Security News

NIST Updates Cybersecurity Framework to Tackle Supply Chain Threats, Vulnerability Disclosure and More
2018-04-30 15:49

Version 1.1 includes updates on authentication and identity, self-assessment, supply-chain security and vulnerability disclosure, among other changes.

Mocana Launches Supply Chain Integrity Platform to Secure IoT, ICS Devices
2018-04-12 16:05

Mocana TrustCenter Manages Security Across IoT and ICS Device Lifecycles read more

How to minimize healthcare supply chain threats
2018-04-10 12:42

There are many reasons why healthcare institutions have poor cybersecurity: most resources go towards providing patient care and not enough is left for cybersecurity; not all hospitals have a...

Mitigating Risk of Supply Chain Attacks
2017-11-09 16:35

As I’ve written before, sophisticated adversaries are finding vulnerabilities wherever they can, and often that means looking to an organization’s supply chain for weaknesses in defenses. They’ll...

Supply Chain Attack Spreads macOS RAT
2017-10-20 11:52

Proton, a remote access tool (RAT) that emerged in early 2017, has once again compromised a legitimate software’s distribution channel to spread, ESET warns. read more

Equifax Hack: Keep Your Friends Close, but Your Supply Chain Closer
2017-10-18 16:23

After more than 145 million customer records were compromised in the Equifax data breach, the company’s stock plummeted by more than 30 percent. That amounted to market capitalization losses north...

CyberGRX Partners With BitSight to Address Supply Chain Risks
2017-09-18 13:12

Partnership Integrates BitSight’s Security Ratings Capabilities With CyberGRX Third-Party Cyber Risk Exchange read more

Supply Chain Woes, Again: NetSarang Popped (InfoRiskToday)
2017-08-16 13:33

Server Management Vendor Backdoored; Updates IssuedThere's little defense against software updates that have been seeded with malicious code. Kaspersky Lab says attackers planted a backdoor in...

Cobalt Hackers Now Using Supply Chain Attacks (Security Week)
2017-08-02 17:01

After expanding operations to Americas earlier this year, the financially-motivated "Cobalt" cybercriminal group has changed techniques and is now using supply chain attacks to target an...