supply chain

Third Party Cyber Risk is growing. Most Companies aren’t prepared.

Third party cyber risk is a growing concern for organizations, as breaches and hacks tied to third party providers and applications multiply. How do you know if your third party cyber risk management program is up to the task? Our new e-book, sponsored by CyberGRX, will help you figure it out!

application code on screen

Spotlight Podcast: Fixing Supply Chain Hacks with Strong Device Identities

Supply chain hacks like ME Docs and ASUS aren’t inevitable. In this Spotlight Podcast, sponsored by Trusted Computing Group, I speak with Dennis Mattoon, a Principal Researcher at Microsoft Research and the Chairman of the Trusted Computing Group’s DICE Architectures Working Group* about how strong device identities for IoT endpoints can stop supply chain compromises.

Asus ShadowHammer suggests Supply Chain Hacks are the New Normal

The compromise of device maker Asus Live Update Utility is just the latest evidence that sophisticated attackers have software supply chains in the crosshairs.

Hal9000

Podcast Episode 134: The Deep Fake Threat to Authentication and analyzing the PEAR Compromise

Vijay Balasubramaniyan of Pindrop joins us to talk about it. And, in our second segment, Sam Bisbee the CSO of the firm ThreatStack joins us to talk about last month’s hack of the PEAR open source package manager and why data deserialization attacks are a growing threat to projects that use open source components.

More Questions as Expert Recreates Chinese Super Micro Hardware Hack

Though the companies named in a blockbuster Bloomberg story have denied that China hacked into Supermicro hardware that shipped to Amazon, Apple and nearly 30 other firms, a recent demonstration at hacking conference in Germany proves the plausibility of the alleged hack.