Security News

America Seeks 5G and Supply Chain Security
2020-03-03 19:33

The U.S. is late to the 5G race. There are multiple strategies that policymakers can pursue to facilitate the near-term rollout of safer and more trusted 5G networks across the country, says Michael Chertoff, executive chairman of The Chertoff Group and former secretary of the Department of Homeland Security.

IoT Devices at Major Manufacturers Infected With Malware via Supply Chain Attack
2020-02-07 18:04

Three of the world's largest manufacturers had some IoT devices running Windows 7 infected with a piece of malware in what experts believe to be a supply chain attack. TrapX Security reported this week that it had identified a cryptocurrency miner on several IoT devices at some major manufacturers, including automatic guided vehicles, a printer and a smart TV. Ori Bach, the CEO of TrapX, told SecurityWeek that the attacks appeared to be part of the same campaign.

Huawei and Supply Chain Security - The Great Geopolitical Debate
2020-01-27 14:23

There is no evidence of backdoors in the Huawei equipment; the incident has not damaged relations between the African Union and China; and Huawei has stated, "These data leaks did not originate in technology supplied by Huawei to the AU. What Huawei supplied for the AU project included data center facilities, but those facilities did not have any storage or data transfer functions." Tony Scott concludes in his supply chain whitepaper, provided exclusively to SecurityWeek ahead of public release, a conclusion that is endorsed by Huawei's Purdy, that there is one essential element missing from all current supply chain solutions: independent product testing.

Mastercard to Buy Supply Chain Monitoring Firm RiskRecon
2019-12-24 13:49

Purchase, NY-based Mastercard announced that it has agreed to acquire Salt Lake City, UT-based RiskRecon, an online security monitoring company that focuses on third-party risk management. Terms...

Firm Analyzes China, Russia-based Supply Chain Risks of Electronic Voting Machines
2019-12-16 15:00

Study Aims to Show Links Between U.S. Voting Infrastructure and Nations With a Proven Aptitude and Desire to Target Elections read more

Week in review: 5G IoT security, efficient password cracking for pentesters, supply chain examination
2019-12-08 11:10

Here’s an overview of some of last week’s most interesting news and articles: 5G IoT security: Opportunity comes with risks Slowly but surely, 5G digital cellular networks are being set up around...

Intel Announces Compute Lifecycle Assurance to Protect Platform Supply Chains
2019-12-04 18:24

read more

Supply Chain Account Takeover: How Criminals Exploit Third-Party Access
2019-12-03 14:00

It’s important for businesses of all sizes to not only view their suppliers’ attack surface as their own but also extend some of their security protections.

Supply chain examination: Planning for vulnerabilities you can’t control
2019-12-03 06:35

Seemingly, there are numerous occurrences when the customer’s personally identifiable information stored by an organization’s third-party provider is set loose by malicious intentioned actors....

ICT Supply-Chain Security
2019-10-29 11:09

The Carnegie Endowment for Peace published a comprehensive report on ICT (information and communication technologies) supply-chain security and integrity. It's a good read, but nothing that those...