The North Korea-linked state-sponsored hacking group Lazarus has started to target the IT supply chain in recent attacks, according to cybersecurity firm Kaspersky.
When FireEye (now Mandiant) disclosed the SolarWinds breach in December 2020, the security world was forced to accept the reality that given the motivation,...
The Russia-linked cyberespionage group that hacked IT management solutions provider SolarWinds continues to launch supply chain attacks, Microsoft warned on Monday.
At SecurityWeek's 2021 CISO Forum, a high-powered panel of experts discussed specific ways an SBOM can improve supply chain security and where expectations may be overblown. ...
Security researchers at Kaspersky have spotted signs of the notorious FinSpy surveillance spyware hijacking -- and replacing -- the Windows UEFI bootloader to perform...
The U.S. government’s push for mandatory SBOMs has sent cybersecurity buyers and sellers scrambling to understand the ramifications and prepare for downstream side-effects.
Following a major software supply chain compromise that exposed data for several major companies, developer tools startup CodeCov plans to kill off the Bash...