Supply Chain Security
By having a golden image you will put a process in place that allows you to quickly take action when a vulnerability is found...
Hi, what are you looking for?
SecurityWeek
Government
CISA unveils a new Hardware Bill of Materials (HBOM) framework for buyers and sellers to communicate about components in physical products.
Artificial Intelligence
Exposed data includes backup of employees workstations, secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages.
Supply Chain Security
Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.
Malware & Threats
A new APT group called Carderbee has been observed deploying the PlugX backdoor via a supply chain attack targeting organizations in Hong Kong.
Application Security
Google sprinkles magic of generative-AI into its open source fuzz testing infrastructure and finds immediate success with code coverage.
Government
The US government's cybersecurity agency describes UEFI as "critical attack surface" that requires urgent security attention.
Supply Chain Security
If after eighteen months, meaningful use of SBOMs is unachievable, we need to ask what needs to be done to fulfill Biden’s executive order.
Endpoint Security
A backdoor feature found in hundreds of Gigabyte motherboard models can pose a significant supply chain risk to organizations.
Nation-State
Proofpoint warns that APT actors linked to Russia, Iran and North Korea are increasingly targeting small- and medium-sized businesses.
Application Security
Red Hat rolls out a new suite of tools and services to help mitigate vulnerabilities across every stage of the modern software supply chain.
Supply Chain Security
China’s government told users of computer equipment deemed sensitive to stop buying products from the biggest U.S. memory chipmaker, Micron.
Supply Chain Security
Security researchers are warning that newly patched vulnerabilities in the Pimcore platform bring code execution risks.
Funding/M&A
Manifest raises $6 million in seed funding to help businesses generate, collect, and manage software bill of materials (SBOMs).
Funding/M&A
Israeli startup Entro launches with $6 million in seed-stage funding and a product to help manage secrets sprawl in the enterprise.
Supply Chain Security
SBOMs can be used for managing risk and determining vulnerability impact, but it’s very hard to build holistic risk models when the data is...
Risk Management
CISA urges organizations to review FCC’s Covered List of risky communications equipment and incorporate it in their supply chain risk management efforts.
Risk Management
The software supply chain security firm adds the Open Policy Agent to its risk analysis engine, increasing flexibility for the creation and enforcement of...
Vulnerabilities
Cisco has released patches for vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks.
Vulnerabilities
Endpoint Security
Cybercrime
Progress Software ships patches for critical-severity flaws in its WS_FTP file transfer software and warns that a pre-authenticated attacker could wreak havoc on the...
Cybersecurity Funding
Cybersecurity Funding
Risk Management