Collaborate Disseminate
Okta has released additional details about the security incident caused by the Lapsus$ gang, and has named the contractor involved: Sitel. What happened? “Like many SaaS providers, Okta uses several companies (‘sub-processors’) to exp… Continue reading Okta names contractor involved in Lapsus$ gang’s attack
The ongoing global turmoil has tested the supply chain across industries in a myriad of ways – from strained resources and remote workflows to security concerns and more. Sustaining a resilient supply chain is one area where many organizations have see… Continue reading Strengthening third-party vendor programs in times of crisis and beyond
Recent claims by the cyber extortion gang have been validated by Okta and Microsoft: Lapsus$ have managed to get their hands on some of Microsoft’s source code and have gained access to the laptop of a support engineer working for a third-party c… Continue reading Microsoft and Okta comfirm, detail impact of Lapsus$ gang’s attacks
In the face of rising cybersecurity threats, the Biden administration issued an executive order in May 2021 calling for improvements in the supply chain. Among the recommended requirements is a software bill of materials (SBOM) for software vendors con… Continue reading Why banks should incorporate software bill of materials (SBOM) into their third-party risk programs
ZeroFox published a threat intelligence forecast for 2022, detailing expected cybercriminal behavior trends including ransomware, malware-as-a-service, vulnerabilities and exploits. Within the report, the ZeroFox Intelligence team reviews 12 months of … Continue reading Top threat activities this year
Panorays has identified the top five most common cyber gaps among third-party organizations over 2021. Analyzing data gathered from cyber posture evaluations of tens of thousands of vendors across various industries, Panorays pinpointed compromised cre… Continue reading The most common cyber gaps threatening supply chain security
In the wake of the SolarWinds and Kaseya attacks, third-party cybersecurity risks remain top of mind for security leaders. Nonetheless, CISOs continue to experience significant friction with third-party risk management (TPRM). According to the latest C… Continue reading Contextualizing supply chain risks in a SaaS environment
Black Kite released its annual Third-Party Breach Report, which examines the impact of third-party cyber breaches in 2021. Ransomware was the most common attack method behind third-party breaches in 2021, initiating more than one out of four incidents … Continue reading Healthcare industry most common victim of third-party breaches last year
Whatever sector your business operates in, you will depend on third parties to provide you with goods and services to support what you do. Whether you are a small printing services company working with an accountant or an organization with a full manuf… Continue reading Supply chain cybersecurity: Pain or pleasure?
BlueVoyant released the findings of its second annual global survey into third-party cyber risk management. The study reveals that 97% of firms surveyed have been negatively impacted by a cybersecurity breach that occurred in their supply chain. 93% ad… Continue reading Worldwide supply chains vulnerable as businesses lack visibility into suppliers