Security News

Lazarus - a North Korean advanced persistent threat group - is working on launching cyberespionage-focused attacks on supply chains with its multi-platform MATA framework. The MATA malware framework can target three operating systems: Windows, Linux and macOS. MATA has historically been used to steal customer databases and to spread ransomware in various industries, but in June, Kaspersky researchers tracked Lazarus using MATA for cyber-espionage.

North Korean-sponsored Lazarus hacking group has switched focus on new targets and was observed by Kaspersky security researchers expanding its supply chain attack capabilities. Lazarus used a new variant of the BLINDINGCAN backdoor to target a South Korean think tank in June after deploying it to breach a Latvian IT vendor in May. "In the first case discovered by Kaspersky researchers, Lazarus developed an infection chain that stemmed from legitimate South Korean security software deploying a malicious payload," the researchers said.

The SolarWinds attackers - an advanced persistent threat known as Nobelium - have started a new wave of supply-chain intrusions, this time using the technology reseller/service provider community to attack their targets. "While the SolarWinds supply-chain attack involved malicious code inserted in legitimate software, most of this recent intrusion activity has involved leveraging stolen identities and the networks of technology solutions, services and reseller companies in North America and Europe to ultimately access the environments of organizations that are targeted by the Russian government."

Historically, it's a big national security concern, as it should be, whether other governments might be poison-pilling some of our software and supply chains. CW. Well, certainly one place to start with as a software provider is understanding that the security of your software is only as good as the security of your entire environment that's used to build and maintain that software.

Weather events and port issues have caused major disruptions in the global supply chain. So here are five tips for dealing with supply chain disruptions.

CISO at JupiterOne, discusses software bills of materials and the need for a shift in thinking about securing software supply chains. In the wake of the SolarWinds attack last year, President Biden issued an executive order in May advocating for mandatory software bills of materials, or SBOMs, to increase software transparency and counter supply-chain attacks.

Companies still not prioritizing their vulnerable supply chains Only 13% of companies said that third-party cyber risk was NOT a priority, a drop compared to last year when 22% of companies said that supply chain and third-party cyber risk was not on their radar. Adam Bixler continues: "Budget increases demonstrate that firms are recognising the need to invest in cybersecurity and vendor risk management. However, the wide yet consistent array of pain points suggests that this investment is not as effective as it could be. This, tied to the lack of visibility, monitoring and senior-level reporting, underscores a lack of strategy when approaching third-party cyber risk which unfortunately is only going to lead to more breaches."

In a survey by BlueVoyant, 97% of people said they've been impacted by a security breach that occurred in their supply chain. How do you combat something over which you seemingly have little or no control? A report by cybersecurity provider BlueVoyant looks at supply chain security breaches and offers tips on how to prevent them.

A survey of C-level executives released by CloudBees reveals high confidence levels in software supply chain security but a limited understanding of the essential components that make a software supply chain secure. Executives overwhelmingly claim their software supply chains are secure or very secure and 93% say they are prepared to deal with an issue such as ransomware or a cyberattack on their supply chain.

In this interview with Help Net Security, Brandon Hoffman, CISO at Intel 471, talks about the growing threat of supply chain attacks, the most common supply chain vulnerabilities and how the right threat intelligence can help stay on top of these threats. We are witnessing a growing number of supply chain attacks lately, and cybercriminals are becoming stealthier and smarter.