supply chain compromise
3 areas of implicitly trusted infrastructure that can lead to supply chain compromises
The SolarWinds compromise in December 2020 and the ensuing investigation into their build services put a spotlight on supply chain attacks. This has generated a renewed …
4 things you can do to minimize cyberattacks on supply and value chains
Supply chain attacks target the weakest spot in most every enterprise’s security program: third-party access. The SolarWinds hack was a classic supply chain attack, …
The growing threat to CI/CD pipelines
Before the pandemic, most modern organizations had recognized the need to innovate to support developers’ evolving workflows. Today, rapid digitalization has placed a …
Nearly 40% of new ransomware families use both data encryption and data theft in attacks
Data-stealing ransomware attacks, information harvesting malware, and supply chain attacks are among the critical threats to organizations, according to F-Secure. One of the …
Attackers tried to insert backdoor into PHP source code
The PHP development team has averted an attempted supply chain compromise that could have opened a backdoor into many web servers. What happened? “[On Sunday, March 28] …
Adversaries exploit supply chains, double down on COVID-19 and ransomware
Supply chain attacks, ransomware, data extortion and nation-state threats prove to be more prolific than ever, a CrowdStrike report suggests. eCrime attacks made up 79% of all …
SolarWinds hack investigation reveals new Sunspot malware
Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. …
2021 key risk areas beyond the pandemic
Healix International has identified six key areas of risk – besides the continued impact of COVID-19 – for global organizations in 2021. Natural disasters The increasing …
Microsoft was also a victim of the SolarWinds supply chain hack
Microsoft has confirmed that it, too, is among the companies who have downloaded the compromised SolarWinds Orion updates, but that they have isolated and removed them. …
SolarWinds hackers’ capabilities include bypassing MFA
As the list of known organizations compromised by way of the SolarWinds supply chain attack is slowly growing – according to Reuters, the attackers also breached U.S. …
Hackers breached U.S. government agencies via compromised SolarWinds Orion software
A “highly sophisticated” hacking group has breached the U.S. Treasury Department, the U.S. Department of Commerce’s National Telecommunications and …
Operator‑billed 5G connections revenue to reach $357 billion by 2025
Operator‑billed revenue from 5G connections will reach $357 billion by 2025, rising from $5 billion in 2020, its first full year of commercial service, according to Juniper …
Featured news
Resources
Don't miss
- Accenture acknowledges security incident following 35GB data theft claim
- Orbia CISO Miranda Ritchie on building security into sustainable infrastructure
- 20 open-source cybersecurity tools to keep your team ready for anything
- macOS is becoming a proving ground for AI agents
- How to implement a continuous offensive security testing program