Repo Swatting:
|
Abstract
Repo Swatting is a new attack I’ve identified in major SCM providers including GitHub, GitLab, and Gitea. I identified the attack and theorized that it could be weaponized to take developer resources offline. Unfortunately, I was correct, and even worse, we now see this happening in the wild. I coined the term “repo swatting” as a homage to the “swatting” practice where malicious actors make hoax phone calls to report serious crimes to police, which results in SWAT teams responding to an address. Swatting is a terrible practice as it allows malicious attackers to target unsuspecting, innocent people by using law enforcement as a directed weapon. Speaker Bio: Paul is a DevSecOps OG and a spends most of his time red teaming the software supply chain and conducting vulnerability research. He was also the founder of SecureStack, a cloud-native software supply chain security startup. Paul has worked for NASA, Boeing, Blue Cross/Blue Shield, John Deere, the US military, and Australian government amongst others. More recently Paul started SourceCodeRED.com as a way to facilitate his commercial and free training products. Paul is a frequent contributor to open source and is the author of the DevSecOps Playbook, Visualizing Software Supply Chain, TVPO threat modelling framework and several other open-source projects. He’s also a pretty good snowboarder and most importantly a husband and father to 3 amazing kids. |