Security news that informs and inspires

Archive

17 results for tag Supply Chain:

Biden Signs Executive Order Aiming to Bolster Federal Security

The executive order makes widespread mandates addressing software supply-chain security and outdated security models.

Federal Cybersecurity, Cybersecurity, Supply Chain, Software

Supply Chain Attack Hits Passwordstate Password Manager

An attacker was able to compromise the update mechanism for the Click Studios Passwordstate password manager and insert a malicious DLL that harvested victims' usernames and passwords.

Supply Chain

Popular Codecov Bash Uploader Tool Compromised

The Codecov Bash Uploader tool, used widely in ,any development environments, was compromised in January, potentially causing serious downstream problems.

Supply Chain

Keeping Dependencies Straight in the Software Supply Chain

The nature of modern software development is that development teams have to rely on "blind trust" for some of the code components written by someone else. A new attack method showed how build systems could be tricked into pulling code from the wrong projects.

Software Development, Supply Chain, Open Source

Cybercriminals Target Vaccine Supply Chain

Over the last year, cybercriminals adjusted their attack tactics with new developments with the COVID-19 pandemic. With attention now on developing and distributing the vaccine for the novel coronavirus, attackers have shifted their focus to target the vaccine supply chain.

Supply Chain, Cybercrime