Here you will find all the articles with the tag: supply chain security.
A security systems app appears to have leaked highly sensitive data. MASmobile Classic, intended for alarm systems installers to look up customer data, could unintentionally send codes to disable security systems online to malicious people. This is according to research by the Dutch station BNR.... Read more
15 days ago
The increasing complexity of IT environments is leading to more hidden cyber threats. The risk of cyberattacks and data breaches through the software supply chain is hard to ward off, according to research by JFrog. To point out how cluttered corporate IT infrastructures can be today, JFrog cite... Read more
1 month ago
Every year, Sonatype takes a good look at the software supply chain. In this year's State of the Software Supply Chain report, researchers report that many more malicious packages have been discovered than before. At the same time, a version with a fix is almost always available. Sonatype also foun... Read more
6 months ago
Tidelift has added new capabilities to its Tidelift Subscription. The newly expanded package allows organizations to assess the security of open-source software. Thanks to thousands of collaborations with open-source projects, the company contributes to the reliability of IT environments. Tideli... Read more
7 months ago
The Cloud Native Computing Foundation's (CNCF) Notary Project and Notation Project standardization projects for supply chain security have received a major update with version 1.0.0, marking their first full release. The Notary Projects and its derivative Notation are two development projects fo... Read more
8 months ago
The European Union is seeking to reduce its reliance on China for semiconductors. It hopes to find a suitable partner in Japan and is rolling out plans to boost cooperation. This week the European Union announced that it will will deepen its ties with Japan on semiconductors. Thierry Breton, the... Read more
10 months ago
SLSA 1.0 is intended to provide a standard language for software supply chain security. The project is at an important milestone in software development security with its first stable version, according to OpenSSF. The Open Source Security Foundation (OpenSSF) was launched in 2020 by the Linux F... Read more
1 year ago
Nearly all organizations (98.6 percent) are experiencing worrisome misconfigurations that pose significant risks to data and infrastructure. According to research by Zscaler, the increasing use of cloud technology is leading to more and more vulnerability problems. In the study, Zscaler finds th... Read more
1 year ago
The open-source technology allows users to verify the reliability of software components. Sigstore is used by the developers of giant projects like Kubernetes and Python. The free technology was recently made generally available. Software supply chain security is a growing problem. Vulnerabilit... Read more
1 year ago
The login credentials of 25 percent of the 500 largest US organizations are for sale on the dark web, according to researchers from BitSight Technologies. Single sign-on (SSO) credentials allow users to log into multiple applications and websites with a single identity. A single identity reduce... Read more
2 years ago
