Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection

December 13, 2024 at 12:57PM A critical vulnerability (CVE-2024-54143) in OpenWrt’s Attended Sysupgrade could allow attackers to inject malicious firmware by exploiting command injection and hash collision issues. Patched in version 920c8a1, the flaw poses a severe supply chain risk as no authentication is required for exploitation. Users are urged to update immediately. ### Meeting … Read more

Manufacturers Rank as Ransomware’s Biggest Target

October 2, 2024 at 09:02AM The manufacturing industry has become a prime target for ransomware attacks, accounting for 21% of such incidents and putting companies at three times higher risk. A Black Kite study reveals that 80% of manufacturing firms have critical vulnerabilities and 67% are listed in the Known Exploited Vulnerabilities catalog. Persistent patch … Read more

OneTrust Automates DORA ICT Risk Management and Compliance

September 26, 2024 at 04:26PM OneTrust announced new capabilities to enhance resilience and operationalize compliance with the EU’s Digital Operational Resilience Act (DORA). These include automated DORA report creation, enhanced risk and compliance data feeds, and fourth- and nth-party risk management features. OneTrust’s Third-Party Management helps comply with DORA and integrates with Compliance Automation. Visit … Read more

Chinese spies spent months inside aerospace engineering firm’s network via legacy IT

September 18, 2024 at 01:08PM Chinese state-sponsored spies breached a global engineering firm’s network using default credentials on an IBM AIX server. The espionage, attributed to a People’s Republic of China team, aimed for intellectual property theft and supply-chain manipulation. Despite exposure to local and federal agencies, the intruders established persistent access before getting caught, … Read more

Unexpected Lessons Learned From the CrowdStrike Event

July 25, 2024 at 02:44PM Many organizations are facing global IT issues due to a defect in CrowdStrike’s Falcon sensor content update, impacting operations across sectors. This event highlights the importance of improving cyberattack response capabilities. Lessons include evaluating detection speed, prioritizing recovery, executing business continuity plans effectively, and addressing supply chain risks to enhance … Read more

Fighting Third-Party Risk With Threat Intelligence

July 24, 2024 at 05:58PM The global supply chain network has increased organizations’ interconnectedness, posing a higher risk of data breaches and security incidents involving third-party vendors. Research shows 98% of organizations have experienced third-party cybersecurity breaches in the past two years. Investments in third-party risk management programs are rising, with a focus on using … Read more

Kaspersky Is an Unacceptable Risk Threatening the Nation’s Cyber Defense

July 22, 2024 at 10:13AM The US federal government has announced a ban on Kaspersky software due to cybersecurity threats and its association with Russia, reinforcing concerns over foreign software supply chain threats. Geopolitical tensions are impacting cybersecurity, necessitating organizations to consider these implications in their cybersecurity strategies and collaborate for proactive threat intelligence to … Read more

It’s Time to Reassess Your Cybersecurity Priorities

July 10, 2024 at 07:48AM The author reflects on their 100 columns for SecurityWeek and the lack of progress in cybersecurity. They note the increasing frequency and severity of cyber breaches and emphasize the human element in security vulnerabilities. They advocate for enhancing identity management, endpoint security, cloud and supply chain risk management, risk-based prioritization, … Read more

Over 380k Hosts Still Referencing Malicious Polyfill Domain: Censys

July 3, 2024 at 09:57AM Censys reports over 380,000 internet-exposed hosts with JavaScript scripts referencing the suspended polyfill.io domain. Following its suspension for malicious activities, over 100,000 websites were affected, prompting industry responses. Censys now identifies 384,773 hosts still referencing the domain. Further concerns arise about other potentially compromised domains controlled by the same threat … Read more

Polyfill claims it has been ‘defamed’, returns after domain shut down

June 27, 2024 at 06:57AM The Polyfill.io JavaScript CDN service was shut down due to researchers discovering malicious code being delivered to over 100,000 websites. The service has since been relaunched on a new domain, polyfill.com, claiming to have no supply chain risks. However, doubts remain due to security practitioners’ findings and concerns raised by … Read more