Security News

Buchman said tech supply chains are particularly vulnerable to air cargo changes and because many airlines have canceled flights around the world, this will create a down-chain gap that will become more apparent as manufacturing speeds up. The supply chain management company Anvyl has employees in China and said that his entire team has been quarantined twice.

As a result, companies are not always sure who they are dealing with and the amount of opacity within the supply chain has increased, Conway says. These developments, Conway says, are one reason why the dialogue around supply chain security should be changing and why different approaches are needed.

The U.S. is late to the 5G race. There are multiple strategies that policymakers can pursue to facilitate the near-term rollout of safer and more trusted 5G networks across the country, says Michael Chertoff, executive chairman of The Chertoff Group and former secretary of the Department of Homeland Security.

Three of the world's largest manufacturers had some IoT devices running Windows 7 infected with a piece of malware in what experts believe to be a supply chain attack. TrapX Security reported this week that it had identified a cryptocurrency miner on several IoT devices at some major manufacturers, including automatic guided vehicles, a printer and a smart TV. Ori Bach, the CEO of TrapX, told SecurityWeek that the attacks appeared to be part of the same campaign.

There is no evidence of backdoors in the Huawei equipment; the incident has not damaged relations between the African Union and China; and Huawei has stated, "These data leaks did not originate in technology supplied by Huawei to the AU. What Huawei supplied for the AU project included data center facilities, but those facilities did not have any storage or data transfer functions." Tony Scott concludes in his supply chain whitepaper, provided exclusively to SecurityWeek ahead of public release, a conclusion that is endorsed by Huawei's Purdy, that there is one essential element missing from all current supply chain solutions: independent product testing.

Purchase, NY-based Mastercard announced that it has agreed to acquire Salt Lake City, UT-based RiskRecon, an online security monitoring company that focuses on third-party risk management. Terms...

Study Aims to Show Links Between U.S. Voting Infrastructure and Nations With a Proven Aptitude and Desire to Target Elections read more

Here’s an overview of some of last week’s most interesting news and articles: 5G IoT security: Opportunity comes with risks Slowly but surely, 5G digital cellular networks are being set up around...

read more

It’s important for businesses of all sizes to not only view their suppliers’ attack surface as their own but also extend some of their security protections.