(Source: Dark Reading) Defending against supply chain attacks will be tough because each software vendor has a different distribution mechanism and signing infrastructure, says Weston. In the past, companies could put software on a “trusted list” if it had a history of being secure. However, he says, businesses have to realize anything can …