Cybercrime
A previously undocumented attack group, given the name the Tortoiseshell Group, is targeting middle eastern IT firms in an apparent supply chain move against...
Hi, what are you looking for?
SecurityWeek
Supply Chain Security
North Korean hackers breached a Taiwanese company and used its systems to deliver malware to the US, Canada, Japan and Taiwan in a supply...
Cloud Security
Researchers at Aqua call urgent attention to the public exposure of Kubernetes configuration secrets, warning that hundreds of organizations are vulnerable to this “ticking...
Supply Chain Security
CISA, NSA, and ODNI issue new guidance on managing open source software and SBOMs to maintain awareness on software security.
Cybersecurity Funding
UK-based Risk Ledger has raised £6.25 million (~$7.65 million) in Series A funding to prevent supply chain attacks.
Application Security
Washington startup Chainguard banks $61 million in new financing as investors make hefty wagers on software supply chain security companies.
Supply Chain Security
Multiple North Korean hacking groups have exploited a recent TeamCity vulnerability and Microsoft warns of potential supply chain attacks.
Security Infrastructure
The number of supply chain attacks observed last year was 78% higher compared to the previous year, a new Symantec report reveals.
IoT Security
Boston, MA-based start-up firm DUST Identity has emerged from stealth with $2.3 million seed funding led by Kleiner Perkins, with participation from New Science...
Malware & Threats
Security researchers have uncovered a supply chain attack aimed at infecting organizations in South Korea with a remote access Trojan (RAT) to steal valuable...
Cybercrime
Malvertising Campaign Steals Traffic From 10,000 Hacked WordPress Sites and Exploits the Online Advertising Supply Chain
Incident Response
Microsoft has shared details of a new attack that attempted to spread crypto-mining malware to a large number of users by compromising the software...
Malware & Threats
Organizations increasingly have to deal with cyberattacks targeting the software supply chain and in many cases they are not adequately prepared to respond to...
ICS/OT
Mocana TrustCenter Manages Security Across IoT and ICS Device Lifecycles
Malware & Threats
As I’ve written before, sophisticated adversaries are finding vulnerabilities wherever they can, and often that means looking to an organization’s supply chain for weaknesses...
Cybercrime
Proton, a remote access tool (RAT) that emerged in early 2017, has once again compromised a legitimate software’s distribution channel to spread, ESET warns.
Risk Management
After more than 145 million customer records were compromised in the Equifax data breach, the company’s stock plummeted by more than 30 percent. That...
Risk Management
Partnership Integrates BitSight’s Security Ratings Capabilities With CyberGRX Third-Party Cyber Risk Exchange
Ransomware
The leak website of the notorious BlackCat/Alphv ransomware group has been offline for days and law enforcement is reportedly behind the takedown.
Artificial Intelligence
CISO Strategy
Network Security
Stepping outside the confines of our comfort zone and embracing a mindset that prioritizes adaptability, shared responsibility, risk-awareness, and preparednessis indispensable in fortifying defenses...
Vulnerabilities
Artificial Intelligence
Data Protection
