Security News

Hackers Target Real Estate Websites with Skimmer in Latest Supply Chain Attack
2022-01-05 20:16

Threat actors leveraged a cloud video hosting service to carry out a supply chain attack on more than 100 real estate websites operated by Sotheby's Realty that involved injecting malicious skimmers to steal sensitive personal information. "The attacker injected the skimmer JavaScript codes into video, so whenever others import the video, their websites get embedded with skimmer codes as well," Palo Alto Networks' Unit 42 researchers said in a report published this week.

Supply chains, ransomware, zero trust and other security predictions for 2022
2021-12-31 05:00

As 2021 draws to a close, no one in their right mind thinks that cybersecurity risk is just someone else's problem anymore; major cybersecurity incidents like the SolarWinds breach and the Colonial Pipeline ransomware attack have raised cybersecurity awareness among public opinions and decision-makers. Supply chain attackers can take various paths to slip malicious code or components into a trusted piece of software or hardware.

2022: Supply-Chain Chronic Pain & SaaS Security Meltdowns
2021-12-15 00:27

This past year, the pain was felt in two significant ways: through the supply chain disruptions caused by COVID-19, and through the many security breaches that we saw in our key IT suppliers. Many organizations have been caught off guard by the pervasive and long lasting repercussions of the supply chain crunch from COVID-19, exacerbating other supply chain bottlenecks further downstream and causing headaches for consumers and missed revenue targets for major corporations.

Cybercrime supply chain: Fueling the rise in ransomware
2021-12-06 05:30

Trend Micro released a research detailing the murky cybercrime supply chain behind much of the recent surge in ransomware attacks. "Media and corporate cybersecurity attention have been focused only on the ransomware payload when we need to focus first on mitigating the activity of initial access brokers," said David Sancho, senior threat researcher for Trend Micro.

The ripple effect: Why protection against supply chain attacks is a must
2021-12-01 05:50

Whether or not it was a state-sponsored venture, this attack proved to be a huge wake-up call and shone a spotlight on software supply chain attacks. Hence the emergence of one of the key growing attack vectors in 2021: the "Web supply chain attack".

Your supply chain: How and why network security and infrastructure matter
2021-11-26 06:00

Threats to the supply chain can take many forms, including malware attacks, piracy, unauthorized access to enterprise resources and data, and unintentional or maliciously injected backdoors in software source code. This means putting security at the center of the supply chain and making it a foundational element.

Securing open-source code supply chains may help prevent the next big cyberattack
2021-11-24 07:00

The software industry does not currently track the source of all code, nor does it grade the level of security standards applied in these international code factories. Establish a grading scale to rate each piece of code to more effectively determine the risk a company is inheriting from the code.

Research: Supply chain and COVID-19 challenges forces companies to shift their security strategies
2021-11-11 17:18

64% of survey respondents reported that their companies have concerns about security risks for supply chains. Toss in the COVID-19 pandemic and supply chain disruptions, and it's no wonder that enterprises are shifting their cybersecurity strategies.

As the holiday season approaches, threats to supply chain, e-commerce and travel soar
2021-11-11 04:15

As the 2021 holiday season approaches, supply chain and logistics, e-commerce and retail, and the travel industry see predictable increases in consumer and business activity - making them more vulnerable to cyber threats and leaving business, employee and consumer data at risk. In addition to increased consumer spending, the 2021 holiday season sees a significant impact on industries coping with the increase in consumer demands.

Retail industry security incidents soaring, worsened by the supply chain crisis
2021-11-09 04:30

Imperva's 12-month analysis on cybersecurity risks in the retail industry suggests that the 2021 holiday shopping season will be further disrupted by cybercriminals looking to create chaos and take advantage of an unprecedented global supply chain crisis. Given the widespread impact of the global supply chain crisis, the impact of a single cyber-attack on a retailer in Q4 could be devastating.