So I'm doing a panel on emerging threats in the infosec industry. I've spent the day doing my research, but I'm curious about the hiveminds' thoughts as well.

What do YOU think the next emerging threat to Information Security in the foreseeable future will be?


@rainmaker I think compromised Open Source dependencies (libraries, packages, etc.) will go from interesting infosec research to common attack vector. I think build system APTs will become more common and be a major source of this problem.

@AlainODea Agreed. I expect this to increase as more people adopt DevOps (note the lack of Sec in there). The very first instance of OSX ransomware was KeRanger, and that spread through compromising the Transmission BitTorrent client source code...TWICE no less!

@AlainODea @rainmaker Yeah supply chain poisoning is def. going to be on the rise.

Its more imperative than ever to keep a well scanned and maintained cache of well known and good dependencies going into your deployment pipeline.

+1 for calling this out.

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.