A naukri.com initiative
Kaspersky
1M
0
Image Credit: Kaspersky
The biggest supply chain attacks in 2024 | Kaspersky official blog
- Supply chain attacks are considered to be one of the most dangerous threats in the security of any firm as it occurs in infrastructure that's not within the security team's control.
- Some of the major supply chain attacks of 2024 include; downloading malicious npm packages that stole SSH keys from hundreds of developers on GitHub, Trojanizing jQuery versions on jsDelivr, npm and GitHub, and attacking the cdn.polyfill.io domain to redirect users to a Vietnamese sports betting site through a fake domain impersonating Google Analytics.
- The backdoor implanted in XZ Utils project could have led to the biggest supply-chain attack of 2024, which had devastating consequences, but it was detected in test versions of several Linux distributions, and most linux users remained safe.
- In this era of increasing supply-chain attacks, it is crucial that businesses carefully review any code used in their projects and maintain a Software Bill of Materials (SBOM) to track dependencies and components, and ensure an XDR-class security solution in their corporate network.
- Researchers urge people to monitor suspicious activity in their network using an XDR pest-control function and rope in an external service for timely threat detection and response.
Read Full Article
Like
For uninterrupted reading, download the app