New Video from @BlackHatOfficialYT: A Fresh Perspective on Supply Chain Risk Management

In this video, the presenter tackles the critical topic of risk management in the supply chain, but from a slightly different angle than usual. He begins by highlighting that the traditional method of evaluating suppliers and their products, focusing on aspects such as data collection, storage in the cloud or on-premises, and compliance with security standards like SOC 2 Type 2, has significant gaps. Although these audits are useful, they do not always detect potential risks that are not explicitly mentioned in the reports. The presenter emphasizes the importance of not just reading audit reports and noting exceptions, but actively seeking what might be missing. He illustrates this point by comparing the risks associated with the cloud and on-premises solutions, using concrete examples of vulnerabilities such as those affecting Microsoft Exchange and SolarWinds Orion. He explains that while the cloud can offer some data separation, locally run software can have a broader impact on the entire network. Another crucial point addressed is the vulnerability of endpoints. The presenter stresses that regardless of where data is stored, it must be decrypted for use by end-users, making endpoints particularly vulnerable. He cites examples of vulnerabilities in commonly used software like Internet Explorer, Zoom, and even IT management tools like InTune, which can be exploited to cause significant damage. The presenter also insists on the need to be wary of third-party components used by developers, which can introduce vulnerabilities into software. He gives the example of Log4j, a widely used logging library, which has been the source of many security breaches. He calls for increased vigilance and rigorous evaluation of third-party components. To mitigate these risks, the presenter proposes several practical measures. He recommends adopting an "assume breach" posture, meaning to assume that every piece of software can potentially cause harm. He suggests limiting application permissions, restricting access to sensitive data, and using whitelisting solutions to prevent the execution of unapproved software. He also emphasizes the importance of two-factor authentication and password rotation to enhance security. In conclusion, the presenter stresses the importance of knowing your IT environment and taking proactive measures to limit risks. He invites viewers to attend a complementary presentation the next day, where he will share tips on creating malware campaigns and how to counter them. To learn more, watch the full video at the following address: https://www.youtube.com/watch?v=js3SiZd5XNk