SolarWinds Attacker Targets Cloud Service Providers in New Supply Chain Threat
Tuesday, October 26, 2021
Microsoft says the group has attacked more than 140 service providers and compromised 14 of them between May and October of this year.
ImmuniWeb founder Ilia Kolochenko recommends organizations implement a third-party risk management (TPRM) program that goes beyond the usual one-size-fits-all questionnaire for assessing vendor risk. He suggests organizations focus on drafting an adequate, proportional, and threat-aware vendor assessment process as part of their TPRM process.
"Reasonable contractual clauses, allocating the risks of data breaches and security incidents, can motivate vendors to maintain better security," he says. Read Full Article
CPO Magazine: Apple Makes Case Against App Sideloading by Comparing iPhone Security to Android Malware Stats
ValueWalk: Crypto Fraud Costs More Than $200 Million This Year, U.K. Police Say