Sounil Yu, CISO at JupiterOne, discusses software bills of materials (SBOMs) and the need for a shift in thinking about securing software supply chains.
https://threatpost.com/mandate-zero-trust-software-supply-chains/175333/
Apache Web Server Zero-Day Exposes Sensitive Data
-
The open-source project has rolled out a security fix for CVE-2021-41773, for which public cyberattack exploit code is circulating.
https://threatpost.com/apache-web-server-zero-day-sensitive-data/175340/