Posté par: igor51 le avril 22, 2019, 17:00:06
For the past few years, the security industry’s very backbone — its key software and server components — has been the subject of numerous attacks through cybercriminals’ various works of compromise and modifications. Such attacks involve the original software’s being compromised via malicious tampering of its source code, its update server, or in some cases, both. In either case, the intention is to always get into the network or a host of a targeted entity in a highly inconspicuous fashion — which is known as a supply chain attack. Depending on the attacker’s technical capabilities and stealth motivation, the methods used in the malicious modification of the compromised software vary in sophistication and astuteness.
The post Analyzing C/C++ Runtime Library Code Tampering in Software Supply Chain Attacks appeared first on .
Source: Analyzing C/C++ Runtime Library Code Tampering in Software Supply Chain Attacks (http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/ydkU2t0Q4GM/)