This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies By closing this message or continuing to use our site, you agree to our cookie policy. Learn MoreThis website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
Last month’s ASUS APT attack doesn’t come as a surprise to any security-conscious industry watcher – this highlights a long-standing flaw in many software supply chains today. Attackers have been engaged in spoofing websites, stealing credentials and gaining unauthorized access for years. Injecting malicious code into legitimate tools that are designed to protect represents the next evolution in putting companies and their customers at risk.
Software is becoming ever more sophisticated and powerful. Its advance and innovation can be tied directly to the proliferation of open source. As more open source components find their way into published software, it is critical that known security vulnerabilities within the software are uncovered and patched. Failure to do so will either significantly increase the number and cost of attacks or impair the adoption of new technologies powered by the software.
Right now, the bad guys are winning." It’s a bleak statement from Dave Frymier, the CISO for Unisys Corp., but one that many enterprise security executives need to hear.
