4 trends in software supply chain security

Some of the biggest and most infamous cyberattacks of the past decade were caused by a security breakdown in the software supply chain. SolarWinds was probably the most well-known, but it was not alone. Incidents against companies like Equifax and tools like MOVEit also wreaked havoc for organizations and customers whose sensitive information was compromised. […]

The post 4 trends in software supply chain security appeared first on Security Intelligence.

Continue reading 4 trends in software supply chain security

4 trends in software supply chain security

Some of the biggest and most infamous cyberattacks of the past decade were caused by a security breakdown in the software supply chain. SolarWinds was probably the most well-known, but it was not alone. Incidents against companies like Equifax and tools like MOVEit also wreaked havoc for organizations and customers whose sensitive information was compromised. […]

The post 4 trends in software supply chain security appeared first on Security Intelligence.

Continue reading 4 trends in software supply chain security

Biden cyber executive order gets mostly plaudits, but its fate is uncertain

At least one key Republican told CyberScoop that he wasn’t happy about the last-minute nature of the EO.

The post Biden cyber executive order gets mostly plaudits, but its fate is uncertain appeared first on CyberScoop.

Continue reading Biden cyber executive order gets mostly plaudits, but its fate is uncertain

Why do software vendors have such deep access into customer systems?

To the naked eye, organizations are independent entities trying to make their individual mark on the world. But that was never the reality. Companies rely on other businesses to stay up and running. A grocery store needs its food suppliers; a tech company relies on the business making semiconductors and hardware. No one can go […]

The post Why do software vendors have such deep access into customer systems? appeared first on Security Intelligence.

Continue reading Why do software vendors have such deep access into customer systems?

Zero-Day Breach at Rackspace Sparks Vendor Blame Game

A breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day.
The post Zero-Day Breach at Rackspace Sparks Vendor Blame Game appeared first on SecurityWeek.
Continue reading Zero-Day Breach at Rackspace Sparks Vendor Blame Game

Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks

As organizations have fortified their defenses against direct network attacks, hackers have shifted their focus to exploiting vulnerabilities in the supply chain to gain backdoor access to systems.
The post Fortifying the Weakest Link: How to Safeguard… Continue reading Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks

Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads

Software supply chain security startup Chainguard raises a $140 million Series C round that values the company at $1.2 billion.
The post Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads appeared first on SecurityWeek.
Continue reading Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads

Judge Dismisses Major SEC Charges Against SolarWinds and CISO 

Judge dismissed SEC lawsuit charging SolarWinds and CISO Timothy Brown with hiding security problems before and after the SUNBURST supply chain compromise.
The post Judge Dismisses Major SEC Charges Against SolarWinds and CISO  appeared first on Securi… Continue reading Judge Dismisses Major SEC Charges Against SolarWinds and CISO 

GitLab Ships Update for Critical Pipeline Execution Vulnerability

GitLab issues an advisory for a critical-severity vulnerability that allows an attacker to trigger a pipeline as another user.
The post GitLab Ships Update for Critical Pipeline Execution Vulnerability appeared first on SecurityWeek.
Continue reading GitLab Ships Update for Critical Pipeline Execution Vulnerability