supply chain security Archives

Flags of the Workers’ Party of Korea, the foundational political party of the Democratic People’s Republic of Korea. (Getty Images)

Supply chain cyberattack with possible links to North Korea could have thousands of victims globally

An attack that could be the work of the notorious Lazarus Group attempted to install infostealer malware inside corporate networks.

Mar 29, 2023 By AJ Vicens

(Photo by NHAC NGUYEN/AFP via Getty Images)

Solana hack wipes more than 7,000 wallets, totaling nearly $5 million in losses

The apparent software-based attack stands out among other major cryptocurrency hacks that have totaled nearly $2 billion so far in 2022.

Aug 3, 2022 By Tonya Riley

Backbone is everything, don’t be owned by your infrastructure: Lessons from Ukraine for America

Russia — in its Soviet incarnation — was the source of Ukraine’s infrastructure. Postwar pipes for everything from water to telecommunications in Ukraine is Russian in origin.

Feb 28, 2022 By Frank Cilluffo Sharon Cardash

WASHINGTON, DC – AUGUST 25: U.S. President Joe Biden speaks during a meeting about cybersecurity in the East Room of the White House. Members of the Biden cabinet, national security team and leaders from the private sector attended the meeting about improving the nation’s cybersecurity. (Photo by Drew Angerer/Getty Images)

White House rolls out pipeline, supply chain security initiatives as companies pledge billions in cyber spending

Companies also will offer cyber tools and training after a private sector cybersecurity summit at the White House.

Aug 25, 2021 By Tim Starks

U.S. President Joe Biden speaks during an event in the East Room of the White House on August 23, 2021 in Washington, D.C. (Photo by Drew Angerer/Getty Images)

Apple, JPMorgan Chase bosses among industry heads set to gather at White House for cyber ‘call to action’

The administration expects to make "concrete announcements" about tackling root causes of cyberattacks, a senior official said.

Aug 25, 2021 By Tim Starks

SolarWinds CEO Sudhakar Ramakrishna attends a Senate Intelligence Committee hearing on Capitol Hill on February 23, 2021 in Washington, DC. The hearing focused on the 2020 cyberattack that resulted in a series of major data breaches within several U.S. corporations and agencies and departments in the U.S. federal government. (Photo by Demetrius Freeman-Pool/Getty Images)

SolarWinds CEO reveals much earlier hack timeline, regrets company blaming intern

The new SolarWinds timeline places the earliest activity at around eight months earlier than previously disclosed.

May 19, 2021 By Tim Starks

Tonya Ugoretz, FBI, Cyber Division — Tonya Ugoretz speaks April 4, 2019, at the Cybersecurity Leadership Forum presented by Forcepoint and produced by CyberScoop and FedScoop. (CyberScoop)

National security officials outline hopes for US data breach notification law

A national breach notification law needs to be simple and limited, officials said, but stopped short of endorsing a specific proposal.

May 18, 2021 By Tim Starks

Biden signs security-focused executive order meant to accelerate breach reporting, boost software standards

“The cost of the continuing status quo is simply unacceptable," a senior Biden administration official said.

May 12, 2021 By Sean Lyngaas

John Demers Department of Justice DOJ — Assistant Attorney General for National Security John Demers speaks May 31, 2018, at the Cyber Threat Intelligence Forum presented by FireEye and produced by CyberScoop and FedScoop. (CyberScoop)

US spy agencies review software suppliers’ ties to Russia following SolarWinds hack

The Biden administration is still studying how future spying operations might emulate what the SVR allegedly did.

May 6, 2021 By Sean Lyngaas

Justice Department launches review of cyber policies after ransomware, supply chain scourges

It's an acknowledgement that, despite indictments and arrests, cyberthreats to U.S. organizations are unrelenting.

Apr 30, 2021 By Sean Lyngaas