software
When Your SaaS Vendor Goes Dark: A Guide to Protecting Your Business
When a SaaS vendor unexpectedly shuts down, your business faces significant risks. This comprehensive guide provides actionable strategies to recover your data, find alternative solutions, and implement preventative measures to ensure business ...
Delivering Malware Through Abandoned Amazon S3 Buckets
Here’s a supply-chain attack just waiting to happen. A group of researchers searched for, and then registered, abandoned Amazon S3 buckets for about $400. These buckets contained software libraries that are still ...
Fraudsters Abuse DocuSign API for Legit-Looking Invoices
I didn’t see much visibility on this DocuSign hack. This is a situation where the product features were not vetted to understand if they could be misused by malicious fraudsters. There is ...
Providing Security Updates to Automobile Software
Auto manufacturers are just starting to realize the problems of supporting the software in older models: Today’s phones are able to receive updates six to eight years after their purchase date. Samsung ...
Learning from CrowdStrike’s Quality Assurance Failures
Let’s talk about CrowdStrike’s quality assurance failures! Thanks to Help Net Security for publishing my opinion piece. Take a look for a more in-depth explanation of how the bad update made it ...
Report Identifies More Than 250 Evil Twin Mobile Applications
The Satori Threat Intelligence Team funded by HUMAN Security, a provider of a platform thwarting bot-based attacks, today disclosed it has uncovered a massive ad fraud operation involving the setting up of ...
Mitigating Lurking Threats in the Software Supply Chain
The first step to addressing software supply chain vulnerabilities and threats is to understand the most common attacks. Here's where to start ...
Adventures in Audits, Part One: How Software License Terms Drive Audit Resolution
If your company uses software under a license agreement that gives audit rights to the software vendor—and your company probably does—you may well have an adventure in your future. Vendors do, in ...
SBOMs Can Help You With Compliance, Too
Software bills of materials (SBOMs) are increasingly hitting the news as the federal government focuses on improving the nation’s cybersecurity. President Biden has identified this as a top priority of his administration, ...
Your Vendor’s Vendor Adds Risk to the Open Source Supply Chain
Organizations rely heavily on third-party vendors and contractors. Smart companies will have a service level agreement (SLA) with each vendor which includes information about the vendor’s approach to cybersecurity—in fact, it’s a ...
