How Nobelium Exposed the Software Release Process for Future Attacks

Presented by

Igor Lasic, ReversingLabs VP of Technology, and Mike Cote, ReversingLabs Senior Director of Product Management

About this talk

According to Microsoft, Nobelium — the threat actor behind the successful Sunburst attack —targeted over 140 software and service providers in 2021, and likely breached 14 of them. Other sophisticated attackers, such as Lazarus Group and HoneyMyte, were also focused on the tampering of software from trusted providers to gain entry into target enterprises. The problem at hand is that these new malicious methods are often invisible to traditional code reviews, especially if modifications were made to binaries during the final integration and release stage. There are a number of questions engineering and security teams are starting to ask now that software integration and delivery pipelines are directly targeted by attackers. What new application security challenges will software engineering teams face? How can software engineering evolve its security assessments going forward? What role will the cybersecurity Executive Order and other new regulations play in that evolution? What practical steps can be taken to identify tampering and protect downstream users?

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (22)
Subscribers (1715)
ReversingLabs is the leading provider of explainable threat intelligence solutions that shed the necessary light on complex file-based threats for enterprises stretched for time and expertise. Its hybrid-cloud Titanium Platform enables digital business resiliency, protects against new modern architecture exposures, and automates manual SOC processes with a transparency that arms junior analysts to confidently take action.