Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Report: Code Responsible for Equifax Breach Downloaded 21 Million Times Last Year

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 27 Jun 2019 08:06:58 +0000 (UTC)
https://www.nextgov.com/cybersecurity/2019/06/report-code-responsible-equifax-breach-downloaded-21-million-times-last-year/158042/

By Jack Corrigan,
Staff Correspondent
Nextgov
June 26, 2019
Digital adversaries are increasingly targeting the supply chain for open source software to gain covert access to government and industry networks, according to a recent report.
That said, the number of breaches tied to open source software is falling as organizations get smarter about their IT development practices, security researchers found.
The popularity of open source software has skyrocketed in recent years as developers are expected to churn out more fresh tech in less time. In its fifth annual State of the Software Supply Chain report, researchers at Sonatype said the number of weekly downloads of the popular open source software package Java nearly tripled in 2018, from 3.5 billion to 10 billion.
But as virtually every organization comes to rely on crowdsourced code to run their tech, they also face more potential cybersecurity risks. Many open source components contain vulnerabilities, and if groups aren’t careful they could unknowingly install compromised software. 

[...]


--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: