Dropbox has admitted that 130 of its confidential private GitHub repositories were coped by a threat actor. Among the haul were secret APUI codes. They do reassure users that no user content, usernames or passwords were stolen. Well of course not. That is not the issue. Why bother stealing those …
Back to the supply chain and software compromise
When a threat actor compromises the coding of software the problems can be widepread – the SolarWinds attack and subsequent distribution of the infected software through legitimate update channels is a classic example. (Ironic but the SolarWinds customers who avoided the attack, were those with a poor cyber security stance …
Continue reading “Back to the supply chain and software compromise”