Explore the evolution and impact of Chinese Advanced Persistent Threats (APTs) in software supply chain attacks through this comprehensive conference talk from BSidesLV 2022. Delve into notable incidents such as Operation Aurora, NotPetya, and ShadowHammer, examining their code breakdowns and attack methodologies. Investigate the exploitation of open-source software and the SonarQube breach. Analyze high-profile cases like SolarWinds, Dependency Confusion, XcodeSpy, and Kaseya VSA, along with other significant attacks from 2017 to 2020. Gain valuable insights into the abuse of trust, attack patterns, and essential takeaways for defending against these sophisticated threats in the software supply chain ecosystem.
Code Dependency - Chinese APTs in Software Supply Chain Attacks
Overview
Syllabus
Intro
THE ABUSE OF TRUST
OPERATION AURORA 2009
NOTPETYA 2017
SHADOWHAMMER 2019
CODE BREAKDOWN
PWNING OPEN SOURCE
SONARQUBE 11/2020
PLAN OF ATTACK
SOLARWINDS
Dependency Confusion Study
XCODESPY
CODECOV
KASEYA VSA AGENT HOT-FIX
2017 KINGSLAYER
2017 CCLEANER
2020 ABLE DESKTOP
2020 GOLDENSPY
TAKEAWAYS
PACKAGE HUNTER
Taught by
BSidesLV
