supply chain Archives - Help Net Security

supply chain

The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals

May 25, 2023

The widespread adoption of remote and hybrid working practices in recent years has brought numerous benefits to various industries, but has also introduced new cyber threats, …

Preparing for federal supply chain security standardization

May 17, 2023

In 2021, the Biden Administration published the Executive Order on Improving the Nation’s Cybersecurity (EO 14028), setting off an agency-wide security initiative with the …

Unpaid open source maintainers struggle with increased security demands

May 4, 2023

Ensuring the security of the open-source software that modern organizations depend on is a crucial responsibility of the open source maintainers, especially as attacks on the …

The double-edged sword of open-source software

April 25, 2023

The lack of visibility into the software supply chain creates an unsustainable cycle of discovering vulnerabilities and weaknesses in software and IT systems, overwhelming …

Google delivers secure open source software packages

April 13, 2023

Google has announced the Google Cloud Assured Open Source Software (Assured OSS) service, which aims to be a trusted source of secure open source packages, and the deps.dev …

BEC scammers are after physical goods, the FBI warns

March 27, 2023

BEC attacks are usually aimed at stealing money or valuable information, but the FBI warns that BEC scammers are increasingly trying to get their hands on physical goods such …

Best practices for securing the software application supply chain

March 15, 2023

As server-side security advances, more attackers are exploiting vulnerabilities and launching malicious attacks through the less protected and seldom monitored client-side …

Research reveals where 95% of open source vulnerabilities lie

December 9, 2022

New research from Endor Labs offers a view into the rampant but often unmonitored use of existing open-source software in application development and the dangers arising from …

How to assess and mitigate complex supply chain risks

November 7, 2022

As cyber attackers increasingly look to capitalize on accelerating digitalization that has seen many enterprises significantly increase their reliance on cloud-based solutions …

You can up software supply chain security by implementing these measures

November 1, 2022

The COVID-19 pandemic has been a driving force in digital acceleration, and it continues to wield its influence in how organizations and their staff embrace work. In the push …

Consumer behaviors are the root of open source risk

October 24, 2022

Sonatype unveiled its eighth annual State of the Software Supply Chain Report which, in addition to a massive surge in open source supply, demand, and malicious attacks, found …

How supply chain threats will evolve in 2023

October 21, 2022

Software supply chain risk has grown to be a significant concern for organizations as cyber attackers look to take advantage of the accelerating digitalization that has seen …

supply chain

The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals

Preparing for federal supply chain security standardization

Unpaid open source maintainers struggle with increased security demands

The double-edged sword of open-source software

Google delivers secure open source software packages

BEC scammers are after physical goods, the FBI warns

Best practices for securing the software application supply chain

Research reveals where 95% of open source vulnerabilities lie

How to assess and mitigate complex supply chain risks

You can up software supply chain security by implementing these measures

Consumer behaviors are the root of open source risk

How supply chain threats will evolve in 2023

Don't miss

Phishers use encrypted file attachments to steal Microsoft 365 account credentials

New Buhti ransomware uses leaked payloads and public exploits

Strengthening travel safety protocols with ISO 31030

Phishing campaign targets ChatGPT users

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)