supply chain compromise
Why is trust in legacy vendors on shaky ground?
A Vanson Bourne survey report highlights ransomware payout demands and extortion fees are massively increasing, while trust in legacy IT vendors has dipped and organizations …
The ripple effect: Why protection against supply chain attacks is a must
The SolarWinds attack continues to send ripples across the world of cybersecurity. For the uninitiated, this form of cyber attack was like a gradual spread of poison, and its …
Malicious Python packages employ advanced detection evasion techniques
JFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over …
Retail industry security incidents soaring, worsened by the supply chain crisis
Imperva’s 12-month analysis on cybersecurity risks in the retail industry suggests that the 2021 holiday shopping season will be further disrupted by cybercriminals …
A ransomware reality check for CISOs
The rising tide of ransomware attacks targeting critical infrastructure sectors has reached unprecedented heights. Now at the top of many CISOs’ agendas, a confluence of …
Trojan Source bugs may lead to extensive supply-chain attacks on source code
Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …
Popular npm package hijacked, modified to deliver cryptominers
Several versions of the npm package for UA-parser.js, a widely used JavaScript library, have been modified to include malicious code and have been made available for download. …
Executives’ top concern in Q3 2021? New ransomware models
The threat of “new ransomware models” was the top concern facing executives in the third quarter of 2021, according to Gartner. Concerns about ransomware topped …
Organizations lack basic cybersecurity practices to combat the growing tide of ransomware
Organizations are not equipped to defend against ransomware due to deficiencies in implementing and sustaining basic cybersecurity practices, including managing privileged …
List of IT assets an attacker is most likely to target for exploitation
Randori released a report that identifies the most tempting IT assets that an attacker is likely to target and exploit. Leading up to the anniversary of the Solarwinds hack, …
Worldwide supply chains vulnerable as businesses lack visibility into suppliers
BlueVoyant released the findings of its second annual global survey into third-party cyber risk management. The study reveals that 97% of firms surveyed have been negatively …
2021 nastiest malware: Here to stay and ever evolving
This year was yet another year with COVID-19 and malware running rampant in the headlines. Be it in person or online, the world is still struggling in the fight against …