Read the original article: Linux Foundation Announces Open-Source Software Signing to Combat Supply Chain Attacks
The SolarWinds attackers were able to insert malicious code into Orion software by subverting the build environment, the process which a program is compiled and deployed. Sunspot Malware watched build servers for any commands and replaced source code with its own malicious instructions. The problem this posed to security teams was the fact that the […]
The post Linux Foundation Announces Open-Source Software Signing to Combat Supply Chain Attacks appeared first on Binary Defense.
Read the original article: Linux Foundation Announces Open-Source Software Signing to Combat Supply Chain Attacks