Feb 15 2021

How one man silently infiltrated dozens of high-tech networks

Category: Security vulnerabilitiesDISC @ 11:06 pm

We know what you’re thinking: “I bet you this is what they call a supply chain attack.”

And you’d be right.

The “one man” in the headline is cybersecurity researcher Alex Birsan, and his paper Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies, which came out last week, will tell you how his “attack” worked.

Of course, Birsan didn’t literally do it alone and unaided (see the end of his paper for the section of shout-outs to others who helped directly or inspired him indirectly during his research), and he didn’t really attack anyone in the way that a criminal hacker or cracker would.

His work was done in accordance with bug bounty rules or pre-arranged penetration testing agreements, and Birsan actually includes bug bounties in his credits:

Source: How one man silently infiltrated dozens of high-tech networks

Leave a Reply

You must be logged in to post a comment. Login now.