Author Archives: Chris Mobley

Google Intros SLSA Framework to Enforce Supply Chain Integrity

https://www.securityweek.com/google-intros-slsa-framework-enforce-supply-chain-integrity The U.S. tech giant this week unveiled SLSA (Supply chain Levels for Software Artifacts), a new end-to-end framework the company hopes will drive the enforcement of standards and guidelines to ensuring the integrity of software artifacts throughout the software supply chain. The long-term goal is for SLSA to support the automatic creation of auditable […]

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

https://securityaffairs.co/wordpress/119051/cyber-crime/unc2465-supply-chain-attack.html An affiliate of the Darkside ransomware gang, tracked as UNC2465, has conducted a supply chain attack against a CCTV vendor, Mandiant researchers discovered. UNC2465 is considered one of the main affiliated of the DARKSIDE group, along with other affiliates gangs tracked by FireEye/Mandiant as UNC2628 and UNC2659. The crooks compromised the website of the […]