all InfoSec news
Weaponizing Open Source Through Job Recruiting
Oct. 3, 2022, 6:30 p.m. | iturunen@sonatype.com (Ilkka Turunen)
Sonatype Blog blog.sonatype.com
Over the last week, troubling new reports have arisen about state-sponsored threat actors leveraging modified open source applications to compromise employees' machines at technology companies, governments, and non-profit organizations. Microsoft, Mandiant, and Ars Technica all covered the technicalities of the attack type, where bad actors pose as recruiters who target specific individuals as their victims.
devzone job log4j malware prevention nexus platform open source recruiting sonatype lift
More from blog.sonatype.com / Sonatype Blog
Cyber readiness and SBOMs
1 day, 18 hours ago |
blog.sonatype.com
Open source ML/AI models: attackers' next target
5 days, 19 hours ago |
blog.sonatype.com
Streamline your SBOM management with SBOM Manager
1 week, 2 days ago |
blog.sonatype.com
How to safeguard your software supply chain
1 week, 5 days ago |
blog.sonatype.com
Comparing and converting between SBOM formats
1 week, 5 days ago |
blog.sonatype.com
What are SBOM standards and formats?
2 weeks, 5 days ago |
blog.sonatype.com
Jobs in InfoSec / Cybersecurity
Cybersecurity Skills Challenge -- Sponsored by DoD
@ Correlation One | United States
Security Operations Center (SOC) Analyst
@ GK Cybersecurity Group | Remote
Azure Security Architect
@ First Quality | Remote US - Eastern or Central Timezone
Staff Security Researcher (Network Protocols)
@ Palo Alto Networks | Santa Clara, CA, United States
Senior Product Manager - Endpoint Security
@ Ivanti | Bengaluru, India
Penetration Tester
@ Lostar | İstanbul, Türkiye