We have many clients who have their own software or have custom software on their website or web apps written for them by developers. These developers may or may not reuse code or modules written by third party developers and sourced through a software repository – such as GitHub or …
Software supply chain weaknesses
Software and code repositories are a great resource for web and software developers – they save time, client’s money and get quality modules for their projects. GitHub is one of the most popular – with many major software players using it to develop their code and other developers, large and …
GitHub – probably one of the biggest targets for threat actors
GitHub is one of the most popular software repositories so it stands to reason that threat actors will always be searching for ways in as infecting code at source that is then reused in multiple applications is a cost-effective way to run a cyber attack. GitHub has just patched a …
Continue reading “GitHub – probably one of the biggest targets for threat actors”
Software repositories are a target for threat actors
If you, as a threat actor, could embed your malware into a software module, that is then used by many innocent and unaware software developers in their packages, they release to the general public, wouldn’t you? That looks like a lot of infected machines for a small amount of work. …
Continue reading “Software repositories are a target for threat actors”
How secure is open source software? Do you use open source software or have software written for you? If so read on… UPDATED
When we undertake any cyber security survey, and we ask about software, we know the greatest amount of work we will have to do, is when the client says “we had this written for us” or we use this “open source software”. (We will not get into Android apps or …