supply chain

Containers have 600+ vulnerabilities on average

Containers have 600+ vulnerabilities on average 2024-12-11 at 06:31 By Help Net Security Containers are the fastest growing – and weakest cybersecurity link – in software supply chains, according to NetRise. Companies are struggling to get container security right. Issues from misconfigured clouds, containers, and networks to uncertainty over who owns container security throughout the […]

React to this headline:

Loading spinner

Containers have 600+ vulnerabilities on average Read More »

Evaluating your organization’s application risk management journey

Evaluating your organization’s application risk management journey 2024-11-12 at 07:33 By Mirko Zorz In this Help Net Security interview, Chris Wysopal, Chief Security Evangelist at Veracode, discusses strategies for CISOs to quantify application risk in financial terms. Wysopal outlines the need for continuous risk management practices and robust strategies to manage third-party software dependencies, ensuring

React to this headline:

Loading spinner

Evaluating your organization’s application risk management journey Read More »

Effective strategies for measuring and testing cyber resilience

Effective strategies for measuring and testing cyber resilience 2024-10-23 at 08:02 By Mirko Zorz In this Help Net Security interview, Detective Superintendent Ian Kirby, CEO of the National Cyber Resilience Centre Group (NCRCG), discusses the emerging cyber threats and strategies organizations can use to increase cyber resilience. He emphasizes basic cyber hygiene, security awareness training,

React to this headline:

Loading spinner

Effective strategies for measuring and testing cyber resilience Read More »

Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks

Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks 2024-09-26 at 15:01 By Torsten George As organizations have fortified their defenses against direct network attacks, hackers have shifted their focus to exploiting vulnerabilities in the supply chain to gain backdoor access to systems. The post Fortifying the Weakest Link: How to Safeguard Against

React to this headline:

Loading spinner

Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks Read More »

Transportation, logistics companies targeted with lures impersonating fleet management software

Transportation, logistics companies targeted with lures impersonating fleet management software 2024-09-24 at 17:46 By Zeljka Zorz Financially motivated threat actors are targeting North American companies in the transportation and logistics sector with tailored lures, info-stealing malware, and a clever new trick. How the attack unfolds According to Proofpoint threat researchers, the attackers start by compromising

React to this headline:

Loading spinner

Transportation, logistics companies targeted with lures impersonating fleet management software Read More »

Paid open-source maintainers spend more time on security

Paid open-source maintainers spend more time on security 2024-09-23 at 06:31 By Help Net Security Paid maintainers are 55% more likely to implement critical security and maintenance practices than unpaid maintainers and are dedicating more time to implementing security practices like those included in industry standards like the OpenSSF Scorecard and the NIST Secure Software

React to this headline:

Loading spinner

Paid open-source maintainers spend more time on security Read More »

Software Security Firm RunSafe Raises $12 Million in Series B Funding

Software Security Firm RunSafe Raises $12 Million in Series B Funding 2024-09-17 at 17:34 By Eduard Kovacs RunSafe Security has raised $12 million in a Series B funding round for a solution designed to help companies develop secure software. The post Software Security Firm RunSafe Raises $12 Million in Series B Funding appeared first on

React to this headline:

Loading spinner

Software Security Firm RunSafe Raises $12 Million in Series B Funding Read More »

Misconfigurations and IAM weaknesses top cloud security concerns

Misconfigurations and IAM weaknesses top cloud security concerns 2024-08-12 at 06:02 By Help Net Security Traditional cloud security issues often associated with cloud service providers (CSPs) are continuing to decrease in importance, according to the Top Threats to Cloud Computing 2024 report by the Cloud Security Alliance. Misconfigurations, IAM weaknesses, and API risks remain critical

React to this headline:

Loading spinner

Misconfigurations and IAM weaknesses top cloud security concerns Read More »

Sports venues must vet their vendors to maintain security

Sports venues must vet their vendors to maintain security 2024-08-07 at 07:31 By Help Net Security Sporting events generate a lot of consumer activity, from hotels and restaurants to retail. Large sporting events are held together by webs of connectivity that include vendors, sponsors, employees, and consumers. These networks connect ticketing, merchandising, venue access, live

React to this headline:

Loading spinner

Sports venues must vet their vendors to maintain security Read More »

