CSO Magazine

OCTOBER 1, 2022

For enterprise security professionals alarmed about the rising number of supply chain attacks, a report released this week by Google and supply chain security firm Chainguard has good news: Devsecops best practices are becoming more and more common. To read this article in full, please click here

Software 108

Software 108

Security Boulevard

JULY 10, 2023

Enhancing the trust and security of the supply chain is on the minds of many a cybersecurity executive today, and will likely be a topic of interest and concern in the months and years to come. It’s not surprising then, that the focal point of a recent RSA Conference virtual seminar was supply chain security.

Cybersecurity 71

Cybersecurity Software Risk 71

Security Boulevard

FEBRUARY 1, 2021

If you're just now tuning in, I've decided to do a collection of blog posts on what I think are going to be major cybersecurity topics this coming year. In the first blog post, I introduced you to what a supply chain attack is, why it’s such a big [.].

Cybersecurity 127

Cybersecurity InfoSec 127

Security Boulevard

JUNE 12, 2023

Software supply chain risks is an increasingly hot topic because attention to the supply chain has grown in recent years. Its importance has naturally attracted the attention of hackers, so protecting the software supply chain is paramount.

Software 52

Software Risk 52

CSO Magazine

SEPTEMBER 12, 2022

2022 has intensified the necessary focus on the important topics of open-source security, including supply chain security. Wheeler, director of open-source supply chain security at the Linux Foundation, tells CSO. It has also accelerated efforts to identify what was left to do, and then start doing it.

CSO 119

CSO Government Software Risk 119

Security Boulevard

MARCH 12, 2024

Most often when the topic of memory […] The post A Faster Path to Memory Safety: CHERI, Memory Tagging, and Control Flow Integrity appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.

Software 59

Software 59

Security Boulevard

MARCH 8, 2023

By now the topic of software supply chain security is clearly among the most discussed topics in the IT/Cybersecurity industry. The post Why software transparency is critical: Understanding supply chain security in a software-driven society appeared first on Security Boulevard.

Software 52

Software Cybersecurity 52

Security Boulevard

APRIL 24, 2023

The topic of how to best secure software supply chains is in the spotlight at this year’s RSA Conference. The post What traditional app sec tools miss: The monsters in your software supply chain appeared first on Security Boulevard.

Software 64

Software 64

Webroot

AUGUST 18, 2021

If you attended Black Hat this year, you couldn’t avoid the topic of supply chain attacks. From keynotes to vendor messaging to booth presentations, they were a ubiquitous topic in Las Vegas this year. Black Hat founder Jeff Moss even began this year’s conference with a few words about software supply chains. “We

InfoSec 131

InfoSec Backups Software Small Business 131

Security Boulevard

JANUARY 17, 2022

The discussion focused on three topics: Preventing security defects and vulnerabilities in code and open source packages, improving the process for finding defects and fixing them. The post Linux Foundation, Red Hat Join Supply Chain Security Summit appeared first on Security Boulevard.

Government 130

Government Software Security Awareness Risk 130

Security Boulevard

JULY 8, 2022

Welcome to the latest edition of The Week in Cybersecurity , which brings you the latest headlines from both the world and our team about the most pressing topics in cybersecurity. This week: fallout from another supply chain attack involving malicious npm modules.

Cybersecurity 109

Cybersecurity Threat Detection Software Ransomware 109

SecureWorld News

APRIL 18, 2024

We need to work through supply chains to proactively engage SMBs on this topic, and we have designed Cybersecure My Business to be an approachable, impact-focused way of doing that," said Max McKenna, Director of Partnerships at the National Cybersecurity Alliance (NCA).

Cyber Risk 110

Cyber Risk Risk Cybersecurity Small Business 110

Security Boulevard

SEPTEMBER 8, 2022

Welcome to the latest edition of The Week in Cybersecurity , which brings you the newest headlines from both the world and our team about the most pressing topics in cybersecurity. government’s new position on software supply chain security, and more. .

