Please turn on your JavaScript for this page to function normally.

supply chain compromise

XZ Utils backdoor: Detection tools, scripts, rules

As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? …

Linux alert
Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)

UPDATE: April 9, 09:23 AM ET Two stories have been published since this initial release: Which Linux distros are affected and what can you do? XZ Utils backdoor: Detection …

Organizations prefer a combination of AI and human analysts to monitor their digital supply chain

The number of cyber breaches targeting organizations’ supply chains continues to rise, with an average 4.16 breaches reported to be negatively impacting operations this …

North Korea
North Korean hackers are targeting software developers and impersonating IT workers

State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies …

Attackers hit software firm Retool to get to crypto companies and assets

Retool, the company behind the popular development platform for building internal business software, has suffered a breach that allowed attackers to access and take over …

Exploring the macro shifts in enterprise security

The number of successful ransomware attacks and data breach attempts fell by 30% over the last year, the number of reported security incident types at organizations increased, …

3CX breach linked to previous supply chain compromise

Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture. In the meantime, we now …

3CX compromise: More details about the breach, new PWA app released

3CX has released an interim report about Mandiant’s findings related to the compromise the company suffered last month, which resulted in a supply chain attack targeting …

3CX supply chain attack: What do we know?

Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the …

3CX customers targeted via trojanized desktop app

Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began …

Federal defense contractors are not properly securing military secrets

Defense contractors hold information that’s vital to national security and will soon be required to meet Cybersecurity Maturity Model Certification (CMMC) compliance to …

How to assess and mitigate complex supply chain risks

As cyber attackers increasingly look to capitalize on accelerating digitalization that has seen many enterprises significantly increase their reliance on cloud-based solutions …

Don't miss

Cybersecurity news