Tag: supply-chain
-
Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers
by
in SecurityNewsA new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate down… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/hackers-hijack-22000-removed-pypi.html
-
2024 SC Awards Finalists: Best Supply Chain Security Solution
by
in SecurityNews
Tags: supply-chainFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/2024-sc-awards-finalists-best-supply-chain-security-solution
-
Credit Union Issues Belated MOVEit Data Breach Notification
by
in SecurityNewsTexas Credit Union Only Just Notifying 500,000 Members About May 2023 Data Theft. Fifteen months after a massive supply-chain attack hit users of MOVE… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/credit-union-issues-belated-moveit-data-breach-notification-a-26134
-
Time to finally get serious about stopping the attacks on the healthcare supply chain
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/perspective/time-to-finally-get-serious-about-stopping-the-attacks-on-the-healthcare-supply-chain
-
Software-Lieferketten unter massiven Cyberangriffen – Führungskräfte und Entwickler uneins über Software Supply Chain Security
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/steigende-sicherheitsrisiken-software-lieferkette-jfrog-bericht-a-b07817968e1af54fcf0523a118b38a87/
-
Supply Chain Security Policy
by
in SecurityNewsWith the increasing reliance on complex and global supply chains, more companies are exposed to a wide range of risks, including theft, counterfeiting… First seen on techrepublic.com Jump to article: www.techrepublic.com/resource-library/toolstemplates/supply-chain-security-policy/
-
That was then, this is now¦.Modernizing AppSec in Fast-Paced Development Environments
by
in SecurityNewsYou are the weakest link. Hello. Ninety-one percent of organizations experienced at least one software supply chain security incident in 2023. Chan… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/that-was-then-this-is-now-modernizing-appsec-in-fast-paced-development-environments/
-
Linux Malware liefert Beweis: Lazarus steckt hinter der 3CX Supply Chain Attacke
by
in SecurityNewseiten mit neu entdeckter Linux-Malware, die bei der Operation DreamJob verwendet wurde, bestätigen die Theorie, dass die berüchtigte, mit Nordkorea ve… First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2023/04/20/linux-malware-liefert-beweis-lazarus-steckt-hinter-der-3cx-supply-chain-attacke/
-
NullBulge threat actor targets software supply chain, AI tech
by
in SecurityNewsSentinelOne published new research detailing NullBulge, an emerging ransomware actor that recently claimed to have stolen data from Disney’s internal … First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366596133/NullBulge-threat-actor-targets-software-supply-chain-AI-tech
-
Cyber Supply Chain Security and Third-Party Risk Management
by
in SecurityNewsSujit Christy on Why Their Intersection Requires a Paradigm Shift The intersection of cyber supply chain security and third/fourth-party risk manageme… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/blogs/cyber-supply-chain-security-third-party-risk-management-p-3680
-
SBOMs Critical to Software Supply Chain Security
by
in SecurityNewsBy Deb Radcliff, DevSecOps analyst and editor of CodeSecure’s TalkSecure educational content (syndicated at Security Boulevard & YouTube)LAS VEGAS… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/sboms-critical-to-software-supply-chain-security/
-
SEC Investigation into Progress MOVEit Hack Ends Without Charges
by
in SecurityNewsAfter months of investigation, the SEC decided not to recommend any enforcement action against software provider Progress regarding the supply chain a… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/sec-progress-moveit-no-charges/
-
Firmware Guide for Pen Testers
by
in SecurityNewsContributions from Mathew Mullins, Supply Chain Security Consultant here at Eclypsium. Introduction Penetration tests come in many different varieties… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/firmware-guide-for-pen-testers/
-
ISMG Editors: Is Russia Waging War Through Ransomware?
