A new open framework seeks to outline a comprehensive and actionable way for businesses and security teams to understand attacker behaviors and techniques specifically impacting the software supply chain. The Open Software Supply Chain Attack Reference (OSC&R) initiative, led by OX Security, evaluates software supply chain security threats, covering a wide range of attack vectors including vulnerabilities in third-party libraries and components, supply chain attacks on build and deployment systems, and compromised or malicious software updates. Cybersecurity professionals among the matrix’s founding consortium include representatives from GitLab as well as former leaders from Microsoft, Google Cloud, Check Point Technologies, and OWASP.
To read this article in full, please click here
More Stories
Data Breach at MC2 Data Leaves 100 Million at Risk of Fraud
The data leak exposed personal data of 100m US citizens, resulting from a misconfigured database made accessible online Read More
U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex
The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash, a now-defunct cybercrime store that...
When UK rail stations’ Wi-Fi was defaced by hackers the only casualty was the truth
If you believed some of the news headlines in the UK on Thursday, you would think that something much more...
Over a Third of Employees Secretly Sharing Work Info with AI
A CybSafe survey found that 52% of workers have not yet received any training on safe AI use Read More
CISA warns hackers targeting industrial systems with “unsophisticated methods” as claims made of Lebanon water hack
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that hackers continue to be capable of compromising industrial control...
Cybercriminals Hack UK Rail Network Wi-Fi
UK train stations, including London Euston and Manchester Piccadilly, faced a cyber-attack displaying Islamophobic messages Read More