Software Supply Chain Security Firm Lineaje Raises $20M in Series A Funding

Software Supply Chain Security Firm Lineaje Raises $20M in Series A Funding 2024-07-30 at 17:01 By Eduard Kovacs Software supply chain security startup Lineaje has raised $20 million in a Series A funding round that brings the total to $27 million.  The post Software Supply Chain Security Firm Lineaje Raises $20M in Series A Funding

React to this headline:

Loading spinner

Software Supply Chain Security Firm Lineaje Raises $20M in Series A Funding Read More »

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity 2024-06-28 at 12:46 By Ionut Arghire Namecheap shut down polyfill.io amid reports of malicious activity, but the Chinese owner claims it has good intentions. The post Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity Read More »

Polyfill Supply Chain Attack Hits Over 100k Websites 

Polyfill Supply Chain Attack Hits Over 100k Websites  2024-06-26 at 14:16 By Ionut Arghire More than 100,000 websites are affected by a supply chain attack injecting malware via a Polyfill domain. The post Polyfill Supply Chain Attack Hits Over 100k Websites  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Polyfill Supply Chain Attack Hits Over 100k Websites  Read More »

Several Plugins Compromised in WordPress Supply Chain Attack 

Several Plugins Compromised in WordPress Supply Chain Attack  2024-06-25 at 16:01 By Ionut Arghire Five WordPress plugins were injected with malicious code that creates a new administrative account. The post Several Plugins Compromised in WordPress Supply Chain Attack  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Several Plugins Compromised in WordPress Supply Chain Attack  Read More »

Organizations struggle to defend against ransomware

Organizations struggle to defend against ransomware 2024-05-17 at 07:01 By Help Net Security In this Help Net Security video, Jeremy Nichols, Director, Global Threat Intelligence Center at NTT Security Holdings, discusses a recent surge in ransomware incidents. After a down year in 2022, ransomware and extortion incidents increased in 2023. More than 5,000 ransomware victims

React to this headline:

Loading spinner

Organizations struggle to defend against ransomware Read More »

Is an open-source AI vulnerability next?

Is an open-source AI vulnerability next? 2024-05-16 at 08:31 By Help Net Security AI has captured widespread interest and offers numerous benefits. However, its rapid advancement and widespread adoption raise concerns, especially for those of us in cybersecurity. With so much interest, there are lots of insecure applications finding their way onto our devices and

React to this headline:

Loading spinner

Is an open-source AI vulnerability next? Read More »

Securing your organization’s supply chain: Reducing the risks of third parties

Securing your organization’s supply chain: Reducing the risks of third parties 2024-05-02 at 08:16 By Help Net Security When Stephen Hawking said that “we are all now connected by the internet, like neurons in a giant brain”, very few people understood the gravity of his statement. But ten years on from his famous interview with

React to this headline:

Loading spinner

Securing your organization’s supply chain: Reducing the risks of third parties Read More »

Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets

Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets 2024-04-11 at 19:46 By Ryan Naraine The US government issues a red-alert for what appears to be a massive supply chain breach at Sisense, a company that sells big-data analytics tools. The post Sisense Data Breach Triggers CISA Alert and Urgent Calls for

React to this headline:

Loading spinner

Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets Read More »

XZ Utils Backdoor Attack Brings Another Similar Incident to Light

XZ Utils Backdoor Attack Brings Another Similar Incident to Light 2024-04-03 at 14:16 By Eduard Kovacs The discovery of the XZ Utils backdoor reminds an F-Droid developer of a similar incident that occurred a few years ago. The post XZ Utils Backdoor Attack Brings Another Similar Incident to Light appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

XZ Utils Backdoor Attack Brings Another Similar Incident to Light Read More »

How CISOs tackle business payment fraud

How CISOs tackle business payment fraud 2024-03-28 at 07:01 By Help Net Security In this Help Net Security video, Shai Gabay, CEO of Trustmi, discusses why payments are a source of cyber worry for CISOs. CISOs are worried about Business Email Compromise (BEC), cyber attackers’ use of AI, and securing the supply chain. These are

React to this headline:

Loading spinner

How CISOs tackle business payment fraud Read More »

Binarly Attracts $10.5M to Tackle Software Supply Chain Security

Binarly Attracts $10.5M to Tackle Software Supply Chain Security 2024-03-26 at 22:47 By SecurityWeek News Los Angeles firmware and software supply chain firm banks $10.5 million in seed-stage funding led by Two Bear Capital. The post Binarly Attracts $10.5M to Tackle Software Supply Chain Security appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Binarly Attracts $10.5M to Tackle Software Supply Chain Security Read More »

Scroll to Top