Supply Chain Attacks on Linux Distributions
(fenrisk.com)
Supply chain attacks have been a trendy topic in the past years. Rather than directly attacking their primary target, attackers infiltrate less secure assets, such as software depenencies, firmware, or service providers, to introduce malicious code. In turn, these components also have their own layers of dependencies, and we can start to understand why this becomes a very complex problem.
Supply chain attacks have been a trendy topic in the past years. Rather than directly attacking their primary target, attackers infiltrate less secure assets, such as software depenencies, firmware, or service providers, to introduce malicious code. In turn, these components also have their own layers of dependencies, and we can start to understand why this becomes a very complex problem.