Security news that informs and inspires

Archive

29 results for tag China:

Keeping Dependencies Straight in the Software Supply Chain

The nature of modern software development is that development teams have to rely on "blind trust" for some of the code components written by someone else. A new attack method showed how build systems could be tricked into pulling code from the wrong projects.

Software Development, China, Open Source

Cybercriminals Target Vaccine Supply Chain

Over the last year, cybercriminals adjusted their attack tactics with new developments with the COVID-19 pandemic. With attention now on developing and distributing the vaccine for the novel coronavirus, attackers have shifted their focus to target the vaccine supply chain.

China, Cybercrime

Malware Infects NetBeans Projects In Software Supply Chain Attack

The Octopus Scanner malware compromised 26 open source projects hosted on GitHub in a new supply chain attack targeting NetBeans projects, GitHub Security Lab said.

China, Appdev, Github

Industry Groups Don’t Like Commerce Department’s Supply Chain Security Rules

Multiple business groups have pushed back on the Department of Commerce's proposed supply chain rules on information and communications technology supply chain security due to vague language and undefined scope.

China, Government

Firms Increasingly Affected by Breaches at Other Organizations

The world is more interconnected than ever, and that network of dependencies means when an organization experiences a security incident, so do other downstream organizations in the supply chain, Cyentia Insitute said in its latest analysis.

China, Risk Management