A phishy case study
K.3.201 | Day 1 | 10:30 - 10:55 | Speakers: Adam Harvey
Abstract
In September 2024, the good name of crates.io was invoked and besmirched by a phishing attack that targeted the owners of many popular crates, much as other language ecosystems had been the target of attacks in the preceding couple of weeks.
This talk will go over how this all went down, what we did, and how a worldwide Rust Project <-> Rust Foundation <-> Alpha-Omega collaboration was crucial in its rapid mitigation.
Speakers
Adam works as a security-focused software developer at the Rust Foundation working on ecosystem security, especially around improving supply chain security for crates.io and Rust releases.
Professionally, his history includes stints as a developer at New Relic, deviantART, and Sourcegraph, while his open source work includes being a project member of Rust and PHP.
In his spare time, he plays cricket, kayaks, speaks Spanish extremely badly, throws tennis balls for his golden retriever, and tries to convince people that his Australian accent is actually flawless Canadian.
Links
External Links
Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.