Dependency Confusion As A Tool For Targeted NPM Hacks ConversingLabs podcast

Artwork

Tech News Tech News ReversingLabs Inc Technology Cybersecurity Malware Cyber Threat Hunting Software Development Software Supply Chain Incident Response

Indhold leveret af ReversingLabs Inc.. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af ReversingLabs Inc. eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.

ConversingLabs Podcast « »
Dependency Confusion As A Tool For Targeted NPM Hacks

2y ago 42:20

Del

MP3•Episode hjem

Indhold leveret af ReversingLabs Inc.. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af ReversingLabs Inc. eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.

NPM dependency confusion has emerged as a potent software supply chain attack vector via platforms like npm, with malicious packages surreptitiously added to these repositories, maintained by leading firms.

In this episode, we're joined by ReversingLabs Reverse Engineer Karlo Zanki to dig into some of our recent findings that show dependency confusion attacks are being used to advance what appear to be targeted supply chain attacks. We will also talk about how development organizations can monitor for and prevent these kinds of attacks.

… continue reading

41 episoder

#Tech #News #Tech News #ReversingLabs Inc #Technology #Cybersecurity #Malware #Cyber Threat Hunting #Software Development #Software Supply Chain #Incident Response

Artwork

Dependency Confusion As A Tool For Targeted NPM Hacks

ConversingLabs Podcast

published 2y ago

Del

MP3•Episode hjem

Indhold leveret af ReversingLabs Inc.. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af ReversingLabs Inc. eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.

NPM dependency confusion has emerged as a potent software supply chain attack vector via platforms like npm, with malicious packages surreptitiously added to these repositories, maintained by leading firms.

In this episode, we're joined by ReversingLabs Reverse Engineer Karlo Zanki to dig into some of our recent findings that show dependency confusion attacks are being used to advance what appear to be targeted supply chain attacks. We will also talk about how development organizations can monitor for and prevent these kinds of attacks.

… continue reading

41 episoder

#Tech #News #Tech News #ReversingLabs Inc #Technology #Cybersecurity #Malware #Cyber Threat Hunting #Software Development #Software Supply Chain #Incident Response

Все серии

×

Velkommen til Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

Lyt til 500+ emner