Supply Chain Security

Supply Chain Security news, information, and how-to advice

01 gargoyle
breach bucket

retail theft

Cost of retail crime skyrockets nearly 30 percent

Higher proportions of employee theft and shoplifting as a share of all retail losses, combined with higher spending on loss prevention, resulted in a 27 percent increase of the cost of retail crime in the United States, according to...

computer chip circuit board technology electrical equipment mother board processor engineering 0000

Chipmaker deliberately cripples user devices with driver update

FTDI, creator of a popular line of USB-to-Serial chips used by hardware hackers and embedded in a number of consumer devices the world over, is using a driver update to crush counterfeiters by rendering the fake chips useless once...

ss apple iphone evolution carousel 100412891 orig

Here are the limits of Apple's iOS 8 privacy features

The privacy improvements in the latest version of Apple's mobile operating system provide necessary, but limited, protection to customers, experts say.

goodwillcap

Goodwill payment systems compromised

Just when you might have thought there wasn’t anymore staying power in the parade of stories about point of sale systems being hacked we find that even Goodwill isn’t immune. Last week the organization confirmed that their...

home depot

New details suggest that Home Depot breach is nationwide

New information suggests that the Home Depot breach may extend to all 2,200 stores. Comparing the ZIP codes from the stolen cards available online to the ZIP codes associated with the improvements retailer, there is a 99 percent...

Why our lack of understanding on China may be the biggest risk

While China’s ability to wage cyber warfare is sure, the real risk to the U.S. may be its lack of understanding the eastern nation.

vibrams

Vibram suffered five finger data breach

Vibrams hosting provider hacked.

erp

ERP: Protecting the pipeline by focusing on business-critical platforms

In early July, news circulated that a Chinese manufacturer stood accused of tampering with the firmware of hand-held scanners in order to target chain resources. So what can organizations do about this type of threat, when they're...

blackhat2013

Black Hat 2014: The challenge of securing embedded devices and IoT on display

Industry doesn’t yet fully realize extent of subversion possible through IoT security, researchers say.

steel chain with broken link close up 55909938

Insecure Connections: Enterprises hacked after neglecting third-party risks

Third-party security is continuously lacking, yet few leaders show concern or take action

stack of documents

Study examines the problems with metadata and file sharing

A study by Workshare, a company focused on secure file sharing applications, says that 68 percent of the 800 professionals surveyed failed to remove metadata before sharing documents. Due to this oversight, potentially sensitive...

Six ways to prevent a breach like the one at AT&T

A data breach like the one recently reported by AT&T demonstrates that security policies alone are only a paper tiger without the technological teeth to make sure they are enforced, experts say.

Why you need to embrace the evolution of APT

Instead of cringing at the frequently misused concept of the advanced persistent threat, the smart play is to embrace the evolution and take three actions that guide a necessary shift in the way we practice information security today

binary hard drive

Purchase order scams now targeting construction suppliers

Earlier this year, Salted Hash reported on a wave of purchase order scams targeting university suppliers. Recently, scammers have expanded their scheme, by targeting industrial construction contractors and suppliers.

Who put the cockroach in my supply chain?

Businesses have always had concerns about supply chain risks but, for most businesses, those risks involve shipping delays, parts shortages and labor issues. But that’s starting to change as evidenced by CSOonline’s recent coverage on...

Target credential theft highlights third-party vendor risk

Retailer discloses that attackers stole credentials from vendor to break into its network

Purchase order scam targeting university suppliers

Salted Hash has obtained a copy of a warning letter from Boston College addressed to all of their suppliers. In it, the university says that emails claiming to be from the school are requesting product quotes for merchandise and...

Amazon's promise of postal drones rides on a bed of hot air

Over the holiday weekend, millions watched as Jeff Bezos, Amazon's CEO, told 60 Minutes how he plans to use drones (customized octocoptors) to deliver packages. The service, known as PrimeAir , will fly packages that are less than...

Load More