Overview
This course covers the abuse of trust in software supply chain attacks, focusing on Chinese APTs. By studying historical attacks like Operation Aurora and NotPetya, participants will learn about code breakdown, exploiting open source software, and recent incidents like the SolarWinds breach. The course also delves into specific tools and techniques used by threat actors, such as Dependency Confusion, XcodeSpy, and Codecov. The teaching method includes case studies, code analysis, and a discussion of attack strategies. This course is intended for cybersecurity professionals, software developers, and anyone interested in understanding and defending against software supply chain attacks.
Syllabus
Intro
THE ABUSE OF TRUST
OPERATION AURORA 2009
NOTPETYA 2017
SHADOWHAMMER 2019
CODE BREAKDOWN
PWNING OPEN SOURCE
SONARQUBE 11/2020
PLAN OF ATTACK
SOLARWINDS
Dependency Confusion Study
XCODESPY
CODECOV
KASEYA VSA AGENT HOT-FIX
2017 KINGSLAYER
2017 CCLEANER
2020 ABLE DESKTOP
2020 GOLDENSPY
TAKEAWAYS
PACKAGE HUNTER
Taught by
BSidesLV