Supply Chain Security Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Endpoint Security

Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards

A backdoor feature found in hundreds of Gigabyte motherboard models can pose a significant supply chain risk to organizations.

Eduard Kovacs4 days ago

Nation-State

Researchers Spot APTs Targeting Small Business MSPs

Proofpoint warns that APT actors linked to Russia, Iran and North Korea are increasingly targeting small- and medium-sized businesses.

Ryan NaraineMay 24, 2023

Application Security

Red Hat Pushes New Tools to Secure Software Supply Chain

Red Hat rolls out a new suite of tools and services to help mitigate vulnerabilities across every stage of the modern software supply chain.

Ryan NaraineMay 23, 2023

Supply Chain Security

China Tells Tech Manufacturers to Stop Using Micron Chips, Stepping Up Feud With United States

China’s government told users of computer equipment deemed sensitive to stop buying products from the biggest U.S. memory chipmaker, Micron.

Associated PressMay 22, 2023

Supply Chain Security

Pimcore Platform Flaws Exposed Users to Code Execution

Security researchers are warning that newly patched vulnerabilities in the Pimcore platform bring code execution risks.

Ionut ArghireMay 19, 2023

Funding/M&A

Investors Make $6M Bet on Manifest for SBOM Management Technology

Manifest raises $6 million in seed funding to help businesses generate, collect, and manage software bill of materials (SBOMs).

Ryan NaraineMay 18, 2023

Application Security

New OpenSSF Project Hunts for Malicious Packages in Open Source Repositories

The Open Source Security Foundation (OpenSSF) has announced a new project whose goal is to help identify malicious packages in open source repositories.

Ionut ArghireApril 29, 2022

Application Security

Web Application Security Firm Source Defense Raises $27 Million

Source Defense, a provider of web application client-side protection, says it pocketed $27 million in Series B funding, bringing the total investment raised by...

Ionut ArghireApril 26, 2022

Cybersecurity Funding

Code Security Firm SonarSource Raises $412 Million at $4.7 Billion Valuation

Geneva-based code quality company is cashing in on heightened investor interest in the software supply chain security space

Ryan NaraineApril 26, 2022

Cybersecurity Funding

Fortress Raises $125 Million to Secure Critical Industry Supply Chains

Fortress Information Security on Tuesday announced raising $125 million from Goldman Sachs, an investment that it plans on using to help critical industry operators...

Eduard KovacsApril 19, 2022

Application Security

Google Teams Up With GitHub for Supply Chain Security

Google has teamed up with GitHub for a solution that should help prevent software supply chain attacks such as the ones that affected SolarWinds...

Eduard KovacsApril 7, 2022

Audits

Checkmarx Finds Threat Actor ‘Fully Automating’ NPM Supply Chain Attacks

Threat hunters at Checkmarx on Monday raised an alarm after discovering a threat actor fully automating the creation and delivery of "hundreds of malicious...

Ryan NaraineMarch 28, 2022

Supply Chain Security

Watch on Demand: Supply Chain Security Summit & Expo (Virtual)

Mike LennonMarch 23, 2022

Application Security

‘Secrets Sprawl’ Haunts Software Supply Chain Security

A cybersecurity startup is warning of a major, unattended weak link in the software supply chain: the vexing problem of valuable corporate secrets --...

Ryan NaraineMarch 22, 2022

Application Security

Software Supply Chain Weakness: Snyk Warns of ‘Deliberate Sabotage’ of NPM Ecosystem

Software supply chain security fears escalated again this week with the discovery of what’s being described as "deliberate sabotage" of code in the open-source...

Ryan NaraineMarch 17, 2022

Supply Chain Security

Webinar Today: Protect the Software Supply Chain, Eliminate Risks in Code

SecurityWeek VideoMarch 8, 2022

Application Security

Legit Security Raises $30M to Tackle Supply Chain Security

A team of Israeli entrepreneurs with roots in the application security ecosystem is taking a stab at software supply chain security with big backing...

Ryan NaraineFebruary 14, 2022

Supply Chain Security

OpenSSF Alpha-Omega Project Tackles Supply Chain Security

Microsoft and Google are throwing their weight behind a new Linux Foundation OpenSSF initiative to address major security gaps in the open-source software ecosystem.

Ryan NaraineFebruary 1, 2022