by
in SecurityNewsAlso: Lone-Wolf Operators, Attacks on Medical Supply Chains What’s Next?. In the latest weekly update, ISMG editors explore evolving ransomware threat… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ismg-editors-russia-waging-war-through-ransomware-a-25996
-
Lineaje raises $20M to help organizations combat software supply chain threats
by
in SecurityNewsThe software supply chain faces threats from all sides. A 2024 report by the Ponemon Institute found that over half of organizations have experienced … First seen on techcrunch.com Jump to article: techcrunch.com/2024/07/30/lineaje-raises-20m-to-help-organizations-combat-software-supply-chain-threats/
-
Understanding and reducing supply chain risk and software vulnerability risks
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/resource/understanding-and-reducing-supply-chain-risk-and-software-vulnerability-risks
-
1 in 5 companies say state-sponsored attacks try to penetrate supply chain
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/one-in-five-companies-claim-state-sponsored-attacks
-
Report: Large number of software supply chains have critical vulnerabilities
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/report-large-number-of-software-supply-chains-have-critical-vulnerabilities
-
North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks
by
in SecurityNewsSouth Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. South Ko… First seen on securityaffairs.com Jump to article: securityaffairs.com/166628/apt/north-korea-targets-construction-machinery-sectors.html
-
#BHUSA: Nation-State Attacks Target Hardware Supply Chains
by
in SecurityNewsNew report warns of escalating hardware supply chain attacks, with 19% of organizations impacted and nearly all IT leaders expecting nation-state invo… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nationstate-attacks-target/
-
OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware
by
in SecurityNewsForescout has published a new report examining the current state of the software supply chain in OT/IoT routers. The study uncovered that OT and IoT c… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/07/ot-iot-router-firmware-vulnerabilities/
-
Cybercriminals Target OneBlood: Blood Supply Chain Threatened
by
in SecurityNewsThe nonprofit organization OneBlood, which supplies donor blood to over 250 hospitals in the United States, finds itself in a challenging situation. H… First seen on securityonline.info Jump to article: securityonline.info/cybercriminals-target-oneblood-blood-supply-chain-threatened/
-
Kimsuky and Andariel Target Seoul’s Construction Industry
by
in SecurityNewsEspionage Groups Exploited Software Supply Chain Vulnerabilities to Widen Reach. Prominent North Korean hacker groups Kimsuky and Andariel have been t… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/kimsuky-andariel-target-seouls-construction-industry-a-25961
-
Attacks on Blood Suppliers Trigger Supply Chain Warning
by
in SecurityNewsBlood Shortage After Ransomware Attack Underscores Rising Threats to Patient Safety. The American Hospital Association and Health Information Sharing … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/attacks-on-blood-suppliers-trigger-supply-chain-warning-a-25944
-
Airlines are flying blind on third-party risks
by
in SecurityNewsThe aviation industry has traditionally focused on physical security threats, but recent revelations about risks on Boeing’s supply chain have spotlig… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/01/airlines-third-party-risks/
-
Malware Exploiting IoT Devices on the Rise, SonicWall Warns
by
in SecurityNewsSonicWall has published its mid-year Cyber Threat Report for 2024. In the first half of the year, there was a significant increase in supply chain att… First seen on securityonline.info Jump to article: securityonline.info/malware-exploiting-iot-devices-on-the-rise-sonicwall-warns/
-
Microsoft Remains Top Phishing Target, Adidas and WhatsApp Join Top 10
by
in SecurityNewsPhishing attacks remain one of the most prevalent cyber threats and often serve as the precursor to larger-scale supply chain campaigns. Recently, Che… First seen on securityonline.info Jump to article: securityonline.info/microsoft-remains-top-phishing-target-adidas-and-whatsapp-join-top-10/
-
Supply chain attacks conducted through Polyfill.io service
by
in SecurityNewsIn February, a Chinese company named Funnell bought the Polyfill.io domain, which sparked concerns in the infosec community about potential supply cha… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366592015/Supply-chain-attacks-conducted-through-Polyfillio-service
-
Three ways to mitigate AI-based supply chain attacks
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/perspective/three-ways-to-mitigate-ai-based-supply-chain-attacks
-
Software Supply Chain Security Firm Lineaje Raises $20M in Series A Funding
by
in SecurityNewsSoftware supply chain security startup Lineaje has raised $20 million in a Series A funding round that brings the total to $27 million. The post Soft… First seen on securityweek.com Jump to article: www.securityweek.com/software-supply-chain-security-firm-lineaje-raises-20m-in-series-a-funding/