Threatrix Blog

Enterprise open source security & compliance

Blog Background

Results for:

Clear

Category: CYBER ATTACK

Clear
The FTC Will Pursue Companies Not Patching Log4j to Protect Customer Data
The FTC Will Pursue Companies Not Patching Log4j to Protect Customer Data

Log4Shell exploits are present in 17,000 unpatched Log4J packages in the Maven Central ecosystem, posing a significant supply-chain risk. Google security estimates that approximately 17,000 Java packages in the Maven Central repository are vulnerable to Log4j – and that it will take “years” for it to be fixed across the ecosystem.

Threatrix
What Are the Ingredients for an Accurate SBOM?

The Software Bill of Materials (SBOM) has made quite a stir lately. From President Biden’s executive order to further secure our infrastructure to the NHS in Britain, emulating the mandate to improve security and transparency for England’s healthcare system.

Information Security Training Should Be Top Priority
Information Security Training Should Be Top Priority

The pressures of being a CISO are extensive and extend well past concerns of incident response time. There are pressures of maintaining budgets, reporting improved performance to stock-holders, and when the breadth and number of cyberattacks are increasing, the challenges to find qualified prospects to fill a considerable number of unfilled positions.

Developers Be Aware of Open Source Attacks
Developers Be Aware of Open Source Attacks

Open source is systematically being attacked on the infrastructure used to distribute code. In a few years, we’ve experienced attacks on pre-existing vulnerabilities occurring months after a disclosure down to a few days. Attackers now directly hijack the publisher’s credentials and distribute malicious components.

IT Contractor Sentenced to 2 Years in Prison for Retaliatory Cyber Attack
IT Contractor Sentenced to 2 Years in Prison for Retaliatory Cyber Attack

Deepanshu Kher, an IT contractor who was caught hacking into a Carlsbad companies server was sentenced to two years in prison. He was found guilty of deleting over 1200 of its 1500 Microsoft 0365 user accounts. He was retaliating for being fired from the IT consulting firm that was assisting an unidentified company with its […]