Governance, Risk & Compliance
![A ballet dancer sitting with her head in her hands](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
‘Polyfill’ Supply Chain Threat: 4x Worse Than We Thought
Richi Jennings | | App Sec & Supply Chain Security, AppSec & Supply Chain Security, CloudFlare, Funnull, Javascript, Modern Software Supply Chains, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, polyfill, SB Blogwatch, secure software supply chain, software supply chain attack, software supply chain attacks, software supply chain hygiene, software supply chain risk, Software Supply Chain risks, Supply-Chain Insecurity
Spackle attack: Chinese company takes over widely used free web service—almost 400,000 websites at risk ...
Security Boulevard
![signature, digital,](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Extending the Reach and Capabilities of Digital Signing With Standards
Digital signatures are ideal for addressing today’s challenges, providing the robust security, flexibility and scalability that organizations require for a wide range of use cases ...
Security Boulevard
![compliance, security, Puppet compliance data lifecycle](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Compliance, Security and the Role of Identity
While compliance frameworks establish baseline requirements for data protection, they may not always align with the rapidly evolving threat landscape ...
Security Boulevard
![quantum, computing, AI, DigiCert encryption,QKD quantum](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
How to Achieve Crypto Resilience for a Post-Quantum World
While it's unlikely that quantum computers are currently in the hands of cybercriminals or hostile nation-states, they will be ...
Security Boulevard
![framework, boardroom, board, risk,](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Boardroom Blindspot: How New Frameworks for Cyber Metrics are Reshaping Boardroom Conversations
With new frameworks for cyber metrics and reporting being implemented globally, regulators have effectively elevated risk to the same level of board awareness as financial risks ...
Security Boulevard
![Apple CEO Tim Cook, looking grim](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
‘Perfect 10’ Apple Supply Chain Bug — Millions of Apps at Risk of CocoaPods RCE
Richi Jennings | | App Sec & Supply Chain Security, Apple, Apple iOS, AppSec & Supply Chain Security, CocoaPods, CVE-2024-38366, CVE-2024-38368, dependencies, dependency injection, Dependency Management, macos, macOS Security, Modern Software Supply Chains, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, SB Blogwatch, software dependencies, Supply-Chain Insecurity, third-party dependencies, trust dependencies
Tim looks grim: 10 year old vulnerabilities in widely used dev tool include a CVSS 10.0 remote code execution bug ...
Security Boulevard
![Strategies to accelerate dependency management for modern enterprise software development](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Strategies to accelerate dependency management for modern enterprise software development
Aaron Linskens | | dependencies, DevOps transformation, risk management, software supply chain, Vulnerabilities
Contrary to common belief, security and productivity are not necessarily at odds in modern software development ...
![Vladimir Vladimirovich Putin (or possibly a very good lookalike)](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
‘Russia’ Breaches TeamViewer — ‘No Evidence’ Billions of Devices at Risk
Richi Jennings | | 2-factor authentication, 2fa, 2FA/MFA, APT29, Cozy Bear, CozyCar, CozyDuke, Dark Halo, enshittification, MFA, mfa protection, Midnight Blizzard, multi-factor, multi-factor authenication, Multi-Factor Authentication, Multi-Factor Authentication (MFA), multi-factor-auth, NOBELIUM, Nobeliumm, Office Monkeys, Russia, russia hacker, russia-based, russian, SB Blogwatch, SolarWinds, SolarWinds Vulnerability, solarwinds-hack, StellarParticle, SVR, TeamViewer, The Dukes, two-factor, two-factor athentication, Two-Factor Humor, two-factor-authentication.2fa, UNC2452, YTTRIUM
SolarWinds hackers strike again: Remote access service hacked—by APT29, says TeamViewer ...
Security Boulevard
![digital nomad, remote worker, cybersecurity,](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Remote Rigor: Safeguarding Data in the Age of Digital Nomads
Digital nomads go where the wind takes them around the globe, often working from coffee shops, co-working locations or public libraries. They rely on connecting to their work life via their mobile ...
Security Boulevard
![The Temu app on a smartphone screen peeking out from a pocket](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Temu is Malware — It Sells Your Info, Accuses Ark. AG
Richi Jennings | | breach of privacy, china, china espionage, Chinese, Chinese Communists, Chinese cyber espionage, chinese government, customer location, geofencing and location tracking, geolocation, Location, location access permission, location access risks, location data, Location data privacy, location history, location intelligence, location privacy, location services, location sharing location tracking, PDD Holdings, Pinduoduo, Privacy, SB Blogwatch, Temu, Whaleco
Chinese fast-fashion-cum-junk retailer “is a data-theft business.” ...
Security Boulevard