Supply chain has been a hot topic for a few years now, but so many things we need to do for a secure supply chain aren't new at all. We'll cover SBOMs, vuln management, and putting together a secure pipeline.
Segment resources:
https://www.solarwinds.com/assets/solarwinds/swresources/whitepaper/2111swiwhitepaper_nextgenbuild.pdf
https://next.red...
We dig into network devices/appliances, why they are still around, who is attacking them, and how. Just why are attackers using network devices in ransomware campaigns and how do we stop them? Tune-in to find out as Nate Warfield, Director of Threat Research and Intelligence at Eclypsium joins us for this episode!
This segment is sponsored by Ecly...
In this news segment, we start off by discussing funding, acquisitions, and Ironnet's unfortunate demise. We discuss Gmail's new, extra verifications for sensitive actions and Lockheed Martin's Hoppr SBOM and software supply-chain utility kit. We get into CISA's roadmap to help secure open source software, and their offer to run free vulnerability ...
The strategy is designed to focus federal resources towards better investment in a range of emerging technologies while also building an environment for innovation and a stable of qualified domestic workers for businesses and governments to tap.
The money is designed to go to badly underfunded smaller and rural utilities in order to build more cyber resilience and defend against cyber attacks, ransomware actors and other digital threats.
According to Mandiant, threat group UNC4841 dropped a second wave of backdoor malware on some victims, including government organizations, to maintain persistence for espionage purposes.
