News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tags: supply chain

Cyber ​​Resilience Act: Companies should act now
7 May 2025
| No comments
| Stories
Cyber ​​Resilience Act: Companies should act now

The Cyber ​​Resilience Act (CRA) is coming fast. For manufacturers, this means that devices with exploitable security vulnerabilities will soon no longer be allowed to be sold in the EU. It's high time for companies to adapt their product development to become CRA-compliant. "Companies subject to the EU Cyber ​​Resilience Act (CRA) should hurry to adapt their products to the CRA requirements," says Jan Wendenburg, CEO of the Düsseldorf-based cybersecurity company ONEKEY. He points out that the first CRA regulations will come into effect as early as September 2026, and all subsequent ones will take effect on December 11, 2027...

Read more

Securing the software supply chain for the Cyber ​​Resilience Act
21 April 2025
| No comments
| Stories
Securing the software supply chain under the Cyber ​​Resilience Act

In recent years, IT security managers and their teams have increasingly had to deal with cyber risks associated with the software supply chains of their vendors and partners. Cybercriminals are increasingly making vulnerabilities in development pipelines, open source components, and third-party integrations an integral part of their attack vectors. According to a Bitkom survey from last year, 2024 percent of IT decision-makers surveyed in 13 reported that at least one of their company's supply chain suppliers had been the victim of a cybersecurity incident at least once in the past 12 months. Another 13 percent suspected it, and 21 percent could not rule it out. The Cyber ​​Resilience Act and…

Read more

Cyberattacks: A threat to the supply chain
16 April 2025
| No comments
| Sophos, Stories

With the steady progress of digital transformation in recent years, companies have become increasingly dependent on numerous partners and suppliers. This shift has led to a more complex IT infrastructure and significantly expanded the attack surface that cybercriminals can exploit. They target the weakest link in the supply chain to gain access to the entire system. One example: In November 2024, the US software provider Blue Yonder fell victim to a ransomware attack that impacted the operations of 3.000 companies in 76 countries. This raises the question: How can we protect the entire…

Read more

AI poses growing challenges for data protection in 2025
March 22, 2025
| No comments
| Stories
AI poses growing challenges for data protection in 2025

With the advent of generative AI in many companies, the amount of data that needs to be protected, managed, and consolidated has expanded in 2024. And this increase will continue in 2025. Organizations must rethink cybersecurity and data protection at all levels. HYCU anticipates many challenges for companies: the speed with which new SaaS platforms and data sources can be protected must be drastically increased. In 2024, HYCU launched a generative AI initiative together with Anthropic. Google Cloud honored HYCU as Partner of the Year for…

Read more

These are the most important security vulnerabilities and attack techniques
March 20, 2025
| No comments
| PR News
These are the most important security vulnerabilities and attack techniques

The number of reported security vulnerabilities increased by 2024 percent in 38. As dependence on software systems grows, so does the attack surface. JFrog explains the biggest security risks of 2024 and ways to increase resilience in 2025. The increasing interconnectedness and dependence on software systems has significantly expanded the attack surface for cyber threats. In 2024, the number of reported vulnerabilities reached a new high, with over 40.000 CVEs—an impressive increase of 38 percent. The following analysis, based on the findings of the JFrog Security Research Team, highlights the most significant security vulnerabilities and attack techniques...

Read more

Commentary on the Digital Operational Resilience Act (DORA)
March 17, 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Unlike other economic sectors that must also comply with NIS2, the financial sector is no stranger to strict regulations like DORA. These organizations have worked hard on their data resilience and cybersecurity strategies. Even though DORA adds an additional regulation to their compliance, the gap between the current and required state of affairs should be manageable, at least as far as their internal processes are concerned. It's a completely different story when it comes to third-party offerings and services and the entire supply chain. Because it doesn't matter...

Read more

Cybersecurity: What KRITIS companies need to pay attention to
12. February 2025
| No comments
| Stories
Cybersecurity: What KRITIS companies need to pay attention to

In 2024, NIS2 was a big topic in cybersecurity. And in 2025 and the years to come, protecting critical infrastructure will remain an essential task for IT and OT managers and executives. A cybersecurity expert explains what companies will face. Holger Fischer, Director EMEA Central at OPSWAT, outlines a dozen topics that companies and government institutions need to keep an eye on when it comes to KRITIS security: AI defensive tools for protecting companies are lagging behind The rapid spread of AI has enabled less advanced attackers to increase their sophistication...

Read more

NIS2 Directive: How companies are meeting the challenge
17 January 2025
| No comments
| Stories
NIS2 Directive: How companies are meeting the challenge

The NIS2 Directive tightens the requirements for corporate cybersecurity. This leads to high investments in security solutions and employee training for companies with critical infrastructures. Read about which measures are important and how you can overcome the challenges. The NIS2 Directive, which is expected to be anchored in national law in Germany from spring 2025, aims to establish a higher level of security in the EU and to better protect companies in important infrastructure areas from cyberattacks. According to studies, however, only around a third of the approximately 30.000 companies affected in this country are on the...

Read more

Blue Yonder attacked – Starbucks affected
28 November 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

A few days ago, Blue Yonder, a provider of a management platform for supply chains, was attacked with ransomware. As a result, time tracking at Starbucks, for example, has been paralyzed and salary payments have been somewhat difficult. According to the company itself, the following happened: "On November 21, 2024, Blue Yonder experienced disruptions in its hosted managed services environment due to a ransomware incident. Since the incident became known, the Blue Yonder team has been working intensively with external cybersecurity firms to make progress in recovery. We have conducted several defensive and forensic...

Read more

Attacks on the supply chain are increasing
22 November 2024
| No comments
| Stories
Attacks on the supply chain are increasing

Attacks on the supply chain are particularly dangerous because they are designed to bypass security mechanisms on the part of the defenders. For example, malicious software updates are so successful because an update is usually introduced directly into the victim's data center in encrypted form. Companies often defend themselves from the outside in, with the data center itself being protected from the outside by various security layers, but often only containing minimal security precautions from the inside out. If an attack comes from within, the perpetrators can usually spread effortlessly. It hardly matters...

Read more

© 2025 MedPressIT Selinger
Cookie Settings