supply chain

Downloads of open source components almost doubled in 2015 - but security concerns persist.

Developers Gorge on Open Source Amid Worries About Quality, Security

In-brief: The use of open source software is exploding, but concerns about code quality and security in the open source supply chain persist, according to a report from the firm Sonatype. 

A vulnerability in software from D-Link could leave as many as 400,000 devices vulnerable to remote attack, according to the firm Senrio.

Flaw In D-Link Software Affects 400K Devices

In-brief: A vulnerability in software by device maker D-Link is much more widespread than initially believed, affecting hundreds of thousands of Internet connected devices, including cameras, home routers, wireless access points and network attached storage.

A denial of service attack on the managed DNS firm DYN was due, in part, to attacks from Internet of Things devices running the Mirai malware.

Months Old Flaw Behind the Surveillance Cam Botnet?

In-brief: a network of 25,000 compromised closed circuit cameras has been implicated in a large denial of service attack used for cyber extortion. A known flaw in commonly used DVR technology may be to blame.

Attacks or No, Security Firms Race to Connected Vehicle Market

Attacks or No, Security Firms Race to Connected Vehicle Market

In-brief: Security giant Symantec’s foray into automotive security is just the latest sign that the connected car market is the new frontier for cyber security firms. But a dearth of attacks and long development cycles may slow progress.

Far flung supply chains for hardware and software can pose security risks for tech firms and their customers. (Image courtesy of sourcemap.com)

Software’s Sausage Factory: The Supply Chain

In-brief: Experts warn that supply chain insecurity run broad and deep, threatening the security and integrity of technology dependent organizations.