#software-supply-chain-attacks

[ follow ]
#cybersecurity

More Than 3,000 'Ghost' Accounts Spreading Malware on GitHub - DevOps.com

Cybercriminals target GitHub for malware distribution through fake accounts and repositories.

Protecting against software supply chain attacks

Software supply chain attacks are on the rise, with a 742% increase between 2019 and 2022.
These attacks have a widespread and enduring impact, impacting thousands of customers and potentially remaining undetected for years.

New research finds open-source code accelerated supply chain cyberattacks in 2023

Open-source code and legitimate hacking tools are contributing to the rise of software supply chain attacks.
More cybercriminal groups are sharing open-source tools and resources, making it easier for attackers to launch these attacks.

Russia is exploiting JetBrains TeamCity users at large scale

The offensive cyber unit linked to Russia's SVR has been exploiting a critical vulnerability in the JetBrains TeamCity server since September.
The vulnerability, similar to the one used in the SolarWinds attack, allows attackers to manipulate source code and plant backdoors in victim's environments.

More Than 3,000 'Ghost' Accounts Spreading Malware on GitHub - DevOps.com

Cybercriminals target GitHub for malware distribution through fake accounts and repositories.

Protecting against software supply chain attacks

Software supply chain attacks are on the rise, with a 742% increase between 2019 and 2022.
These attacks have a widespread and enduring impact, impacting thousands of customers and potentially remaining undetected for years.

New research finds open-source code accelerated supply chain cyberattacks in 2023

Open-source code and legitimate hacking tools are contributing to the rise of software supply chain attacks.
More cybercriminal groups are sharing open-source tools and resources, making it easier for attackers to launch these attacks.

Russia is exploiting JetBrains TeamCity users at large scale

The offensive cyber unit linked to Russia's SVR has been exploiting a critical vulnerability in the JetBrains TeamCity server since September.
The vulnerability, similar to the one used in the SolarWinds attack, allows attackers to manipulate source code and plant backdoors in victim's environments.
morecybersecurity

UK, ROK sound alarm over North Korean supply chain attacks

The UK and South Korea have issued a joint advisory warning about increased software supply chain attacks from North Korea.
The attacks are becoming more sophisticated and target government, financial, and defense industry organizations globally.
The advisory calls on organizations to follow mitigative actions to improve resilience to supply chain attacks.

Software supply chain attacks are soaring - and security leaders are sluggish to react

63% of large organizations faced software supply chain attacks in the last two years.
Concerns over software supply chain security are high among professionals using open-source code packages.
Enterprises prioritize software supply chain security, but progress is slow in implementation.
[ Load more ]