supply-chain attack – Page 2

How Cybersecurity Policy Has Changed Since the SolarWinds Attack

Posted on August 29, 2022 by Mike Elgan

Major cyberattacks since 2019 jolted the U.S. government and software industry into action. The succeeding years have seen executive orders, new funding, two summits and a newfound resolve. Because of those attacks, the federal government aims to fix the open-source software security threat altogether. But what has really come of these efforts in the last […]

The post How Cybersecurity Policy Has Changed Since the SolarWinds Attack appeared first on Security Intelligence.

Continue reading How Cybersecurity Policy Has Changed Since the SolarWinds Attack→

62% of Surveyed Organizations Hit By Supply Chain Attacks in 2021

Posted on May 12, 2022 by Jennifer Gregory

You’ve heard more about the supply chain in the past two years than you ever expected, or likely wanted. But, as a cybersecurity professional, you now have even more reason to pay attention besides not being able to get your favorite products at the grocery store. The apps used to develop software and run the […]

The post 62% of Surveyed Organizations Hit By Supply Chain Attacks in 2021 appeared first on Security Intelligence.

Continue reading 62% of Surveyed Organizations Hit By Supply Chain Attacks in 2021→

Ransomware Resilience Tops Findings in X-Force Threat Intelligence Index 2022

Posted on February 23, 2022 by John Zorabedian

For the third year in a row, ransomware was the top attack type globally in 2021, despite some successes last year by law enforcement to take down ransomware groups. This was among the top findings of IBM Security’s latest research published in the tenth annual X-Force Threat Intelligence Index, a comprehensive overview of the global […]

The post Ransomware Resilience Tops Findings in X-Force Threat Intelligence Index 2022 appeared first on Security Intelligence.

Continue reading Ransomware Resilience Tops Findings in X-Force Threat Intelligence Index 2022→

Zhengbang Pick & Places Your Confidential Data In The Bag, Slowly

Posted on January 23, 2022 by Arsenijs Picugins

A Zhengbang Pick&Place machine, with a Virustotal 53/69 result and "53 security vendors and 1 sandbox flagged this file as mailcious" crudely overlaid on top of the image

Isn’t it convenient when your pick-and-place machine arrives with a fully-set-up computer inside of it? Plug in a keyboard, mouse and a monitor, and you have a production line ready …read more Continue reading Zhengbang Pick & Places Your Confidential Data In The Bag, Slowly→

Cyber Awareness 2022: Consider Deepfakes, NFTs and More

Posted on January 6, 2022 by Jonathan Reed

From deepfakes to crypto crime to in-flight drone-based data theft, cyber awareness in 2022 will look a bit different. Good cyber awareness means knowing these risks, even if some of them sound stranger than science fiction. Cyber Awareness and Deepfake Crime What if you got a phone call from a trusted friend or colleague to […]

The post Cyber Awareness 2022: Consider Deepfakes, NFTs and More appeared first on Security Intelligence.

Continue reading Cyber Awareness 2022: Consider Deepfakes, NFTs and More→

APT annual review 2021

Posted on November 30, 2021 by GReAT

For this annual review, we have tried to focus on what we consider to be the most interesting trends and developments of the last 12 months. Continue reading APT annual review 2021→

Advanced threat predictions for 2022

Posted on November 17, 2021 by GReAT

Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict what might lie ahead in the coming year. Continue reading Advanced threat predictions for 2022→

A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers

Posted on November 9, 2021 by Abby Ross

Ransomware. Five years ago, the cybersecurity community knew that term well, although among others it was far from dinner table conversation. Times have changed. Since early 2020, ransomware has hit a slew of headlines. People inside and outside of the security industry are talking about it, and many have experienced the ransomware pain firsthand. The […]

The post A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers appeared first on Security Intelligence.

Continue reading A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers→

APT trends report Q3 2021

Posted on October 26, 2021 by GReAT

The APT trends reports are based on our threat intelligence research and provide a representative snapshot of what we have discussed in greater detail in our private APT reports. This is our latest installment, focusing on activities that we observed during Q3 2021. Continue reading APT trends report Q3 2021→

Supply Chain Attack: NPM Library Used By Facebook And Others Was Compromised

Posted on October 23, 2021 by Ryan Flowers

Here at Hackaday we love the good kinds of hacks, but now and then we need to bring up a less good kind. Today it was learned that the NPM package ua-parser-js …read more Continue reading Supply Chain Attack: NPM Library Used By Facebook And Others Was Compromised→