[SecurityWeek] SolarWinds Outlines ‘Triple Build’ Software Development Model to Secure Supply Chain

When FireEye (now Mandiant) disclosed the SolarWinds breach in December 2020, the security world was forced to accept the reality that given the motivation, time and resources, an advanced attacker can breach any organization. And if the breached organization is part of an important supply chain, the potential damage could be devastating.

read more

Source: Read More (SecurityWeek RSS Feed)

You might be interested in …

[TheRecord] CISA and the FBI warn of ransomware gangs’ tendency of launching attacks over holidays and weekends

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint security advisory today to warn companies about the tendency of ransomware gangs to launch attacks over weekends and national holidays. While cybersecurity experts have been aware of this trend in ransomware attacks for the past three years, […]

Read More

[HackerNews] NK Hackers Deploy Browser Exploits on South Korean Sites to Spread Malware

All posts, HackerNews

A North Korean threat actor has been discovered taking advantage of two exploits in Internet Explorer to infect victims with a custom implant as part of a strategic web compromise (SWC) targeting a South Korean online newspaper. Cybersecurity firm Volexity attributed the attacks to a threat actor it tracks as InkySquid, and more widely known by the […]

Read More

[TheRecord] White House double downs on warning about cyberattacks over the holidays

White House deputy national security adviser Anne Neuberger on Thursday urged U.S. organizations to be on guard against malicious digital activity ahead of the Labor Day holiday. “We want to raise awareness and this need for awareness is particularly for critical infrastructure owners and operators who operate critical services for Americans,” Neuberger said during a […]

Read More