Supply chain, Supply chain

What to do? GSA cyber advisor offers tips on supply chain risk management.

The recent SolarWinds attack left supply chains in an unwanted spotlight, but also in turn spurred urgency around addressing the vulnerabilities that often exist with third-party software.

So what should organizations do? Alyssa Feola, cybersecurity advisor in the Technology Transformation Services division within The General Services Administration, spoke with Security Weekly's Adrian Sanabria about the recent events and how to minimize the risks.

Related

Hugging Face compromised with malicious AI models

Both malicious packages resembling proof-of-concept models were not identified by Hugging Face's Picklescan security tool due to differences in compression format with PyTorch, as well as a security issue that prevented the proper scanning of Pickle files that could facilitate compromise, according to a report from ReversingLabs.

Third-party breach impacts Grubhub customer data

Such a third-party breach not only led to the exposure of individuals' names, phone numbers, and email addresses, but also the exfiltration of some customers' partial credit card details and legacy systems' hashed credentials, said Grubhub in a statement.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds