all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The Elephant in the Pipeline: Securing the Wild, Untamed Software Supply Chain - Pete ... - ESW #348

Add to bookmarks
Feb. 1, 2024, 9:53 p.m. | Security Weekly

Security Weekly www.youtube.com

We've seen general users targeted with phishing, financial employees targeted for BEC scams, and engineers targeted for access to infrastructure. The truly scary attacks, however, are the indirect ones that are automated. The threats that come in via software updates, or trusted connections with third parties.

The software supply chain is both absolutely essential, and fragile. A single developer pulling a tiny library out of NPM can cause chaos. A popular open source project changing hands could instantly give access …

access attacks automated bec bec scams elephant employees engineers financial general infrastructure phishing pipeline scams scary software software supply chain software updates supply supply chain threats updates

Visit resource

More from www.youtube.com / Security Weekly

What We Don’t Know Will Hurt Us - Cheryl Biswas - BTS #26 16 hours ago | www.youtube.com
attack attack surface biswas can +15
Supply Chain Threats and Regulations - BTS #25 16 hours ago | www.youtube.com
blog current eclypsium firewall +17
Advising The President On Cyber-Physical Resilience - Philip Venables - PSW #826 18 hours ago | www.youtube.com
adaptability advisors bolster council +18
Your TV Is Scanning You - PSW #826 20 hours ago | www.youtube.com
attacks bad can cves +14
Threat Modeling and Understanding Inherent Threats - Adam Shostack - ESW #359 1 day, 11 hours ago | www.youtube.com
adam adam shostack foundational great +12
Autonomous - I don't think that word means what you think it means - ESW … 1 day, 11 hours ago | www.youtube.com
amp automated autonomous clear +24
How GenAI Can Improve SecOps - Ely Kahn - ESW #359 1 day, 12 hours ago | www.youtube.com
can cases discuss genai +8
Governance, Compliance, and The Digital Supply Chain - Josh Marpet - BTS #27 1 day, 15 hours ago | www.youtube.com
asadoorian compliance digital digital supply chain +16
Advising The President On Cyber-Physical Resilience - Philip Venables - PSW #826 1 day, 21 hours ago | www.youtube.com
adaptability advisors bolster council +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Director, Cybersecurity - Governance, Risk and Compliance (GRC)

@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr
View on infosec-jobs.com

Information Security Risk Metrics Lead

@ Live Nation Entertainment | Work At Home-Connecticut
View on infosec-jobs.com

IT Product Owner - Enterprise DevSec Platform (d/f/m)

@ Airbus | Hamburg - Finkenwerder
View on infosec-jobs.com

Senior Information Security Specialist

@ Arthur Grand Technologies Inc | Arlington, VA, United States
View on infosec-jobs.com

Information Security Controls SME

@ Sword | Aberdeen, Scotland, United Kingdom
View on infosec-jobs.com
View more jobs