While details of the breach are limited, CISA sends alert after security researchers discover compromise.

In this episode, we discuss digital supply chain governance and compliance, featuring Josh Marpet from Guarded Risk, hosted by Paul Asadoorian and Allan Alford. Specifically, we discuss: The importance of understanding and complying with regulations affecting digital supply chains, such as Executive Order 14028 and the NIST Cybersecurity Framewor...

Mounting software supply chain attacks have prompted Synopsys to introduce the new Black Duck Supply Chain Edition software composition analysis solution, reports SiliconAngle.

Jim joins the Security Weekly crew to discuss all things supply chain! Given the recent events with XZ we still have many topics to explore, especially when it comes to practical advice surrounding supply chain threats.

The records were taken in a cyberattack against a firm providing support services for a Justice Department court case.

Security pros say threat actors could use the leaked data to run phishing attacks that would steal Home Depot corporate credentials and launch ransomware attacks.

We look into the supply chain saga of the XZ Utils backdoor. It's a wild story of a carefully planned long con to add malicious code to a commonly used package that many SSH connections rely on. It hits themes from social engineering and abuse of trust to obscuring the changes and suppressing warnings. It also has a few lessons about software devel...