dcsimg

Malicious commits found in PHP code repository: What you need to know

You’ve probably heard that PHP’s Git repository was recently compromised, allowing backdoors to be added to the code located there. You may also be wondering what that means, what a supply chain attack is, and how you could be affected. Read on and we’ll lead you though a straightforward description of this attack’s many moving parts. What is a supply chain attack? This is where … [Read more...]

SolarWinds advanced cyberattack: What happened and what to do now

Over the weekend we learned more about the sophisticated attack that compromised security firm FireEye, the US Treasury and Commerce departments and likely many more victims. Threat actors hacked into IT company SolarWinds in order to use its software channel to push out malicious updates onto 18,000 of its Orion platform customers. This scenario, referred to as a supply-chain attack, is … [Read more...]

Vital infrastructure: securing our food and agriculture

I don’t expect to hear any arguments on whether the production of our food is important or not. So why do we hardly ever hear anything about the cybersecurity in the food and agriculture sector? Depending on the country, agriculture makes up about 5 percent of the gross domestic product. That percentage is even bigger in less industrial countries. That amounts to a lot of money. And … [Read more...]

Bloomberg blunder highlights supply chain risks

Ooh boy! Talk about a back-and-forth, he said, she said story! No, we’re not talking about that Supreme Court nomination. Rather, we’re talking about Supermicro. Supermicro manufacturers the type of computer hardware that is used by technology behemoths like Amazon and Apple, as well as government operations such as the Department of Defense and CIA facilities. And it was recently reported by … [Read more...]

The danger of third parties: ads, pipelines, and plugins

It may or may not be comforting to know that, ultimately, bulletproof security is out of your hands. You can have the most locked down PC on Earth, have two-factor authentication (2FA) set up across the board, take sensible actions to protect your personal information, and read all the EULAs under the sun. You can do all this and more, and yet still end up being compromised. How? Welcome to the … [Read more...]