The incident responders investigating how hackers carried out a complex supply-chain attack targeting enterprise phone provider 3CX say the company was compromised by another supply chain attack. 3CX
Enterprise phone provider 3CX has confirmed that North Korea–backed hackers were behind last month’s supply chain attack that appeared to target cryptocurrency companies. 3CX, which provides onlin
Multiple security firms have sounded the alarm about an active supply chain attack that’s using a trojanized version of 3CX’s widely used voice and video-calling client to target downstream cu
Here's a comprehensive look at some of the lesser-known, but no less serious, types of software supply chain attacks.
Microsoft said on Thursday that it has successfully “identified and disabled” a previously unreported Lebanon-based hacking group that it believes is working with Iranian intelligence. T
The recent cyberattack on U.S. satellite communications provider Viasat, an incident that triggered satellite service outages across central and eastern Europe, was likely the result of destructive wi
Vicarius, a New York-based startup that has developed an autonomous vulnerability remediation platform, has raised $24 million in Series A funding to protect organizations from the next major supply-c
Cycode, a startup that helps businesses secure their DevOps pipelines and software supply chains, today announced that it has raised a $56 million Series B funding round led by Insight Partners. YL Ve
Checkmarx, an Israeli provider of static application security testing (AST), has acquired open-source supply chain security startup Dustico for an undisclosed sum. Founded in 2020, Dustico provides
It has been over three months since Click Studios, the Australian software house behind the enterprise password manager Passwordstate, warned its customers to “commence resetting all passwords.&
The cyber executive order, alongside sanctions on Russia, are strong indications the Biden administration intends to take a far more proactive approach to cybersecurity. But it's not quite enough.
Hackers are said to have broken into the networks of U.S. space agency NASA and the Federal Aviation Administration as part of a wider espionage campaign targeting U.S. government agencies and private
Breaches of this magnitude are going to happen. If they’re something your organization needs to be resilient against, then it’s best to be prepared for them.
"There’s not a single organization who can claim cybersecurity perfection."
Hackers targeted and compromised “hundreds of thousands” of Asus computer owners by pushing a backdoored update software tool from the company’s own servers. The bombshell claims, fi
Malware that piggybacked on CCleaner, a popular free software tool for optimizing system performance on PCs, appears to have specifically targeted high profile technology companies and may have been a