Containers have 600+ vulnerabilities on average

Containers are the fastest growing – and weakest cybersecurity link – in software supply chains, according to NetRise. Companies are struggling to get container security right. Issues from misconfigured clouds, containers, and networks to u… Continue reading Containers have 600+ vulnerabilities on average

Evaluating your organization’s application risk management journey

In this Help Net Security interview, Chris Wysopal, Chief Security Evangelist at Veracode, discusses strategies for CISOs to quantify application risk in financial terms. Wysopal outlines the need for continuous risk management practices and robust str… Continue reading Evaluating your organization’s application risk management journey

Effective strategies for measuring and testing cyber resilience

In this Help Net Security interview, Detective Superintendent Ian Kirby, CEO of the National Cyber Resilience Centre Group (NCRCG), discusses the emerging cyber threats and strategies organizations can use to increase cyber resilience. He emphasizes ba… Continue reading Effective strategies for measuring and testing cyber resilience

More frequent disruption operations needed to dent ransomware gangs, officials say

The comments from White House and ODNI officials ahead of a Counter Ransomware Initiative summit come as the gangs prove difficult to keep down.

The post More frequent disruption operations needed to dent ransomware gangs, officials say appeared first on CyberScoop.

Continue reading More frequent disruption operations needed to dent ransomware gangs, officials say

Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks

As organizations have fortified their defenses against direct network attacks, hackers have shifted their focus to exploiting vulnerabilities in the supply chain to gain backdoor access to systems.
The post Fortifying the Weakest Link: How to Safeguard… Continue reading Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks

Transportation, logistics companies targeted with lures impersonating fleet management software

Financially motivated threat actors are targeting North American companies in the transportation and logistics sector with tailored lures, info-stealing malware, and a clever new trick. How the attack unfolds According to Proofpoint threat researchers,… Continue reading Transportation, logistics companies targeted with lures impersonating fleet management software

Israel’s Pager Attacks and Supply Chain Vulnerabilities

Israel’s brazen attacks on Hezbollah last week, in which hundreds of pagers and two-way radios exploded and killed at least 37 people, graphically illustrated a threat that cybersecurity experts have been warning about for years: Our international supply chains for computerized equipment leave us vulnerable. And we have no good means to defend ourselves.

Though the deadly operations were stunning, none of the elements used to carry them out were particularly new. The tactics employed by Israel, which has neither confirmed nor denied any role, to hijack an international supply chain and embed plastic explosives in Hezbollah devices have been used for years. What’s new is that Israel put them together in such a devastating and extravagantly public fashion, bringing into stark relief what the future of great power competition will look like—in peacetime, wartime and the ever expanding …

Continue reading Israel’s Pager Attacks and Supply Chain Vulnerabilities