News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tags: supply chain

Dangers of software supply chains
5. February 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The software landscape continues to grow, and so it is not surprising that the vulnerabilities and attack surfaces of software libraries are not getting smaller. Software supply chain attacks are particularly attractive to threat actors because, if successful, they can gain access to hundreds or thousands of applications with just one attack. Exploiting vulnerabilities or compromising source code in trusted applications can allow an attacker to operate from a central location and move around the network undetected. Various solutions to this danger vector are being researched, a…

Read more

Supply chain problem: 8,9 million times factory Android malware
June 21, 2023
| No comments
| Short news, TrendMicro
Trend Micro News

At the Black Hat Asia hacking conference, researchers from the security provider Trend Micro announced that millions of Android smartphones worldwide are infected with malicious firmware - and this before the devices even leave production. According to the Lemon Group hacker group, it was able to inject malware called "Guerrilla" into 8,9 million devices. The security researchers warn that cybercriminals rent out remote access to Android smartphones via proxy plugins and are charged per minute for it. Keystrokes of passwords, geographic location, IP address and other confidential data can be accessed. The advertisement for…

Read more

Cyber ​​attack on Rheinmetall
16 April 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Since Rheinmetall's Vehicle Systems, Weapon and Ammunition departments are well protected against cyber attacks, attackers attack various subsidiaries in the civilian division and have probably also paralyzed some of them. That sounds like a classic supply chain attack. To date, there is no information about the cyber attack on the Rheinmetall website or on the subpages of the subsidiaries. But according to Spiegel and other media, various subsidiaries have been hit by cyber attacks. According to Echo24.de, a Rheinmetall spokesman is said to have confirmed the IT incident in the group's civilian business. The Rheinmetall departments most sought after by hackers, Vehicle…

Read more

Attacks on the supply chain
March 24, 2023
| No comments
| Stories
Attacks on the supply chain

Attackers have always looked for the weakest link in the chain in order to break through a defence. This has not changed in today's highly digitized business world and also includes the supply chain of the supplier industry. Suppliers often have access to their customers' internal systems, and a hack on seemingly insignificant suppliers can mean for hacker groups entry into the network of a global corporation. Attacks via the software supply chain are even more common and have even more dramatic effects. So instead of attacking the targeted company directly, cybercriminals target their software distributors…

Read more

Supply chain attacks with infected code packages
March 7, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Hackers are increasingly using their own code packages for attacks or inserting malicious command line into code packages distributed via online repositories and package managers. The scam is becoming increasingly popular among hackers. The increase from 2021 to 2022 was already over 600 percent, according to Check Point. Check Point Research (CPR), the research department of Check Point Software Technologies, warns all IT security forces about fraudulent code packages. ThreatCloud found several malicious objects. This scam can be counted among the supply chain attacks and value chain attacks, which have increased significantly. Trusted Code Packages Become Contaminated Cyber ​​criminals try to…

Read more

SMEs: 75 percent fear loss of reputation after an attack
21 December 2022
| No comments
| Kaspersky, Stories
SMEs: 75 percent fear loss of reputation after an attack

Through cyber attacks on large companies and SMEs: Around 75 percent fear a loss of reputation (SMEs 74 percent) through an attack, but not even 10 percent protect their assets for this reason. This can quickly cost reputation and customer trust. The Kaspersky study shows the discrepancy: the top 3 reasons for protective measures do not match the top 3 feared effects. The most feared damage is financial impact and loss of reputation and customer trust. However, the main reasons for cybersecurity measures are to protect business continuity, data and customers. Protection reason and effects differ The main reasons for the implementation of cyber protection measures…

Read more

Open source tool "Chain-Bench" for more security
August 8, 2022
| No comments
| PR News
Open source tool "Chain-Bench" for more security

Aqua Security Partners with Center for Internet Security to Introduce First Guide to Security in the Software Supply Chain; Chain-Bench is the first open-source tool to validate the software supply chain to ensure compliance with these new CIS guidelines Aqua Security, the leader in cloud native security, and the Center for Internet Security (CIS), today released the industry's first formal guidelines for software supply chain security. CIS is an independent, non-profit organization dedicated to creating more trust in the connected world. The CIS software…

Read more

Study: Attacks on the software supply chain tripled
6. February 2022
| No comments
| PR News
Study: Attacks on the software supply chain tripled

Aqua Security, the leader in cloud-native security, announces the results of the latest Software Supply Chain Security Review study into software supply chain attacks. Over a period of six months, the experts were able to determine that the attacks in 2021 tripled compared to 2020. Cyber ​​criminals target vulnerabilities in the software supply chain to inject malware and backdoors. To do this, they mainly use security gaps in open source software, inject malicious code (“poisoning”) and exploit general problems with the integrity of software code. The Software Supply Chain Security Review study was conducted by Argon…

Read more

Bitdefender: Five cybersecurity arenas
16 January 2022
| No comments
| Bitdefender, Stories
Bitdefender: Five cybersecurity arenas

2021 will probably be remembered negatively in many ways in terms of cyber security. Unsurprisingly, the year ended with a thunderclap for the IT security industry: the Java Log4j vulnerability created the perfect framework for hackers. Log4j, ransomware, supply chain attacks are all coming in 2022. Jen Easterly, head of the US federal government's Cybersecurity and Infrastructure Security Agency (CISA), called the Log4j vulnerability the most serious flaw she has seen in her decade-long career . The effects of Log4j will be significant for IT, business and society in the coming months and possibly also in the…

Read more

© 2024 MedPressIT GbR
Cookie Settings