Tag: supply-chain
-
Securing the software supply chain with the SLSA framework
by
in SecurityNewsBy Cliff Smith Software supply chain security has been a hot topic since the Solarwinds breach back in 2020. Thanks to the Supply-chain Levels for Sof… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/securing-the-software-supply-chain-with-the-slsa-framework/
-
Mehr Sicherheit in der Supply Chain – TeleTrusT veröffentlicht Leitfaden zu ‘Software Bill of Materials
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/teletrust-leitfaden-software-bill-of-materials-a-ffe8ba709e7d98a8534c56471efe13af/
-
Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks
by
in SecurityNewsAs organizations have fortified their defenses against direct network attacks, hackers have shifted their focus to exploiting vulnerabilities in the s… First seen on securityweek.com Jump to article: www.securityweek.com/fortifying-the-weakest-link-how-to-safeguard-against-supply-chain-cyberattacks/
-
A Treacherous Dinner Party: The Global Effort to Maintain Supply Chain Security
by
in SecurityNewsVarious Security Experts at CISO Global …In the world of supply chain security, vigilance is your best friend. Stay informed, stay alert, and always… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/a-treacherous-dinner-party-the-global-effort-to-maintain-supply-chain-security/
-
Concerns Over Supply Chain Attacks on US Seaports Grow
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/concerns-supply-chain-attacks-us-seaports-grow
-
What’s Next for Secure Communication After Exploding Pagers?
by
in SecurityNewsNo OpSec Measure Is Bulletproof to the Effects of a Corrupted Supply Chain Secure communications in an age of network insecurity has focused mostly on… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/blogs/whats-next-for-secure-communication-after-exploding-pagers-p-3722
-
Securing the OT supply chain, ensuring third-party vendors adhere to cybersecurity best practices
by
in SecurityNewsThird-party vendors and OEMs do have a significant role to play when it comes to the overall risk exposure of an enterprise. In complex ICS environmen… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/securing-the-ot-supply-chain-ensuring-third-party-vendors-adhere-to-cybersecurity-best-practices/
-
‘CloudImposer’ Flaw in Google Cloud Affected Millions of Servers
by
in SecurityNewsAttackers could have exploited a dependency confusion vulnerability affecting various Google Cloud services to execute a sprawling supply chain attack… First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/cloudimposer-flaw-google-cloud-affected-millions-servers
-
Israel’s Pager Attacks and Supply Chain Vulnerabilities
by
in SecurityNewsIsrael’s brazen attacks on Hezbollah last week, in which hundreds of pagers and two-way radios exploded and killed at least 37 people, graphically ill… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/israels-pager-attacks-and-supply-chain-vulnerabilities/
-
Europol Taskforce Disrupts Global Criminal Network Through Supply Chain Attack
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/europol-disrupts-ghost-criminal/
-
North Korea Targets Software Supply Chain Via PyPI
by
in SecurityNewsBackdoored Python Packages Likely Work of ‘Gleaming Pisces,’ Says Palo Alto. A North Korean hacking group with a history of a stealing cryptocurrency … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-targets-software-supply-chain-via-pypi-a-26344
-
11 Dead, Thousands Injured In Explosive Supply Chain Attack On Hezbollah Pagers
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36352/11-Dead-Thousands-Injured-In-Explosive-Supply-Chain-Attack-On-Hezbollah-Pagers.html
-
The Japanese Robot Controversy Lurking in Israel’s Military Supply Chain
by
in SecurityNewsActivists claim Japanese industrial robots are being used to build military equipment for Israel. The robot maker denies the claims, but the episode r… First seen on wired.com Jump to article: www.wired.com/story/japan-fanuc-robots-israel-gaza-war/
-
Hardware Supply Chain Threats Can Undermine Endpoint Infrastructure
by
in SecurityNewsTo prevent this, organizations should focus on developing secure hardware and firmware foundations, enabling them to manage, monitor, and remediate ha… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/hardware-supply-chain-threats-can-undermine-endpoint-infrastructure
-
The Supply Chain Conspiracy: Cyber Attacks Behind the Lebanon Explosions
