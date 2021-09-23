CreatorsPublishersAdvertisers
View more in
Technology

Here's a fix for open source supply chain attacks

By Matt Asay
TechRepublic
 4 days ago

Cover picture for the articleCommentary: Open source has never been more popular or more under attack, but there's something cloud providers can do to make OSS more secure. TechRepublic contributing writer Jack Wallen is correct that "Open source software has proved itself, time and time and time again, that it is business-grade for a very long time." Sonatype is also correct that supply chain attacks against popular open source software repositories jumped 650% over the last year. In fact, it's the very popularity of that open source software that makes it a prime target.

www.techrepublic.com

Comments / 0

Related
securityboulevard.com

2021 State of the Software Supply Chain: Open Source Security and Dependency Management Take Center Stage

Over the past year, COVID-19 fundamentally transformed how people live and work, how companies interact with customers, how customers shop and buy, and how physical and digital supply chains function. As the economic importance of digital innovation accelerated during the global pandemic, so too did the number of cyber-attacks aimed at exploiting software supply chains.
SOFTWARE
foodlogistics.com

L.I.N.K. Live: Meet This Year's Overall Woman in Supply Chain

She's a self-proclaimed robot ninja. She's enabled flexible global warehouse automation through a combination of automated mobile robots and Fetch’s leading cloud-based enterprise software. And, she's opened the door to diversity in robotics. Meet Melonee Wise, CEO of Fetch Robotics, who claimed this year's spot as Supply & Demand Chain Executive's overall Woman in Supply Chain.
TECHNOLOGY
TechCrunch

Index leads $12.2M seed in Sourceful, a data play to make supply chains greener

Early investors look impressed: Sourceful is announcing a $12.2 million seed funding round today, led by Europe’s Index Ventures (partner, Danny Rimer, is joining the board). Eka Ventures, Venrex and Dylan Field (Figma founder), also participated in the chunky raise. The startup, founded in June 2020, says it will use...
BUSINESS
freightwaves.com

Project44 first strategic partner for Google’s Supply Chain Twin

With rising costs, low inventories and the inability to accurately estimate deliveries to end consumers, all eyes are on supply chains and the technology investments that make them more agile in times of high demand. In an effort to help companies leverage data for supply chain resiliency, global technology company...
RETAIL
IN THIS ARTICLE
#Cloud Infrastructure#Information Security#Attackers#Open Source Software#Techrepublic#Maven#Java
nextplatform.com

Supply Chain Platforms Need A Disruption

Supply chains have become so complex and tangled that the traditional way of navigating everything from suppliers, inventory, transportation and analytics has been upended. As with all messes, there is deep commercial opportunity for any company that can handle clean-up in a novel, more streamlined way. In a post-2020 world, that need is stronger than ever — but it will take more than a traditional supply chain management system. It will need more data from more sources, all delivered and synthesized as close to real-time as possible.
INDUSTRY
Aviation Week

Industry’s Rising Giant Throttles Up Supply Chain Squeeze

The latest news from what could be the largest aerospace and defense (A&D) company ever, Raytheon Technologies, may leave suppliers with a sense of deja vu all over again. In short, the OEM is ramping up its Performance+ supply chain squeeze as it looks to make good on promises to investors of...
AEROSPACE & DEFENSE
securityboulevard.com

Securing the Edge in the Supply Chain

The supply chain is something most people take for granted—until something goes wrong. The pandemic highlighted just how quickly business can grind to a halt if the supply chain is disrupted. Organizations have found that edge computing makes the supply chain run more efficiently, but this move to the edge requires a new approach to supply chain cybersecurity.
TECHNOLOGY
Daily Mirror

How challenges to the UK's supply chain are being solved with algebra

It’s hard to avoid the realities of the UK’s supply chain crisis at the moment - from empty supermarket shelves to restaurants forced to adapt their menus. UK retailers are even preparing for stock shortages across the board in the run-up to Christmas as well as the British Chambers of Commerce warning that the UK could see a steep decline in economic growth over the coming months.
GROCERY & SUPERMAKET
YOU MAY ALSO LIKE
NewsBreak
Technology
NewsBreak
Python
Apple Insider

Apple's first AR headset launches in 2022, supply chain sources claim

Supply chain sources claim that Apple's $2000 Apple AR headset will go on sale in the second half of 2022, with the AR glasses expected to arrive in 2023. Backing up previous reports from typically reliable analyst Ming-Chi Kuo, a new supply chain rumor says an initial Apple AR device aimed at corporations and industrial use, will debut in 2022.
ELECTRONICS
TechRepublic

