Supply chain attacks are becoming increasingly widespread as cyber criminals seek to access sensitive data and systems through less secure third parties. In such attacks, the victim is not the ultimate target of the attack, but rather a stepping stone to other larger networks. In this talk, I will present an overview of supply chain attacks and delve into various attack patterns, specific cases, lessons learned, challenges and mitigations.
We will go over and mention cases such as: PEAR Breach, Komodo, ShadowHammer, HandBrake, CCleanup and others.
Elad is head of research at Panorays that loves reverse engineering, low level and hardware hacking. At Panorays, Elad and his team are responsible for mimicking hacker behavior by researching new attack techniques and vectors in order to automatically test the security posture of companies en masse. Elad is a recognized speaker, having presented at various hacking conferences such BlueHat IL, ReCon and Defcon meetups. Prior to Panorays, Elad was the Mobile Security Research Team Leader at AVG technologies. Elad also lectures at Afeka Academic College of Engineering and helps to organize local hacking competitions.