Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Mandating a Zero-Trust Approach for Software Supply Chains

Vulnerabilities

Cerberus last edited by

Sounil Yu, CISO at JupiterOne, discusses software bills of materials (SBOMs) and the need for a shift in thinking about securing software supply chains.

https://threatpost.com/mandate-zero-trust-software-supply-chains/175333/
DISCLAIMER: Please note, that this article is not the work of (or owned by) Hostrisk.com. Attribution and copyright of this article is retained in full by the original author referred to in the Source link above
1 Reply Last reply
Reply Quote 0

Suggested Topics

Cryptominers Slither into Python Projects in Supply-Chain Campaign
Vulnerabilities • • Cerberus

1

0
Votes

1
Posts

12
Views

These code bombs lurk in the PyPI package repository, waiting to be inadvertently baked into software developers’ applications.

https://threatpost.com/cryptominers-python-supply-chain/167135/
Google Emergency Update Fixes Two Chrome Zero Days
Vulnerabilities • vulnerabilities • • Cerberus

1

0
Votes

1
Posts

5
Views

This is the second pair of zero days that Google’s fixed this month, all four of which have been actively exploited in the wild.

https://threatpost.com/google-emergency-update-chrome-zero-days/175266/
Apple AirTag Zero-Day Weaponizes Trackers
Vulnerabilities • vulnerabilities • • Cerberus

1

0
Votes

1
Posts

3
Views

Apple’s personal item-tracker devices can be used to deliver malware, slurp credentials, steal tokens and more thanks to XSS.

https://threatpost.com/apple-airtag-zero-day-trackers/175143/

1 / 1

Mandating a Zero-Trust Approach for Software Supply Chains

Suggested Topics

Cryptominers Slither into Python Projects in Supply-Chain Campaign Vulnerabilities • • Cerberus

Google Emergency Update Fixes Two Chrome Zero Days Vulnerabilities • vulnerabilities • • Cerberus

Apple AirTag Zero-Day Weaponizes Trackers Vulnerabilities • vulnerabilities • • Cerberus

Cryptominers Slither into Python Projects in Supply-Chain Campaign
Vulnerabilities • • Cerberus

Google Emergency Update Fixes Two Chrome Zero Days
Vulnerabilities • vulnerabilities • • Cerberus

Apple AirTag Zero-Day Weaponizes Trackers
Vulnerabilities • vulnerabilities • • Cerberus