Lucene search
K

23 matches found

hivepro
hivepro
added 2026/04/29 11:36 p.m.5 views

Supply Chain Cybersecurity Risk Management Guide

Your organization's security is only as strong as its weakest vendor. A single compromised supplier, an unpatched software dependency, or a breached managed service provider can give attackers a direct path into your environment, bypassing every control you have built internally. The SolarWinds...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/16 11:26 a.m.13 views

From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains

Introduction Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, cloud-based services, and global logistics networks, cybercriminals are exploiting vulnerabilities within these...

8.1AI score
Exploits0
hivepro
hivepro
added 2024/12/24 1:0 p.m.9 views

The Impact of Supply Chain Attacks on the Global Landscape

Background From the Silk Road’s ancient trade routes to today’s global networks, supply chains have shaped empires, fueled revolutions, and driven economies. Now, in an age of digital transformation, they’ve evolved from logistical backbones into dynamic, tech-driven ecosystems. Powered by digita...

7.3AI score
Exploits0
Citrix
Citrix
added 2024/07/13 12:0 a.m.9 views

Support for XenApp in Virtualized Environments

This article provides information on support for XenApp in virtualized environments. Virtual servers provide mainframe-class virtual machines on Intel and AMD architecture servers, and are ideally suited for consolidating and partitioning systems in high-performance environments. Citrix supports...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/31 11:45 p.m.25 views

Financial services company OneMain fined $4.25 million for security lapses

A series of security errors and mishaps has cost personal loan provider OneMain $4.25m in penalties, issued by the New York State department of financial services. The fines, coming at the end of a detailed investigation into how security practices at the company were determined to be below-par,...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/16 5:42 a.m.50 views

Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack

Popular end-to-end encrypted messaging service Signal on Monday disclosed the cyberattack aimed at Twilio earlier this month may have exposed the phone numbers of roughly 1,900 users. "For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/08/23 2:9 p.m.20 views

Navigating Vendor Risk Management as IT Professionals

One of the great resources available to businesses today is the large ecosystem of value-added services and solutions. Especially in technology solutions, there is no end to the services of which organizations can avail themselves. In addition, if a business needs a particular solution or service...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/24 8:9 a.m.83 views

Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs

Click Studios, the Australian software company behind the Passwordstate password management application, has notified customers to reset their passwords following a supply chain attack. The Adelaide-based firm said a bad actor used sophisticated techniques to compromise the software's update...

0.4AI score
Exploits0
Akamai Blog
Akamai Blog
added 2020/11/10 5:0 p.m.33 views

A new skimmer uses WebSockets and a fake credit card form to steal sensitive data

A new skimmer attack was discovered this week, targeting various online e-commerce sites built with different frameworks. As of the writing of this blog post, the attack is still active and exfiltrating data. Attackers are exploiting an expanding in-browser attack surface and continually evolving...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/03/11 3:44 p.m.39 views

Securing the MSP: best practices for vetting cybersecurity vendors

Ironically, to keep costs low for their enterprise and mid-market clients, managed service providers MSPs are some of the most reliant on third-party vendors—including those providing security. While this is generally not an indication of dysfunction or vulnerability, the responsible MSP will be...

Exploits0
ThreatPost
ThreatPost
added 2019/12/16 4:44 p.m.75 views

Echobot IoT Botnet Casts a Wide Net with Raft of Exploit Additions

A variant of the Mirai Internet of Things IoT botnet known as “Echobot” has added 13 more vulnerability exploits to its bag of infiltration tricks, according to researchers. These target a range of devices, including routers, firewalls, IP cameras, server management utilities, a programmable logi...

10CVSS0.58879EPSS
Exploits3References11
ThreatPost
ThreatPost
added 2019/12/09 10:7 p.m.12 views

Birth Certificate Data Laid Bare on the Web in Multiple States

A third-party government supplier has exposed hundreds of thousands of applications containing birth-certificate data. The trove of information is owned by a company that provides an online platform to state governments – including California, New York and Texas – that allows residents to request...

6.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/12/04 9:11 p.m.50 views

Nebraska Medicine Breached By Rogue Employee

Hospital network Nebraska Medicine has disclosed a data breach after a former employee accessed sensitive patient data – including medical records and Social Security numbers. The Nebraska Medicine network encompasses Nebraska’s largest hospital, Nebraska Medical Center, as well as other location...

1.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/06/24 1:0 p.m.156 views

The Modern-Day Heist: IP Theft Techniques That Enable Attackers

The Great Train Robbery of 1963 in Buckinghamshire, U.K., was orchestrated by a gang of 15 robbers that devised and executed a well-laid-out plan over the course of several months. Fast-forward 56 years and we’re still seeing gangs of modern-day robbers orchestrating elaborate plans – only in 201...

0.3AI score
Exploits0References4
Malwarebytes
Malwarebytes
added 2019/05/29 6:51 p.m.75 views

NIST’s privacy framework lets privacy tell its own story

Online privacy remains unsolved. Congress prods at it, some companies fumble with it while a small handful excel, and the public demands it. But one government agency is trying to bring everyone together to fix it. As the Senate sits on no fewer than four data privacy bills that their own members...

6.6AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/10/10 12:41 a.m.117 views

Naming & Shaming Web Polluters: Xiongmai

What do we do with a company that regularly pumps metric tons of virtual toxic sludge onto the Internet and yet refuses to clean up their act? If ever there were a technology giant that deserved to be named and shamed for polluting the Web, it is Xiongmai -- a Chinese maker of electronic parts th...

8.5AI score0.01251EPSS
Exploits4
Qualys Blog
Qualys Blog
added 2018/05/25 9:11 a.m.142 views

GDPR Compliance: Manage Procedural Risk Assessments with New GDPR Templates

The EU’s General Data Protection Regulation GDPR goes into effect today, imposing strict security requirements on any company worldwide that handles the personal data of EU residents. Qualys Security Assessment Questionnaire SAQ – a Qualys app that helps you with this type of procedural risk...

0.7AI score
Exploits0
myhack58
myhack58
added 2016/04/04 12:0 a.m.27 views

Supply chain security issues in reproduction: a medicines management system How will A 1 4 0 0 a vulnerability-vulnerability warning-the black bar safety net

! Industrial control systems network Emergency Response Team, ICS-CERT on Tuesday issued a notice to appear, a widely used medication management system in the presence of more than 1 4 0 0 a vulnerability. Security researchers independently of the road Pyxis SupplyStation are United by CareFusion...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2015/04/13 2:56 p.m.11 views

Cybersecurity Vulnerabilities Identified in Banking Vendors

In hopes of bolstering security, banks in New York over the next several weeks want to enact new regulations for any third party vendors they do business with. A report released last week pointed out that one in three N.Y. banks don’t require their vendors to notify them in the event they...

0.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2012/10/24 12:0 a.m.27 views

Verizon DBIR Analysis: Opportunistic Attacks Crushing Certain Industries

Regardless of the market or industry, the majority of attacks are financially motivated. Even in data-rich environments such as health care, attackers are still after profits and exploit the same weaknesses and transaction processing systems that are vulnerable in other industries such as hotels...

1.7AI score
Exploits0References4
Rows per page
Query Builder