by
in SecurityNewsOn September 17 and 18, a series of devastating explosions rocked Lebanon, resulting in 37 fatalities and nearly 3,000 injuries, according to the Leba… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/the-supply-chain-conspiracy-cyber-attacks-behind-the-lebanon-explosions/
-
Rising Tide of Software Supply Chain Attacks: An Urgent Problem
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/rising-tide-of-software-supply-chain-attacks
-
Understanding Credential Stuffing Attacks
by
in SecurityNewsThe firehose of security incidents data breaches, ransomware, and supply chain attacks often obscures the methods that attackers use to create these i… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/understanding-credential-stuffing-attacks/
-
SC Award Winners 2024 Oligo Security Best Supply Chain Security Solution
by
in SecurityNews
Tags: supply-chainFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/sc-award-winners-2024-oligo-security-best-supply-chain-security-solution
-
Channel Brief: Ricoh Layoffs, C/side Raises $6M for Supply Chain Security, ATT Strike Ends
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/channel-brief-ricoh-layoffs-c-side-raises-6m-for-supply-chain-security-att-strike-ends
-
C/side Raises $6 Million to Secure the Browser Supply Chain
by
in SecurityNewsC/side has raised $6 million in a seed-stage funding round to help organizations protect against malicious browser third-party scripts. The post C/sid… First seen on securityweek.com Jump to article: www.securityweek.com/c-side-raises-6-million-to-secure-the-browser-supply-chain/
-
GitLab patches bug that could expose a CI/CD pipeline to supply chain attack
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/gitlab-patches-bug-that-could-expose-a-cicd-pipeline-to-supply-chain-attack
-
Researchers Find Over 22,000 Removed PyPI Packages at Risk of Revival Hijack
by
in SecurityNewsA new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate down… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/hackers-hijack-22000-removed-pypi.html
-
Improved Software Supply Chain Resilience Equals Increased Security
by
in SecurityNewsUnderstanding through visibility, managing through governance, and anticipating through continuous deployment will better prepare organizations for th… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/improved-software-supply-chain-resilience-equals-increased-security
-
Commerce Unveils ‘Scale’ Tool to Tackle Supply Chain Risks
by
in SecurityNewsNew Tool Uses 40 Indicators to Provide In-Depth Diagnostic Analysis, Officials Say. Commerce Secretary Gina Raimondo unveiled a new data tool Tuesday … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/commerce-unveils-scale-tool-to-tackle-supply-chain-risks-a-26252
-
Unsichere Lieferkette – Sicherheitslücken in OT/IoT-Router-Firmware
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/forescout-finite-states-studie-sicherheit-ot-iot-router-a-5a6dc2eb8d2799bc56be0a82f63947da/
-
New Supply Chain Attack >>Revival Hijack<< Risks Massive PyPI Takeovers
by
in SecurityNewsJFrog’s cybersecurity researchers have identified a new PyPI attack technique called Revival Hijack, which exploits package deletion policies. Over 22… First seen on hackread.com Jump to article: hackread.com/supply-chain-attack-revival-hijack-pypi-takeovers/
-
World’s largest companies at near-universal risk of supply chain breach
by
in SecurityNewsData from SecurityScorecard once again focuses on the interconnected nature of business supply chains and the risk posed to operational resilience by … First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366599874/Worlds-largest-companies-at-near-universal-risk-of-supply-chain-breach
-
HP Wolf Security-Studie – Angriffsziel Hardware-Lieferkette
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/sicherheit-lieferketten-cyberangriffe-a-65c71b1a7f453393950d3afa3ce1155e/
-
Widespread PyPI package takeovers likely with new supply chain attack technique
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/widespread-pypi-package-takeovers-likely-with-new-supply-chain-attack-technique
-
Researchers Identify Over 20 Supply Chain Vulnerabilities in MLOps Platforms
by
in SecurityNewsCybersecurity researchers are warning about the security risks in the machine learning (ML) software supply chain following the discovery of more than… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/researchers-identify-over-20-supply.html