Threat Research Round-Up Q1 2024: Malicious Dependencies Fly Under the Radar

WEBINAR | ON DEMAND

ReversingLabs software Threat Research digs deep into software supply chain attacks that leverage open source as well as proprietary and commercial software. These are attacks that legacy AppSec tools miss. 

In this webinar, RL Threat Researchers Lucija Valentić and Karlo Zanki review the findings from their recent software threat research including:  A Python Package Index campaign that leveraged malicious software dependencies to target crypto wallets; how GitHub is increasingly being used to deploy malware in novel ways; and evidence of DLL sideloading being used as an element in software supply chain attacks.

  • Additional discussion points:
  •  

The growing tool-belt of methods and techniques used by malicious actors in software supply chain campaigns.
✓  How open source infrastructure is being abused by cybercriminals to host stolen data and malicious wares.
The techniques that supply chain actors are using to escape detection include typosquatting and malicious dependencies.
Best practices for detecting and blocking emerging supply chain threats.

Watch On Demand Now

WATCH ON DEMAND NOW