🇬🇧 Integration of Untrusted Software

محتويات التنبيه:

– جدول معلومات

– المخاطر

– الأنظمة المثأثرة

– ملخص حول الثغرة

– الحلول

– المصادر

Regulatory frameworks of some countries may require companies operating in their territory to use specific software. While their integration does not usually present any technical concern, such software can be used by adversaries as an entry point to a computer network. The revelation in June 2020 of backdoor-like functionalities in certain versions of software required by Chinese regulations, as well as the NotPetya supply chain attack in 2017, illustrate the security issues posed by the integration of untrusted software.