The Defense Department has been failing to take into account the potential security risks of buying commercial off-the-shelf (COTS) technology items such as laptops, security cameras, software and networking equipment, according to the office of the Pentagon Inspector General.
Topic: Cyber Supply Chain
Google confirmed that cyberthieves had managed to pre-install malware into the Android framework backdoor. In short, the malware appeared to be blessed by Google at the deepest point within Android.
The federal government wants to hold defense contractors accountable for the cybersecurity of their supply chains but that's no easy feat, experts said Tuesday.
Hackers are shifting their tactics away from traditional phishing and ransomware attacks, and moving toward stealthier intrusions via websites and the software supply chain, according to a recent report.
The military supply chain is vast, multifaceted, and riddled with potential cyber vulnerabilities.
Historically, an organization developed a Cybersecurity program to achieve compliance. It has been our experience, organizations which achieve full compliance cannot continue to operate because of strict Compliance requirements and the lack of a functional Cybersecurity program. The lack of a functional Cybersecurity program enables methodologies found
The massive size of the WordPress plugins ecosystem is starting to show signs of rot, as yet another incident has been reported involving the sale of old abandoned plugins to new authors who immediately proceed to add a backdoor to the original code.
Software assurance (SwA) is the “level of confidence that software functions as intended and is free of vulnerabilities, either intentionally or unintentionally designed or inserted as part of the software, throughout the life cycle.”  The latest change to Department of Defense (DoD) Instruction (DoDI) 5000.02, Operation of the Defense Acquisition System
Modern weapons systems have depended on microelectronics since the inception of integrated circuits over fifty years ago. Today, most electronics contain programmable components of ever increasing complexity. At the same time, the Department of Defense (DoD) has become a far less influential buyer in a vast, globalized supplier base.3 Consequently, assuring