supply chain compromise
A ransomware reality check for CISOs
The rising tide of ransomware attacks targeting critical infrastructure sectors has reached unprecedented heights. Now at the top of many CISOs’ agendas, a confluence of …
Trojan Source bugs may lead to extensive supply-chain attacks on source code
Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …
Popular npm package hijacked, modified to deliver cryptominers
Several versions of the npm package for UA-parser.js, a widely used JavaScript library, have been modified to include malicious code and have been made available for download. …
Executives’ top concern in Q3 2021? New ransomware models
The threat of “new ransomware models” was the top concern facing executives in the third quarter of 2021, according to Gartner. Concerns about ransomware topped …
Organizations lack basic cybersecurity practices to combat the growing tide of ransomware
Organizations are not equipped to defend against ransomware due to deficiencies in implementing and sustaining basic cybersecurity practices, including managing privileged …
List of IT assets an attacker is most likely to target for exploitation
Randori released a report that identifies the most tempting IT assets that an attacker is likely to target and exploit. Leading up to the anniversary of the Solarwinds hack, …
Worldwide supply chains vulnerable as businesses lack visibility into suppliers
BlueVoyant released the findings of its second annual global survey into third-party cyber risk management. The study reveals that 97% of firms surveyed have been negatively …
2021 nastiest malware: Here to stay and ever evolving
This year was yet another year with COVID-19 and malware running rampant in the headlines. Be it in person or online, the world is still struggling in the fight against …
REvil/Sodinokibi accounting for 73% of ransomware detections in Q2 2021
McAfee released a report which examines cybercriminal activity related to ransomware and cloud threats in the second quarter of 2021. With the shift to a more flexible …
Large ransom demands and password-guessing attacks escalate
ESET released a report that summarizes key statistics from its detection systems and highlights notable examples of its cybersecurity research. The latest issue of the report …
C-level execs confident in their software supply chain security, but challenges remain
A survey of C-level executives released by CloudBees reveals high confidence levels in software supply chain security but a limited understanding of the essential components …
Leveraging threat intelligence to tackle supply chain vulnerabilities
In this interview with Help Net Security, Brandon Hoffman, CISO at Intel 471, talks about the growing threat of supply chain attacks, the most common supply chain …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD