Collaborate Disseminate
In this Help Net Security interview, Chris Wysopal, Chief Security Evangelist at Veracode, discusses strategies for CISOs to quantify application risk in financial terms. Wysopal outlines the need for continuous risk management practices and robust str… Continue reading Evaluating your organization’s application risk management journey
In this Help Net Security interview, Detective Superintendent Ian Kirby, CEO of the National Cyber Resilience Centre Group (NCRCG), discusses the emerging cyber threats and strategies organizations can use to increase cyber resilience. He emphasizes ba… Continue reading Effective strategies for measuring and testing cyber resilience
The open-source ecosystem is being overrun by malicious packages, a new report from Sonatype finds.
The post Malicious packages in open-source repositories are surging appeared first on CyberScoop.
Continue reading Malicious packages in open-source repositories are surging
The comments from White House and ODNI officials ahead of a Counter Ransomware Initiative summit come as the gangs prove difficult to keep down.
The post More frequent disruption operations needed to dent ransomware gangs, officials say appeared first on CyberScoop.
Continue reading More frequent disruption operations needed to dent ransomware gangs, officials say
As organizations have fortified their defenses against direct network attacks, hackers have shifted their focus to exploiting vulnerabilities in the supply chain to gain backdoor access to systems.
The post Fortifying the Weakest Link: How to Safeguard… Continue reading Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks
Financially motivated threat actors are targeting North American companies in the transportation and logistics sector with tailored lures, info-stealing malware, and a clever new trick. How the attack unfolds According to Proofpoint threat researchers,… Continue reading Transportation, logistics companies targeted with lures impersonating fleet management software
Israel’s brazen attacks on Hezbollah last week, in which hundreds of pagers and two-way radios exploded and killed at least 37 people, graphically illustrated a threat that cybersecurity experts have been warning about for years: Our international supply chains for computerized equipment leave us vulnerable. And we have no good means to defend ourselves.
Though the deadly operations were stunning, none of the elements used to carry them out were particularly new. The tactics employed by Israel, which has neither confirmed nor denied any role, to hijack an international supply chain and embed plastic explosives in Hezbollah devices have been used for years. What’s new is that Israel put them together in such a devastating and extravagantly public fashion, bringing into stark relief what the future of great power competition will look like—in peacetime, wartime and the ever expanding …
Continue reading Israel’s Pager Attacks and Supply Chain Vulnerabilities
The ban for hardware and software could happen within three to seven years.
The post White House proposes rule to ban Chinese, Russian parts for networked vehicles appeared first on CyberScoop.
Continue reading White House proposes rule to ban Chinese, Russian parts for networked vehicles
Paid maintainers are 55% more likely to implement critical security and maintenance practices than unpaid maintainers and are dedicating more time to implementing security practices like those included in industry standards like the OpenSSF Scorecard a… Continue reading Paid open-source maintainers spend more time on security
In an interview with CyberScoop, Nate Fick also discussed the structure of his office and regions of emphasis.
The post Deterrence in cyberspace is possible — and ‘urgent’ — amid ‘alarming’ hybrid attacks, State cyber ambassador says appeared first on CyberScoop.