Malware & Threats
A new APT group called Carderbee has been observed deploying the PlugX backdoor via a supply chain attack targeting organizations in Hong Kong.
Hi, what are you looking for?
SecurityWeek
All posts tagged "Supply Chain"
Funding/M&A
HashiCorp acquires BluBracket secrets-scanning technology to help businesses block accidental leaks and fight secret sprawl.
Nation-State
The North Korean hacking group behind the supply chain attack that hit 3CX also broke into two critical infrastructure organizations in the energy sector.
Supply Chain Security
3CX hack is the first known cascading supply chain attack, with the breach starting after an employee downloaded compromised software from a different firm.
Malware & Threats
3CX has confirmed previous reports that the recently disclosed supply chain attack was likely conducted by North Korean hackers.
Supply Chain Security
Europe, the United States and Australia seem to be the most impacted by the 3CX supply chain hack, according to data from two cybersecurity...
Malware & Threats
Several cybersecurity companies have published blog posts, advisories and tools to help organizations that may have been hit by the 3CX supply chain attack.
Malware & Threats
3CX confirms investigating a security breach as the cybersecurity community is sharing more information on what appears to be a sophisticated supply chain attack.
Supply Chain Security
CrowdStrike threat intelligence team warns about unexpected malicious activity from a legitimate, signed version of the 3CXDesktopApp.
Cybersecurity Funding
Software supply chain security management startup Lineaje raises $7 million in a seed funding round led by Tenable Ventures.
Risk Management
The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...
Supply Chain Security
A new report found that 98% of organizations have a relationship with a third party that has been breached, while more than 50% have...
Mobile & Wireless
Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones.
Funding/M&A
Cybersecurity Funding
Artificial Intelligence
Threat Intelligence
Noteworthy stories that might have slipped under the radar: Snowden file analysis, Yubico starts trading, election hacking event.
Vulnerabilities
