Please turn on your JavaScript for this page to function normally.

supply chain compromise

Hand
Trojan Source bugs may lead to extensive supply-chain attacks on source code

Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …

UA-Parser-js
Popular npm package hijacked, modified to deliver cryptominers

Several versions of the npm package for UA-parser.js, a widely used JavaScript library, have been modified to include malicious code and have been made available for download. …

shark
Executives’ top concern in Q3 2021? New ransomware models

The threat of “new ransomware models” was the top concern facing executives in the third quarter of 2021, according to Gartner. Concerns about ransomware topped …

fire
Organizations lack basic cybersecurity practices to combat the growing tide of ransomware

Organizations are not equipped to defend against ransomware due to deficiencies in implementing and sustaining basic cybersecurity practices, including managing privileged …

target
List of IT assets an attacker is most likely to target for exploitation

Randori released a report that identifies the most tempting IT assets that an attacker is likely to target and exploit. Leading up to the anniversary of the Solarwinds hack, …

network
Worldwide supply chains vulnerable as businesses lack visibility into suppliers

BlueVoyant released the findings of its second annual global survey into third-party cyber risk management. The study reveals that 97% of firms surveyed have been negatively …

Google Play malware
2021 nastiest malware: Here to stay and ever evolving

This year was yet another year with COVID-19 and malware running rampant in the headlines. Be it in person or online, the world is still struggling in the fight against …

ransomware
REvil/Sodinokibi accounting for 73% of ransomware detections in Q2 2021

McAfee released a report which examines cybercriminal activity related to ransomware and cloud threats in the second quarter of 2021. With the shift to a more flexible …

Large ransom demands and password-guessing attacks escalate

ESET released a report that summarizes key statistics from its detection systems and highlights notable examples of its cybersecurity research. The latest issue of the report …

C-level execs confident in their software supply chain security, but challenges remain

A survey of C-level executives released by CloudBees reveals high confidence levels in software supply chain security but a limited understanding of the essential components …

Brandon Hoffman
Leveraging threat intelligence to tackle supply chain vulnerabilities

In this interview with Help Net Security, Brandon Hoffman, CISO at Intel 471, talks about the growing threat of supply chain attacks, the most common supply chain …

DDoS
DDoS attacks increased 11% in 1H 2021, fueling a global security crisis

NETSCOUT announced findings from its report that underscore the dramatic impact cyberattacks continue to have on private and public organizations and governments worldwide. In …

Don't miss

Cybersecurity news