Security News
![America Seeks 5G and Supply Chain Security](/static/build/img/news/alt/cybersecurity-attacker-small.jpg)
The U.S. is late to the 5G race. There are multiple strategies that policymakers can pursue to facilitate the near-term rollout of safer and more trusted 5G networks across the country, says Michael Chertoff, executive chairman of The Chertoff Group and former secretary of the Department of Homeland Security.
![IoT Devices at Major Manufacturers Infected With Malware via Supply Chain Attack](/static/build/img/news/alt/cyberattack-statistics-1-small.jpg)
Three of the world's largest manufacturers had some IoT devices running Windows 7 infected with a piece of malware in what experts believe to be a supply chain attack. TrapX Security reported this week that it had identified a cryptocurrency miner on several IoT devices at some major manufacturers, including automatic guided vehicles, a printer and a smart TV. Ori Bach, the CEO of TrapX, told SecurityWeek that the attacks appeared to be part of the same campaign.
![Huawei and Supply Chain Security - The Great Geopolitical Debate](/static/build/img/news/alt/cybersecurity-attacker-small.jpg)
There is no evidence of backdoors in the Huawei equipment; the incident has not damaged relations between the African Union and China; and Huawei has stated, "These data leaks did not originate in technology supplied by Huawei to the AU. What Huawei supplied for the AU project included data center facilities, but those facilities did not have any storage or data transfer functions." Tony Scott concludes in his supply chain whitepaper, provided exclusively to SecurityWeek ahead of public release, a conclusion that is endorsed by Huawei's Purdy, that there is one essential element missing from all current supply chain solutions: independent product testing.
![Mastercard to Buy Supply Chain Monitoring Firm RiskRecon](/static/build/img/news/alt/web-statistics-2-small.jpg)
Purchase, NY-based Mastercard announced that it has agreed to acquire Salt Lake City, UT-based RiskRecon, an online security monitoring company that focuses on third-party risk management. Terms...
![Firm Analyzes China, Russia-based Supply Chain Risks of Electronic Voting Machines](/static/build/img/news/alt/cyber-threat-stats-small.jpg)
Study Aims to Show Links Between U.S. Voting Infrastructure and Nations With a Proven Aptitude and Desire to Target Elections read more
![Week in review: 5G IoT security, efficient password cracking for pentesters, supply chain examination](/static/build/img/news/alt/hackers-statistics-small.jpg)
Here’s an overview of some of last week’s most interesting news and articles: 5G IoT security: Opportunity comes with risks Slowly but surely, 5G digital cellular networks are being set up around...
![Intel Announces Compute Lifecycle Assurance to Protect Platform Supply Chains](/static/build/img/news/alt/ransomware-statistics-small.jpg)
read more
![Supply Chain Account Takeover: How Criminals Exploit Third-Party Access](/static/build/img/news/alt/DDoS-small.jpg)
It’s important for businesses of all sizes to not only view their suppliers’ attack surface as their own but also extend some of their security protections.
![Supply chain examination: Planning for vulnerabilities you can’t control](/static/build/img/news/alt/mac-stats-small.jpg)
Seemingly, there are numerous occurrences when the customer’s personally identifiable information stored by an organization’s third-party provider is set loose by malicious intentioned actors....
![ICT Supply-Chain Security](/static/build/img/news/alt/breach-statistics-small.jpg)
The Carnegie Endowment for Peace published a comprehensive report on ICT (information and communication technologies) supply-chain security and integrity. It's a good read, but nothing that those...