September 13-16, 2022
Dublin, Ireland + Virtual
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Irish Standard Time (UTC +1). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule
Thursday, September 15 • 11:55 - 12:35
Tracking Attackers in Open Source Supply Chain Attacks: The New Frontier - Tzachi ( Zack) Zorenshtain, Checkmarx

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Widespread use of open source software has motivated malicious actors to take advantage of the medium, spawning significant and widespread attacks. To be able to identify these threats at scale we automated this process and would like to present and share some open source tools to detect those attacks. RED LILI This is the largest batch of malicious packages from a single threat actor (1500 packages and still counting ). We will dive into the attack and discuss the infrastructure required for such attacks. To keep track of RED-LILI as they continue to publish malicious packages, our research team has launched RED-LILI Tracker (https://red-lili.info) UA-Parser (Good package gone BAD) An attacker comprised a legitimate account of a popular open-source contributor. We will dive into the attack and TTPs used (Account Takeover) and will discuss Chain alert Free service for the open-source community to alert on those attacks. Protestware A pro-Ukraine NPM user account riaevangelist released several new versions of its popular package “node-ipc” (over million weekly downloads ), which included a wiper functionally targeting Russian and Belarusian IP addresses and running a malicious payload, destroying all files on disk by overwriting their content with a heart emoji “❤️” .


Tzachi Zorenshtain

Head Of Supply Chain Secuirty, checkmarx
Tzachi Zorenshtain is the Head of SCS, Checkmarx. Prior to Checkmarx, Tzachi was the Co-Founder and CEO of Dustico, a SaaS-based solution that detects malicious attacks and backdoors in open-source software supply chains, which was acquired by Checkmarx in August 2021. Tzachi is armed... Read More →

Thursday September 15, 2022 11:55 - 12:35 IST
Liffey Meeting Room 3 (Level 1)