A (partial) history of software supply chain attacks | allinfosecnews.com

Jan. 16, 2024, 3:30 p.m. | paul.roberts@reversinglabs.com (Paul Roberts)

ReversingLabs Blog blog.reversinglabs.com

The widespread campaign of software supply chain hacks that were behind the attack on SolarWinds began in 2020, and unofficially elevated software supply chain security to the top echelon of cyber risks to both government and the private sector. Subsequent events, like the emergence of the Log4Shell vulnerability in the Log4j2 open source library, underscored that software supply chain risk is for real.

appsec & supply chain security attack attacks campaign cyber events government hacks history log4j2 log4shell log4shell vulnerability partial private private sector risks rsa conference 2022 sector security software software supply chain software supply chain attacks software supply chain security solarwinds supply supply chain supply chain attacks supply chain hacks supply chain security vulnerability

More from blog.reversinglabs.com / ReversingLabs Blog

Announcing the General Availability of TitaniumScale v5.0: Enhancing File Analysis for Advanced Threat Detection 2 days, 2 hours ago | blog.reversinglabs.com

advanced advanced threat advanced threat detection analysis +23

How NIST CSF 2.0 and C-SCRM help manage software supply chain risk 2 days, 23 hours ago | blog.reversinglabs.com

appsec & supply chain security businesses critical critical infrastructure +29

What’s hot at RSAC 2024: 7 must-see talks for security operations teams 4 days, 2 hours ago | blog.reversinglabs.com

conference filter flood francisco +21

NVD delays highlight vulnerability management woes: Put malware first 5 days, 2 hours ago | blog.reversinglabs.com

appsec & supply chain security attention change current +16

CycloneDX upgraded for the evolving software supply chain security era 1 week, 3 days ago | blog.reversinglabs.com

ai development appsec & supply chain security bill bills +25

Where GenAI intersects with threat modeling: 3 key benefits for AppSec 1 week, 4 days ago | blog.reversinglabs.com

application application security appsec appsec & supply chain security +18

OWASP's LLM AI Security & Governance Checklist: 13 action items for your team 1 week, 5 days ago | blog.reversinglabs.com

action ai security appsec & supply chain security artificial +15

XZ Trojan highlights software supply chain risk posed by 'sock puppets' 2 weeks, 3 days ago | blog.reversinglabs.com

appsec & supply chain security attacks compression compromise +28

The state of secrets security: 7 steps to better managing risk 2 weeks, 4 days ago | blog.reversinglabs.com

appsec & supply chain security complexity development epidemic +16

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Network Security Engineer

@ Meta | Menlo Park, CA | Remote, US

View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Washington, DC

View on infosec-jobs.com

Threat Investigator- Security Analyst

@ Meta | Menlo Park, CA | Seattle, WA | Washington, DC

View on infosec-jobs.com

Security Operations Engineer II

@ Microsoft | Redmond, Washington, United States

View on infosec-jobs.com

Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Bug Bounty -- Associate -- Dallas

@ Goldman Sachs | Dallas, Texas, United States

View on infosec-jobs.com