Security News > 2019 > May > Supply chain attacks: Mitigation and protection
2019-05-02 05:30
In software development, a supply chain attack is typically performed by inserting malicious code into a code dependency or third-party service integration. Unlike typical cyber attacks, supply chain attacks provide two major advantages to attackers. Firstly, a single supply chain attack can target multiple companies at once (since multiple companies use the same code dependencies and third-party scripts); as such, the potential return of investment of the attack is higher. Secondly, and unlike common cyber … More → The post Supply chain attacks: Mitigation and protection appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/hcWoYdP_Zfg/
Related news
- Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack (source)
- Ripple NPM supply chain attack hunts for private keys (source)
- Magento supply chain attack compromises hundreds of e-stores (source)
- Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack (source)
- Supply chain attack hits npm package with 45,000 weekly downloads (source)
- RVTools hit in supply chain attack to deliver Bumblebee malware (source)
- DragonForce ransomware abuses SimpleHelp in MSP supply chain attack (source)
- Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks (source)