When Your Update System Becomes the Attack Vector: The Notepad++ Supply Chain Compromise Deep dive into the Notepad++ supply chain attack: how state-sponsored hackers compromised the hosting provider, hijacked updates, and what we can learn about SDLC security.

6-month supply chain attack on Notepad++: hackers compromised the hosting provider, not the code.

Don't forget to include your update system in threat modeling!

Full analysis: www.msbiro.net/posts/notepa...

#CyberSecurity #SupplyChain #SSDLC

a stick figure is sitting at a desk next to a trash can with a work sign on it ALT: a stick figure is sitting at a desk next to a trash can with a work sign on it

How to do a SAST test?
A Static Application #Security Test on #Python code is essential for security. It’s also a #shift-left practice that can help you to avoid serious security #incidents.

Check nocomplexity.com/documents/co...

#owasp #oss #psf #infosec #devopssec #ssdlc #audit #gpl

So my 10 year old found his 3rd security/software bug today.

First were a SQL injection in a government website (yes you read it right). Second was opening his siblings phone with Face ID. And now found a way through the screentime lock.

So a fussy testing by a 10 year old beats #SSDLC 😏

Original post on infosecwriteups.com

DevSecOps Phase 1: Planning & Security Requirements Engineering Here’s a comprehensive deep...

infosecwriteups.com/devsecops-phase-1-planni...

#devops #devsecops-solutions #ssdlc #devsecops #cybersecurity […]

Aviat Networks Enhances Cybersecurity with Innovative Software Solutions for Critical Networks Aviat Networks has reinforced its cybersecurity framework through SSDLC and SVA, bolstering the security of operational networks against vulnerabilities.

Aviat Networks Enhances Cybersecurity with Innovative Software Solutions for Critical Networks #United_States #Austin #Cybersecurity #Aviat_Networks #SSDLC