Supply Chain Security Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Endpoint Security

Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards

A backdoor feature found in hundreds of Gigabyte motherboard models can pose a significant supply chain risk to organizations.

Eduard Kovacs4 days ago

Nation-State

Researchers Spot APTs Targeting Small Business MSPs

Proofpoint warns that APT actors linked to Russia, Iran and North Korea are increasingly targeting small- and medium-sized businesses.

Ryan NaraineMay 24, 2023

Application Security

Red Hat Pushes New Tools to Secure Software Supply Chain

Red Hat rolls out a new suite of tools and services to help mitigate vulnerabilities across every stage of the modern software supply chain.

Ryan NaraineMay 23, 2023

Supply Chain Security

China Tells Tech Manufacturers to Stop Using Micron Chips, Stepping Up Feud With United States

China’s government told users of computer equipment deemed sensitive to stop buying products from the biggest U.S. memory chipmaker, Micron.

Associated PressMay 22, 2023

Supply Chain Security

Pimcore Platform Flaws Exposed Users to Code Execution

Security researchers are warning that newly patched vulnerabilities in the Pimcore platform bring code execution risks.

Ionut ArghireMay 19, 2023

Funding/M&A

Investors Make $6M Bet on Manifest for SBOM Management Technology

Manifest raises $6 million in seed funding to help businesses generate, collect, and manage software bill of materials (SBOMs).

Ryan NaraineMay 18, 2023

Application Security

Tidelift Raises $27 Million to Tackle Open Source Supply Chain Security

Boston, Mass.-based Tidelift, a company on a mission to address open source supply chain “health and security,” has raised $27 million in Series C...

Mike LennonMay 25, 2022

Application Security

WhiteSource Becomes Mend, Adds Automatic Code Remediation

WhiteSource Changes Company Name to Mend

Kevin TownsendMay 25, 2022

Malware & Threats

PyPI Served Malicious Version of Popular ‘Ctx’ Python Package

A popular Python package was compromised recently and replaced with a malicious version apparently designed to help the attacker obtain AWS credentials.

Eduard KovacsMay 24, 2022

Supply Chain Security

Researchers Spot Supply Chain Attack Targeting GitLab CI Pipelines

Security researchers at SentinelLabs are calling attention to a software chain supply attack targeting Rust developers with malware aimed directly at infecting GitLab Continuous...

Ryan NaraineMay 19, 2022

ICS/OT

The Vulnerable Maritime Supply Chain – a Threat to the Global Economy

Kevin TownsendMay 18, 2022

ICS/OT

New Special Interest Group Aims to Enhance ICS/OT Cyber Defenses

MITRE has announced a new special interest group (SIG) whose goal is to help enhance cyber defenses for industrial control systems (ICS) and operational...

Eduard KovacsMay 17, 2022

Cyberwarfare

US, EU to Ramp Up Chip Making and Raise Pressure on Russia

The United States and the European Union announced on Monday a joint effort to boost microchip manufacturing and tackle Russian disinformation around the war...

AFPMay 16, 2022

Cybersecurity Funding

Zero Trust Firm Xage Security Adds $6 Million ‘Top-up’ to $30 Million Series B Funding

Palo Alto, Calif-based firm Xage has raised a $6 million top-up to the $30 million Series B funding it secured in January 2022.

Kevin TownsendMay 12, 2022

CISO Strategy

Prepare for What You Wish For: More CISOs on Boards

We have a long way to go to get adequate cybersecurity expertise on boards, but the time has come to make it happen

Marc SolomonMay 12, 2022

Cybercrime

Ransomware Attack Hits Production Facilities of Agricultural Equipment Giant AGCO

Agricultural equipment giant AGCO says its business operations have been impacted after falling victim to a ransomware attack last week.AGCO designs, makes, and distributes...

Ionut ArghireMay 9, 2022

Application Security

GitHub Announces Mandatory 2FA for Code Contributors

Code hosting platform GitHub on Wednesday said it would make it mandatory for software developers to use at least one form of two-factor authentication (2FA) by...

Ionut ArghireMay 5, 2022

Supply Chain Security

The VC View: The DevSecOps Evolution and Getting “Shift Left” Right

As the world increasingly moves to the cloud and digital-everything, organizations’ risk postures have also changed. Embedding security into the business is the new,...

William LinMay 2, 2022