Securing your organization’s supply chain: Reducing the risks of third parties

When Stephen Hawking said that “we are all now connected by the internet, like neurons in a giant brain”, very few people understood the gravity of his statement. But ten years on from his famous interview with USA Today, it’s safe to say Hawking was a… Continue reading Securing your organization’s supply chain: Reducing the risks of third parties

Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets

The US government issues a red-alert for what appears to be a massive supply chain breach at Sisense, a company that sells big-data analytics tools.
The post Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets appeared first … Continue reading Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets

Backdoor in XZ Utils That Almost Happened

Last week, the Internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s an important moral to the story of the attack and its discovery: The security of the global Internet depends on countless obscure pieces of software written and maintained by even more obscure unpaid, distractible, and sometimes vulnerable volunteers. It’s an untenable situation, and one that is being exploited by malicious actors. Yet precious little is being done to remedy it…

Continue reading Backdoor in XZ Utils That Almost Happened

Supply chain attack sends shockwaves through open-source community

An operation to undermine the software utility XZ Utils has exposed the fragile human foundations on which the modern internet is built.

The post Supply chain attack sends shockwaves through open-source community appeared first on CyberScoop.

Continue reading Supply chain attack sends shockwaves through open-source community

The Tech Needed to Survive This Decade’s ‘Seismic’ APAC B2B Trends

From generative AI and virtual prototyping to the Internet of Things, blockchain and data analytics, Merkle has predicted that four shifts in the business-to-business market will shape tech buying appetites. Continue reading The Tech Needed to Survive This Decade’s ‘Seismic’ APAC B2B Trends

How CISOs tackle business payment fraud

In this Help Net Security video, Shai Gabay, CEO of Trustmi, discusses why payments are a source of cyber worry for CISOs. CISOs are worried about Business Email Compromise (BEC), cyber attackers’ use of AI, and securing the supply chain. These a… Continue reading How CISOs tackle business payment fraud

Binarly Attracts $10.5M to Tackle Software Supply Chain Security

Los Angeles firmware and software supply chain firm banks $10.5 million in seed-stage funding led by Two Bear Capital.
The post Binarly Attracts $10.5M to Tackle Software Supply Chain Security appeared first on SecurityWeek.
Continue reading Binarly Attracts $10.5M to Tackle Software Supply Chain Security

Finite State Raises $20 Million to Grow Software Supply Chain Security Business

Software risk management firm Finite State has raised a $20 million growth round led by Energy Impact Partners (EIP).
The post Finite State Raises $20 Million to Grow Software Supply Chain Security Business appeared first on SecurityWeek.
Continue reading Finite State Raises $20 Million to Grow Software Supply Chain Security Business