Ransomware 98

Ransomware Cybersecurity Education Software 98

The Last Watchdog

NOVEMBER 3, 2021

That’s why I’m thrilled to point out that Last Watchdog has been recognized, once again, as a trusted source of information on cybersecurity and privacy topics. The recognition comes from Cyber Security Hub, a website sponsored by IQPC Digital. We’ve been named one of the Top 10 cybersecurity webzines in 2021. krebsonsecurity.com.

Cybersecurity 278

Cybersecurity Data breaches Mobile Internet 278

CSO Magazine

SEPTEMBER 15, 2022

Software supply chain attacks are on the rise, as cited in the Cloud Native Computing Foundation’s (CNCF’s) Catalog of Supply Chain Compromises. Industry leaders such as the Google, Linux Foundation, OpenSSF, and public sector organizations such as NIST have provide guidance on the topic over the past year or so.

Software 73

Software Government Cybersecurity 73

CSO Magazine

JUNE 9, 2022

Given the significant cybersecurity problems that the SolarWinds , Log4j and other software supply chain infections created over the past two years, it's no surprise that software security emerged as a hot topic at this year's RSA conference.

Software 74

Software Cybersecurity 74

Schneier on Security

APRIL 27, 2023

Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic. Bureaucratic, policy, and cultural barriers currently inhibit such sharing.

Risk 246

Risk Cybersecurity Government Engineering 246

Security Boulevard

FEBRUARY 22, 2023

The cloud is calling, and it's time to take your Software Supply Chain Management (SSCM) efforts to new heights. We know this is an important topic as an estimated 57% of enterprises transitioned in 2022, and it's only expected to rise in the coming years. Attention all tech wizards and software sages!

Software 52

Software 52

Security Boulevard

MARCH 8, 2021

Following a growing trend in software supply chain attacks which use “ dependency or namespace confusion ” techniques, I sat down for a discussion on software supply chain security with a few experts on the topic.

Software 66

Software 66

The Last Watchdog

JANUARY 2, 2024

However, by implementing DevSecOps practices, organizations can effectively address these challenges About the essayist: Yuga Nugraha is abDevSecOps engineer who is focused on the research division exploring multiple topics including DevSecOps, Cloud Security, Cloud Native Security Container, Orchestration, IaC, CI/CD) and Supply Chain Security.

Cyber Risk 202

Cyber Risk Risk Education Security Awareness 202

Security Boulevard

OCTOBER 14, 2021

A topic that comes up frequently at Sonatype is something called the “ software supply chain.” The term is based on how supply companies send parts to manufacturers who assemble them into things like cars, laptops, and musical instruments.

Software 52

Software Manufacturing 52

CSO Magazine

AUGUST 16, 2022

The fallout of the SolarWinds cybersecurity incident, coupled with Cybersecurity Executive Order (EO) put the topic of software supply chain security, and by association, software bills of material (SBOM) center stage in the security dialog.

Software 62

Software Cybersecurity 62

CyberSecurity Insiders

DECEMBER 29, 2021

It is imperative to stay up to date on the most important topics. Register now for our upcoming 2022 webinars on topics including cloud security, market trends, and Zero Trust so you stay current on trending topics. Cloud Threat Report: Supply Chain Attacks – The Early Bird Injects the Worm.

Cybersecurity 84

Cybersecurity Password Management Ransomware Education 84

Security Boulevard

MAY 22, 2023

Following this topic closely for over a year, we in Legit observe a huge increase in the number of attackers trying to exploit this attack surface. The post Supply Chain Attacks Overflow: PyPI Suspended New Registrations appeared first on Security Boulevard. This incident was resolved on May 21st.

64

64

CyberSecurity Insiders

JULY 20, 2021

Topics such as security awareness training, threat management, access control, incident response, risk mitigation, and many others must be taken into consideration. External partners form a substantial part of the supply chain in any organization. What is the supply chain?

Healthcare 124

Healthcare Risk Information Security Manufacturing 124

Thales Cloud Protection & Licensing

JULY 29, 2021

One of the hottest security topics in recent memory is that of “Zero Trust”. I recently spoke with Eddie Glenn, the Senior Product Marketing Manager at Venafi , who offered insights into how an HSM can protect your software supply chain. Probably the largest software supply chain attack in recent memory is the SolarWinds attack.

