Google Intros SLSA Framework to Enforce Supply Chain Integrity

https://www.securityweek.com/google-intros-slsa-framework-enforce-supply-chain-integrity The U.S. tech giant this week unveiled SLSA (Supply chain Levels for Software Artifacts), a new end-to-end framework the company hopes will drive the enforcement of standards and guidelines to ensuring the integrity of software artifacts throughout the software supply chain. The long-term goal is for SLSA to support the automatic creation of auditable […]

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

https://securityaffairs.co/wordpress/119051/cyber-crime/unc2465-supply-chain-attack.html An affiliate of the Darkside ransomware gang, tracked as UNC2465, has conducted a supply chain attack against a CCTV vendor, Mandiant researchers discovered. UNC2465 is considered one of the main affiliated of the DARKSIDE group, along with other affiliates gangs tracked by FireEye/Mandiant as UNC2628 and UNC2659. The crooks compromised the website of the […]

Blueskytec and Schneider Electric

Blueskytec are proud to have been selected by Schneider Electric as strategic partners in securing the UK/US Critical National Infrastructure. This strategic partnership leverages the Blueskytec Key Space Technology ™ Zero Trust Architecture technology into Industrial systems including energy distribution, renewables, smart cities, and many other areas of global interest for Schneider Electric. We are […]

University hacked through vending machines

Hackers attacked an unnamed university using the school’s IoT devices, including the vending machines and smart light bulbs. The issue was only discovered following increasing complaints from students and facility about slow network connections. A review by a Verizon research team revealed over 5000 hacked IoT devices were slowing the network by making seafood-related DNS […]

Research Shows Fitbits are Venerable to Hacking

Researchers from the University of Edinburgh have revealed the venerabilities of FitBit devices as modifications made to the Flex and One models allowed them to access encrypted information. While Fitbit has now updated it’s software to fix this issue the study highlights the potential security weaknesses of wearables and other IoT devices. See the full […]