Windowsfx is the Linux distribution Windows users have been looking for

Few operating systems have so closely mimicked Windows as the upcoming Windowsfx 11. Jack Wallen takes a look at the preview of this Linux operating system and comes to a very impressive conclusion. Over the past 20 or so years, there always seems to be that one distribution everyone claims...
COMPUTERS
infosecurity-magazine.com

Farming Group Warns of Supply Chain Chaos After Ransomware Attack

An Iowan agricultural group hit by ransomware over the weekend appears to have claimed that the impact of the attack on the US public could be worse than the Colonial Pipeline incident. The attack has been traced to BlackMatter, a group that some believe has links to the DarkMatter outfit...
INDUSTRY
securitymagazine.com

BlackMatter's ransomware attack on NEW Cooperative may impact food supply chain

Iowa-based grain cooperative NEW Cooperative Inc. was struck by BlackMatter ransomware recently and has shut down its computer systems as it tries to mitigate the attack. BlackMatter is demanding a $5.9 million ransom. NEW Cooperative confirmed that they had been attacked and said they had contacted law enforcement and worked...
AGRICULTURE
TechRepublic

Robots and machine learning researchers combine forces to speed up the drug development process

IBM Research and Arctoris announce a research collaboration to test a closed-loop platform. IBM Research and Arctoris are bringing the power of artificial intelligence and robotic automation to the process of developing new drugs. The two companies aim to make smarter choices early on in the process, iterate faster and improve the odds of finding an effective treatment.
ENGINEERING
TechRepublic

Managing change in AI: Don't forget about your staff's needs and abilities

When change affects people in your organization, remember that you have a wealth of talent that needn't go to waste. Consider re-skilling to meet the company's needs as well as the employees'. How many times have you heard a manager respond to employees about organizational change with the words, "It...
TECHNOLOGY
TechRepublic

Portainer and Canonical expand their partnership

Portainer Business now integrates automatically with Canonical's Charmed Kubernetes distro. New Zealand-based Portainer announced Thursday that Canonical's Charmed Kubernetes users can now automatically install and integrate Portainer Business as part of the Kubernetes cluster deployment process using Juju's Charmed Operator Framework. According to Juju's website, the Charmed Operator Framework allows users to deploy, integrate, and manage Kubernetes, container and VM-native applications across hybrid clouds.
TECHNOLOGY
dcvelocity.com

From controlling cost to ensuring supply: inbound supply chain’s focus shifts, says research report

Tightening supply and capacity constraints are rearranging companies’ priorities for their inbound supply chain operations, according to a research report released today at the Council of Supply Chain Management Professionals (CSCMP) EDGE conference. While controlling costs still remains important to most sourcing and inbound logistics organizations, their top priority is...
INDUSTRY
TechRepublic

Storage for unstructured big data should be part of a company's strategy

For many IT organizations, data storage is an afterthought and not a strategic concern. However, when it comes to big data management, storage should occupy center stage. Unstructured data is used to pictorially document key events, capture paper-based documents in a digital free-form format and report on company operations through sensors and other Internet of Things devices. Yet, a 2020 survey of C-level executives conducted by NewVantage revealed that only 37.8% of companies surveyed felt they had created a data-driven culture, and over half (54.9%) felt that they could not compete with other companies in the areas of data and analytics.
TECHNOLOGY
TechRepublic

Canonical extends Ubuntu 14.04 and 16.04 life cycle to 10 years

The company is extending support for its popular Linux operating systems, and users don't need to do anything to take advantage of the extension. Canonical, the publisher of the Linux Ubuntu operating system, announced Tuesday that it's extending the end-of-life dates for its Ubuntu 14.04 LTS Trusty Tahr and 16.04 LTS Xenial Xerus OSes from eight to 10 years. The company said the extension will allow organizations to balance infrastructure upgrade costs by giving them additional time to implement their plans. The extended security maintenance of Ubuntu 14.04 LTS and 16.04 LTS provides customers security updates and kernel patches from Canonical.
SOFTWARE
foodlogistics.com

Supply Chain Industry Experts Discuss Future of Supply Chains

Registration is officially open for SCN Summit: Future of Supply Chains, a full week devoted to knowledge, education and networking about all things related to the future of supply chain and logistics. SCN Summit: State of the Supply Chain Week kicks off Dec. 6 with a discussion on warehouse automation...
INDUSTRY
TechRepublic

How to create Let's Encrypt SSL certificates with acme.sh on Linux

Issuing and installing SSL certificates doesn't have to be a challenge, especially when there are tools like acme.sh available. Jack Wallen shows you how to install and use this handy script. Installing SSL certificates isn't difficult, but it's a process every Linux administrator will have to take on at some...
SOFTWARE

Comments / 0

Community Policy