As more organizations shift to cloud-native application development to support new business features and digital transformation initiatives, software supply chain issues have become more visible. Because cloud-native development relies so heavily on open source software, organizations have to start thinking about the components that go into these applications. To build these cloud-native applications, developers have…

The last year saw a rise in the sophistication and number of attacks targeting industrial infrastructure, including the discovery of a modular malware toolkit that’s capable of targeting tens of thousands of industrial control systems (ICS) across different industry verticals. At the same time, incident response engagements by industrial cybersecurity firm Dragos showed that 80%…

The San Jose company announced Wednesday that former Digital Guardian CEO Mordecai (Mo) Rosen will take the reins at Skybox and manage the company through a new financing round that brings the total raised to $335 million. The private equity-backed Skybox said investors in the latest round include CVC Growth Funds, Pantheon, and J.P. Morgan….

We’ve recently seen substantial layoffs across the tech sector, to the tune of around 140,000 redundancies made by big names such as Amazon, Salesforce, Microsoft, and Tesla. As the recession bites, falling stock prices and further contraction in the market, together with merger and acquisition activity, are expected to force businesses to reduce head count…

BlueVoyant has strengthened its ability to monitor the remediation of supply chain issues and integrate that with questionnaire activity, co-founder and CEO Jim Rosenthal says. Existing supply chain security tools tend to generate lots of risk information but then put the burden on the client to interact with their suppliers about remediating that risk, Rosenthal…

QuSecure, a quantum-computing technology company based in Silicon Valley, today announced the latest version of its security platform, called QuEverywhere — designed to allow organizations to extend quantum-safe security all the way to endpoints like laptops and smartphones, the company said in a statement. QuEverywhere, according to the company, is an app- or browser-based method…

The intricate labyrinth of open source dependencies across the global software supply chain has created an application security puzzle of mammoth proportions. Whether open source or closed, most of the world’s software today is built on third-party components and libraries. Consequently, one piece of vulnerable code in even the smallest of open source projects can…

Cybercriminals have lost little time in converting the artificial intelligence capabilities of ChatGPT to malicious purposes by using it to generate malware scripts. Security researchers at Check Point found members of the low-level hacking community Breach Forums posting over the past few weeks the results of interactions with the OpenAI-developed tool. They include a machine-learning…