chain
-
Blog
390,000 WordPress accounts stolen from hackers in supply chain attack
A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker. Researchers at Datadog Security Labs, who spotted the attacks, say that SSH private keys and AWS access keys were also stolen from the compromised systems of hundreds of other victims, believed to include…
Read More » -
Blog
US expands curbs on China’s AI memory and chip tools, raising supply chain concerns
“Tech firms, especially those involved in AI training and inference, may experience delays and higher costs in acquiring these essential components,” Rawat said. “Similarly, server and PC chip shortages are exacerbated by restrictions on chipmaking tools, making it harder for Chinese manufacturers to produce advanced chips for servers and high-performance systems, potentially leading to delays or reliance on less advanced…
Read More » -
Blog
Supply chain scares and Google’s AI code
November has come to a close, and the depths of winter are just around the corner. But that doesn’t mean events in tech are slowing down at all – nor that attackers are taking an early Christmas break. In the past month, we’ve seen a slew of cyber incidents, ranging from high-profile exploits of Microsoft vulnerabilities to a ransomware attack…
Read More » -
Blog
Blue Yonder ransomware attack disrupts grocery store supply chain
Supply chain management firm Blue Yonder is warning that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK. Blue Yonder (formerly JDA Software) operates as a Panasonic subsidiary with an annual revenue of over a billion USD and 6,000 employees. The company offers AI-driver supply chain solutions to retailers, manufacturers, and…
Read More » -
Blog
Fried chicken chain Bojangles breached; SSNs and medical info stolen by ransomware gang
Fast-food fried chicken chain Bojangles yesterday confirmed it notified more than 33,000 people of a February 2024 data breach that compromised the following info: Names Social Security numbers Government-issued ID numbers, e.g. driver’s license or passport Financial account numbers Credit and debit card numbers Medical info Health insurance info Based on the info listed above, we can infer the data…
Read More » -
Blog
How AI Drives Supply Chain Automation for Retailers Worldwide
Artificial intelligence is becoming crucial to how large retail organisations manage and optimise supply chains. From predicting seasonal demand in goods to automating inventory ordering, AI is helping supply chain management system vendors gain new efficiencies for their clients. In 2022, McKinsey reported that supply chain management was the top area where businesses reported AI-related cost reductions. At the time,…
Read More » -
Blog
LottieFiles hit in npm supply chain attack targeting users’ crypto
LottieFiles announced that specific versions of its npm package carry malicious code that prompts users to connect their cryptocurrency wallets so they can be emptied. As discovered yesterday, following multiple user reports about strange code injections, the affected versions are Lottie Web Player (“lottie-player”) 2.0.5, 2.0.6, and 2.0.7, all published yesterday. LottieFiles quickly released a new version, 2.0.8, which is…
Read More » -
Blog
Energy firms need to up their game to protect against supply chain risks
The energy sector is facing a surge in supply chain risks thanks to a growing dependence on vendors, with two-thirds of breaches now coming from software and IT vendors. In a report from SecurityScorecard and KPMG, ‘A Quantitative Analysis of Cyber Risks in the U.S. Energy Supply Chain’, security researchers and industry subject professionals highlighted frequent threats such as ransomware…
Read More » -
Blog
UK Public sector at risk from supply chain attacks, new report warns
Limited visibility of their software supply chains is leaving UK public sector organizations vulnerable, with more than half exposed to cyberattacks in the last twelve months, according to research from Blackberry. Half (51%) of UK IT decision-makers across healthcare, education, and government organizations received notification of an attack or vulnerability in their software supply chain in the last twelve months…
Read More » -
Blog
The importance of supply chain resilience
The complexity of software in the modern enterprise means that supply chain breaches are becoming the norm. They’re one of the easiest ways into corporate environments, with third-party exposure a key obstacle organizations must learn to overcome. In some respects, it seems like supply chain vulnerabilities have been more of a focus in recent years, although admittedly there have been…
Read More »