Supply Chain Security

Supply Chain Security news, information, and how-to advice

Intel servers data center
chemical plant

target on shirt

Why cybersecurity will suffer the same fate in 2015 as it did in 2014

CISOs continue to beg for financial table scraps and the scraps they do get are used to double down on existing technology. The same technology that is failing them now but with a new twist or new buzzwords describing really what they...

01 gargoyle

A look back at 2014's data protection nightmare

There were nearly one billion records compromised in 2014, due in part to poor supply chain protection, malicious insider access, and lackluster access management policies. Today, Salted Hash looks back at the facts and figures of a...

breach bucket
In Depth

Nearly a billion records were compromised in 2014

In first nine months of 2014, after 1,922 confirmed incidents, criminals managed to compromise 904 million records. Many of the incidents reported in 2014 were record setting, including twenty of them that resulted in the compromise...

retail theft

Cost of retail crime skyrockets nearly 30 percent

Higher proportions of employee theft and shoplifting as a share of all retail losses, combined with higher spending on loss prevention, resulted in a 27 percent increase of the cost of retail crime in the United States, according to...

computer chip circuit board technology electrical equipment mother board processor engineering 0000

Chipmaker deliberately cripples user devices with driver update

FTDI, creator of a popular line of USB-to-Serial chips used by hardware hackers and embedded in a number of consumer devices the world over, is using a driver update to crush counterfeiters by rendering the fake chips useless once...

ss apple iphone evolution carousel 100412891 orig

Here are the limits of Apple's iOS 8 privacy features

The privacy improvements in the latest version of Apple's mobile operating system provide necessary, but limited, protection to customers, experts say.

goodwillcap

Goodwill payment systems compromised

Just when you might have thought there wasn’t anymore staying power in the parade of stories about point of sale systems being hacked we find that even Goodwill isn’t immune. Last week the organization confirmed that their...

home depot

New details suggest that Home Depot breach is nationwide

New information suggests that the Home Depot breach may extend to all 2,200 stores. Comparing the ZIP codes from the stolen cards available online to the ZIP codes associated with the improvements retailer, there is a 99 percent...

Why our lack of understanding on China may be the biggest risk

While China’s ability to wage cyber warfare is sure, the real risk to the U.S. may be its lack of understanding the eastern nation.

vibrams

Vibram suffered five finger data breach

Vibrams hosting provider hacked.

erp

ERP: Protecting the pipeline by focusing on business-critical platforms

In early July, news circulated that a Chinese manufacturer stood accused of tampering with the firmware of hand-held scanners in order to target chain resources. So what can organizations do about this type of threat, when they're...

blackhat2013

Black Hat 2014: The challenge of securing embedded devices and IoT on display

Industry doesn’t yet fully realize extent of subversion possible through IoT security, researchers say.

steel chain with broken link close up 55909938

Insecure Connections: Enterprises hacked after neglecting third-party risks

Third-party security is continuously lacking, yet few leaders show concern or take action

stack of documents

Study examines the problems with metadata and file sharing

A study by Workshare, a company focused on secure file sharing applications, says that 68 percent of the 800 professionals surveyed failed to remove metadata before sharing documents. Due to this oversight, potentially sensitive...

Six ways to prevent a breach like the one at AT&T

A data breach like the one recently reported by AT&T demonstrates that security policies alone are only a paper tiger without the technological teeth to make sure they are enforced, experts say.

Why you need to embrace the evolution of APT

Instead of cringing at the frequently misused concept of the advanced persistent threat, the smart play is to embrace the evolution and take three actions that guide a necessary shift in the way we practice information security today

binary hard drive storage disk

Purchase order scams now targeting construction suppliers

Earlier this year, Salted Hash reported on a wave of purchase order scams targeting university suppliers. Recently, scammers have expanded their scheme, by targeting industrial construction contractors and suppliers.

Who put the cockroach in my supply chain?

Businesses have always had concerns about supply chain risks but, for most businesses, those risks involve shipping delays, parts shortages and labor issues. But that’s starting to change as evidenced by CSOonline’s recent coverage on...

Load More