supply chain attack
Software supply chain security is broader than SolarWinds and Log4J
Here's a comprehensive look at some of the lesser-known, but no less serious, types of software supply chain attacks.
Microsoft disrupts Iranian-linked hackers targeting organizations in Israel
Microsoft said on Thursday that it has successfully “identified and disabled” a previously unreported Lebanon-based hacking group that it believes is working with Iranian intelligence. T
Viasat cyberattack blamed on Russian wiper malware
The recent cyberattack on U.S. satellite communications provider Viasat, an incident that triggered satellite service outages across central and eastern Europe, was likely the result of destructive wi
Vicarius raises $24M to build out its vulnerability remediation platform
Vicarius, a New York-based startup that has developed an autonomous vulnerability remediation platform, has raised $24 million in Series A funding to protect organizations from the next major supply-c
Cycode raises $56M Series B to help secure software supply chains
Cycode, a startup that helps businesses secure their DevOps pipelines and software supply chains, today announced that it has raised a $56 million Series B funding round led by Insight Partners. YL Ve
Checkmarx acquires open-source supply chain security startup Dustico
Checkmarx, an Israeli provider of static application security testing (AST), has acquired open-source supply chain security startup Dustico for an undisclosed sum. Founded in 2020, Dustico provides
Passwordstate customers complain of silence and secrecy after cyberattack
It has been over three months since Click Studios, the Australian software house behind the enterprise password manager Passwordstate, warned its customers to “commence resetting all passwords.&
Biden’s executive order on cybersecurity should include behavior transparency
The cyber executive order, alongside sanctions on Russia, are strong indications the Biden administration intends to take a far more proactive approach to cybersecurity. But it's not quite enough.
SolarWinds hackers targeted NASA, Federal Aviation Administration networks
Hackers are said to have broken into the networks of U.S. space agency NASA and the Federal Aviation Administration as part of a wider espionage campaign targeting U.S. government agencies and private
After the FireEye and SolarWinds breaches, what’s your failsafe?
Breaches of this magnitude are going to happen. If they’re something your organization needs to be resilient against, then it’s best to be prepared for them.
Just how bad is that hack that hit US government agencies?
"There’s not a single organization who can claim cybersecurity perfection."
Hackers dropped a secret backdoor in Asus’ update software
Hackers targeted and compromised “hundreds of thousands” of Asus computer owners by pushing a backdoored update software tool from the company’s own servers. The bombshell claims, fi
CCleaner supply chain malware targeted tech giants
Malware that piggybacked on CCleaner, a popular free software tool for optimizing system performance on PCs, appears to have specifically targeted high profile technology companies and may have been a