SEARCH
Archive
Chinese Spies Planted Hardware Backdoors on Servers in Supply Chain Attack
Whether or not Chinese spies actually planted rogue chips into Super Micro servers, this kind of supply chain attack is feasible. This is just the tip of the iceberg.
Magecart Group Refines Attacks, Nabs More Sites
The list of Magecart victims gets longer as the attack group optimizes its attack code and modifies its methods to steal payment card information from unsuspecting shoppers. What's a website owner to do?
Updated NIST Cybersecurity Framework Emphasizes Access Control & Supply Chain Risk
The National Institute of Standards and Technology (NIST) released its version 1.1 update to the 1.0 version of their Framework for Improving Critical Infrastructure Cybersecurity, last updated in 2014.
Manage Third-Party Suppliers with Personality Tests
Every supplier and third party vendor has different behaviors, abilities and knowledge. Developing a personality profile for each supplier can help organizations decide how much effort they need to spend managing that relationship as part of an effective infosec and privacy assurance program.