11:40 - 12:40
Talk (60 min)
Supply Chain Attacks:- Focused on NPM attacks. (Includes, demonstrations of research and prevention
Supply chain attacks or attacks on open-source software are spreading like no other disease. It includes examples like Dependency confusion, log4j, NPM attacks, Gem attacks on ruby, and A LOT of examples.
This talk would be focusing on the What, Why, and How of this. Talking about the impact of the supply chain attacks as the weakest link in the chain and how to prevent them.
It would include Extensive internet scanning of NPM packages to find ones prone to account takeover [+ impact identification and defense]