YoVDO

Tracking Attackers in Open Source Supply Chain Attacks - The New Frontier

Offered By: Linux Foundation via YouTube

Tags

Cybersecurity Courses Threat Detection Courses Identity Theft Courses Supply Chain Attacks Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the evolving landscape of open source supply chain attacks in this 42-minute Linux Foundation conference talk. Dive into automated threat detection processes and discover open source tools for identifying malicious packages at scale. Examine the RED LILI attack, involving over 1,500 malicious packages from a single threat actor, and learn about the infrastructure required for such large-scale operations. Investigate the UA-Parser incident, where a legitimate account was compromised, and understand the tactics, techniques, and procedures used in account takeovers. Learn about Chain Alert, a free service for the open-source community to warn against these attacks. Analyze the "Protestware" phenomenon, exemplified by the node-ipc package incident targeting Russian and Belarusian IP addresses. Gain insights into attacker evolution, identity theft, and the trust paradox in open source software. Understand the critical nature of open source and the need for a mindset shift in addressing these security challenges.

Syllabus

Introduction
Whats the problem
Open Source is Critical
Identity Theft
Attackers Targeting Open Source
Rhetoric Question
Attackers evolving
Cuteboy
Wrong Package
Package Lab
Metadata
The Trust Paradox
Change the Mindset
Summary


Taught by

Linux Foundation

Tags

Related Courses

AWS Security Traffic Monitoring and Packet Analysis
Amazon Web Services via AWS Skill Builder
AWS: Threat Detection, Logging and Monitoring
Whizlabs via Coursera
Basics of Amazon GuardDuty (AWS Partner-led Support)
Amazon Web Services via AWS Skill Builder
Chronicle Technical Training
Google via Google Cloud Skills Boost
Cloud Security on AWS
Edureka via Coursera