third party compromise
Your vendors are likely your biggest cybersecurity risk
As speed of business increases, more and more organizations are looking to either buy companies or outsource more services to gain market advantage. With organizations …
DigitalOcean customers affected by Mailchimp “security incident”
A recent attack targeting crypto-related users of Mailchimp has ended up affecting users of cloud infrastructure provider DigitalOcean, the latter company has announced on …
Why cyber security can’t just say “no“
There was a time, not long ago, when there were only so many ways of accomplishing an information technology task. Whether you were building a website, setting up a new …
Manage and monitor third-party identities to protect your organization
SecZetta shared a research that demonstrates a clear misalignment between the strategies organizations currently use and what is actually required to protect them from …
18% of the top 99 insurance carriers have a high susceptibility to ransomware
Black Kite released a report that examines rising cyber risk concerns and ransomware susceptibility in the insurance sector. The most notable takeaway: nearly 20% of the top …
Okta names contractor involved in Lapsus$ gang’s attack
Okta has released additional details about the security incident caused by the Lapsus$ gang, and has named the contractor involved: Sitel. What happened? “Like many SaaS …
Strengthening third-party vendor programs in times of crisis and beyond
The ongoing global turmoil has tested the supply chain across industries in a myriad of ways – from strained resources and remote workflows to security concerns and more. …
Microsoft and Okta confirm, detail impact of Lapsus$ gang’s attacks
Recent claims by the cyber extortion gang have been validated by Okta and Microsoft: Lapsus$ have managed to get their hands on some of Microsoft’s source code and have …
Why banks should incorporate software bill of materials (SBOM) into their third-party risk programs
In the face of rising cybersecurity threats, the Biden administration issued an executive order in May 2021 calling for improvements in the supply chain. Among the recommended …
Top threat activities this year
ZeroFox published a threat intelligence forecast for 2022, detailing expected cybercriminal behavior trends including ransomware, malware-as-a-service, vulnerabilities and …
The most common cyber gaps threatening supply chain security
Panorays has identified the top five most common cyber gaps among third-party organizations over 2021. Analyzing data gathered from cyber posture evaluations of tens of …
Contextualizing supply chain risks in a SaaS environment
In the wake of the SolarWinds and Kaseya attacks, third-party cybersecurity risks remain top of mind for security leaders. Nonetheless, CISOs continue to experience …
Featured news
Resources
Don't miss
- PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778)
- Italian-made spyware Dante linked to Chrome zero-day exploitation campaign
- Managing legacy medical devices that can no longer be patched
- Chain of security weaknesses found in smart air compressor model
- Review: The Wireless Cookbook