The Role of ASPM in Enhancing Software Supply Chain Security
ASPM plays an essential role in optimizing your software supply chain security. Learn more about this critical facet of the SDLC and what the future holds for ASPM ...
In High Demand – How Thales and DigiCert Protect Against Software Supply Chain Attacks
In High Demand - How Thales and DigiCert Protect Against Software Supply Chain Attacks madhav Tue, 04/16/2024 - 05:25 Software supply chain attacks have been rapidly increasing in the past few years ...
The Evolving Triad of Cyber Threats: BEC, Ransomware, and Supply Chain Attacks
Historically, cybercriminals have been happy to stick with proven tactics for as long as possible. After all, it's a business to them—if it ain't broke, why fix it? However, this is not ...
XZ Trojan highlights software supply chain risk posed by ‘sock puppets’
The high-profile compromise of the XZ Utils open-source compression library, disclosed last week, highlights an under-reported threat: social engineering attacks that target open-source package maintainers and other developers to stage software supply ...
BTS #27 – Governance, Compliance, and The Digital Supply Chain – Josh Marpet
Show Notes The post BTS #27 - Governance, Compliance, and The Digital Supply Chain - Josh Marpet appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise ...
Eclypsium’s Digital Supply Chain Security Platform Releases AI-Assisted Binary Analysis Engine
New Eclypsium Automata replicates expert security researchers’ knowledge and leverages advances in machine learning to discover threats, backdoors, and vulnerabilities across a wide range of infrastructure devices Portland, OR – April 10, ...
Securing the software supply chain with Black Duck Supply Chain Edition
New Black Duck Supply Chain Edition offers complete visibility into your software supply chain, giving you the ability to act, quickly. The post Securing the software supply chain with Black Duck Supply ...
What is the Xz Utils Backdoor : Everything you need to know about the supply chain attack
Learn about the Xz Utils Backdoor, what is means for supply chain security, and what you can do to protect yourself. The post What is the Xz Utils Backdoor : Everything you ...
XZ-Utils Supply Chain Backdoor Vulnerability Updated Advisory (CVE-2024-3094)
Vulnerability Overview Recently, NSFOCUS CERT detected that the security community disclosed a supply chain backdoor vulnerability in XZ-Utils (CVE-2024-3094), with a CVSS score of 10. Since the underlying layer of SSH relies ...
XZ and the Threats to the Digital Supply Chain
The discovery of the backdoor in xz utils compression software last week has shone a spotlight on the threats to the digital supply chain. Wired has an excellent analysis on the attack, ...