Digital transformation 127

Digital transformation IoT Software Marketing 127

The Last Watchdog

JUNE 2, 2022

Companies now reach for SaaS apps for clerical chores, conferencing, customer relationship management, human resources, salesforce automation, supply chain management, web content creation and much more, even security. Wave after wave of successful exploits took full advantage of the misconfigurations spinning out of cloud migration.

Cloud Migration 229

Cloud Migration CISO Technology Security Awareness 229

eSecurity Planet

SEPTEMBER 22, 2022

Trellix security researchers have revealed a major vulnerability in the Python tarfile library that could be exploited in software supply chain attacks. The researchers believe it could be used against organizations at scale, which could lead to attacks as serious as the one that hit SolarWinds two years ago.

Software 112

Software Risk Cybersecurity 112

The Last Watchdog

FEBRUARY 3, 2021

It’s only February, and 2021 already is rapidly shaping up to be the year of supply-chain hacks. The SolarWinds hack came to light in mid-December and has since become a red hot topic in the global cybersecurity community. There are many reasons to expect supply chain hacks to intensify in the weeks and months ahead.

Phishing 252

Phishing Hacking Accountability Social Engineering 252

Identity IQ

DECEMBER 29, 2021

Here are the Top Ten IdentityIQ Topics of 2021. Supply chain issues, inflation, a red-hot housing market, labor shortages and data breaches are just a few of the topics that affected our credit and personal finances. As the end of the year is approaching, we’re compiling our most searched and read topics of 2021.

Identity Theft 96

Identity Theft Scams Data breaches Insurance 96

SecureList

SEPTEMBER 23, 2021

All these topics will be mentioned during the new SAS@Home online conference, scheduled for September 28th-29th, 2021. As for cyberthreats, this topic is always on the table because it is the phenomenon we confront every day and the cause that unites us researchers. What else can we offer during the two eventful days?

Spyware 76

Spyware Malware Software Technology 76

Cisco Security

JUNE 30, 2022

More and more businesses are operating as ecosystems—attacks have profound ripple effects across value chains.?Attacks Simplicity continues to be a hot topic, and in the context of its functionality. Supply chain attacks have become one of the biggest security worries for businesses.

Digital transformation 129

Digital transformation Data privacy Identity Theft Data breaches 129

CyberSecurity Insiders

NOVEMBER 26, 2021

To borrow a poker metaphor, those topics are table stakes. With that in mind, here are the risks that stand out as unique above and beyond the buzzwords: RansomOps – The New Kill Chain. Supply Chain – Amplifying Reach of Attacks. You need to have a broader perspective on the concept of supply chain, though.

Cybersecurity 129

Cybersecurity Ransomware Risk Artificial Intelligence 129

Security Boulevard

MAY 11, 2021

In this blog, we'll discuss the importance of code signing, the challenges of implementing it properly, and how Keyfactor Code Assure allows you to centralize and secure code signing without disrupting developer workflows (you can find the full webinar on this topic by clicking "Watch Now" below).

Software 64

Software 64

SecureWorld News

AUGUST 14, 2022

Despite cybersecurity's immediate implication to the individuals at large, the topic gets dismissed as a governance issue and tucked away without the discussion of repercussions to the society at large. Luckily for cybersecurity, there is no shortage of real-time data that can be used for effective and impactful decision making. ~~~.

Cybersecurity 86

Cybersecurity Data breaches Cyber Risk Accountability 86

CyberSecurity Insiders

SEPTEMBER 27, 2021

Given how critical security is to digital transformation and our ability to innovate, we’ve got a robust line-up of cybersecurity topics – from SASE to zero trust and the technologies you need to help protect your business. Securing your supply chain in a 5G world. And it’s jam-packed with cybersecurity talks!

Digital transformation 125

Digital transformation Ransomware Technology Cybersecurity 125

CyberSecurity Insiders

DECEMBER 24, 2021

We have several predictions and topics of concern for the cybersecurity industry in the coming year, from overarching fundamentals to those that will be of more concern to entry-level professionals and small and medium-sized businesses. We suggest that all cybersecurity professionals be informed on these topics as they evolve.

Cybersecurity 98

Cybersecurity Ransomware VPN Architecture 98