BloomTech’s Downfall: A Long Time Coming

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Code Dependency - Chinese APTs in Software Supply Chain Attacks

BSidesLV via YouTube

Start learning Write review

Overview

Limited-Time Offer: Up to 75% Off Coursera Plus!
7000+ certificate courses from Google, Microsoft, IBM, and many more.
India: 75% Off World: 40% Off
This course covers the abuse of trust in software supply chain attacks, focusing on Chinese APTs. By studying historical attacks like Operation Aurora and NotPetya, participants will learn about code breakdown, exploiting open source software, and recent incidents like the SolarWinds breach. The course also delves into specific tools and techniques used by threat actors, such as Dependency Confusion, XcodeSpy, and Codecov. The teaching method includes case studies, code analysis, and a discussion of attack strategies. This course is intended for cybersecurity professionals, software developers, and anyone interested in understanding and defending against software supply chain attacks.

Syllabus

Intro
THE ABUSE OF TRUST
OPERATION AURORA 2009
NOTPETYA 2017
SHADOWHAMMER 2019
CODE BREAKDOWN
PWNING OPEN SOURCE
SONARQUBE 11/2020
PLAN OF ATTACK
SOLARWINDS
Dependency Confusion Study
XCODESPY
CODECOV
KASEYA VSA AGENT HOT-FIX
2017 KINGSLAYER
2017 CCLEANER
2020 ABLE DESKTOP
2020 GOLDENSPY
TAKEAWAYS
PACKAGE HUNTER

Taught by

BSidesLV

Reviews

Start your review of Code Dependency - Chinese APTs in Software Supply Chain Attacks

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.