Please turn on your JavaScript for this page to function normally.

supply chain compromise

PHP
Attackers tried to insert backdoor into PHP source code

The PHP development team has averted an attempted supply chain compromise that could have opened a backdoor into many web servers. What happened? “[On Sunday, March 28] …

bomb
Adversaries exploit supply chains, double down on COVID-19 and ransomware

Supply chain attacks, ransomware, data extortion and nation-state threats prove to be more prolific than ever, a CrowdStrike report suggests. eCrime attacks made up 79% of all …

SolarWinds
SolarWinds hack investigation reveals new Sunspot malware

Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. …

risk
2021 key risk areas beyond the pandemic

Healix International has identified six key areas of risk – besides the continued impact of COVID-19 – for global organizations in 2021. Natural disasters The increasing …

SolarWinds
Microsoft was also a victim of the SolarWinds supply chain hack

Microsoft has confirmed that it, too, is among the companies who have downloaded the compromised SolarWinds Orion updates, but that they have isolated and removed them. …

hand
SolarWinds hackers’ capabilities include bypassing MFA

As the list of known organizations compromised by way of the SolarWinds supply chain attack is slowly growing – according to Reuters, the attackers also breached U.S. …

USA flag
Hackers breached U.S. government agencies via compromised SolarWinds Orion software

A “highly sophisticated” hacking group has breached the U.S. Treasury Department, the U.S. Department of Commerce’s National Telecommunications and …

5G
Operator‑billed 5G connections revenue to reach $357 billion by 2025

Operator‑billed revenue from 5G connections will reach $357 billion by 2025, rising from $5 billion in 2020, its first full year of commercial service, according to Juniper …

bomb
The biggest cyber threats organizations deal with today

Microsoft has released a new report outlining enterprise cyberattack trends in the past year (July 2019 – June 2020) and offering advice on how organizations can protect …

snake
Surge in cyber attacks targeting open source software projects

There has been a massive 430% surge in next generation cyber attacks aimed at actively infiltrating open source software supply chains, Sonatype has found. Rise of next-gen …

RubyGems
760+ malicious packages found typosquatting on RubyGems

Researchers have discovered over 760 malicious Ruby packages (aka “gems”) typosquatting on RubyGems, the Ruby community’s gem repository / hosting service. The …

stop
Third-party risk is broken, businesses unprepared for supply chain disruptions

Many companies are not dedicating proper resources to assess third-party risks, and those that are still lack confidence in their programs, according to Prevalent. Supply …

Don't miss

Cybersecurity news