Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Nation-State Threats in the Open-Source Software Supply Chain

OpenSSF via YouTube

Overview

Explore the evolving landscape of nation-state threats in the open-source software supply chain through this informative conference talk. Delve into the activities of North Korea's Lazarus Group, a prominent cyber threat actor operating under the Korean People's Army since 2009. Learn about their recent campaigns targeting software developers through malicious packages in the npm ecosystem. Discover how these attacks, first identified by the Phylum Research Team in June 2023 and later confirmed by GitHub, Microsoft Threat Intelligence, and CISA, have evolved over time. Gain insights into the group's tactics, including their use of remote payloads and social engineering techniques to steal cryptocurrency from job-seeking developers. Understand the significance of these threats and their potential impact on the open-source community, as well as the importance of vigilance in maintaining software supply chain security.

Syllabus

Nation-State Threats in the Open-Source Software Supply Chain - Ross Bryant, Phylum

Taught by

OpenSSF

Reviews

Start your review of Nation-State Threats in the Open-Source Software Supply Chain

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.