chain Report has documented multiple forms of Open Source Software (OSS) Supply Chain attacks including malicious code injection, stealing project credentials, and typosquatting. However, recent reports (March 9, 2020) have surfaced a new type of Software Supply Chain attack. So far, the Octopus Scanner malware has compromised 26 open source projects hosted on GitHub targeting a well known IDE. Join Ilkka as he shares the proprietary research gathered from 36,000 OSS projects and over 5,000 development teams. Ilkka will walk through how hackers are becoming increasingly successful at breaching Software Supply Chains and what you can do about it.
Taught by
DevSecCon
Related Courses
AI and Cybersecurity - The Twain Shall MeetCAE in Cybersecurity Community via YouTube Whom Do You Trust - MSPs and Other Forgotten Risks for SMBs
RSA Conference via YouTube Code Dependency - Chinese APTs in Software Supply Chain Attacks
BSidesLV via YouTube A Critical Assessment of Supply Chain Intrusion Vectors
BruCON Security Conference via YouTube Controlling the Source - Abusing Source Code Management Systems
Black Hat via YouTube