<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1076912843267184&amp;ev=PageView&amp;noscript=1">
|

The Week in Security: CISA operationalizes software supply chain security, GuLoader targets e-commerce

Carolynn van Arsdale
Blog Author

Carolynn van Arsdale, Cyber Content Creator at ReversingLabs. Read More...

c-scrm-supply-chain-risk-management

Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond. This week: CISA’s newest office is working to operationalize cyber supply chain risk management (C-SCRM). Also: a GuLoader malware campaign is targeting the global e-commerce industry. 

This Week’s Top Story

CISA's newest office to offer guidance on cyber supply chain security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is making arrangements to build a new office centered on cyber supply chain risk management (C-SCRM), says Federal News Network. The office is being created in an effort to assist government and industry entities in putting C-SCRM into practice, based on the various guidelines and policies put into effect in recent years. 

The idea for the C-SCRM office grew out of the Federal Acquisition Security Council (FASC), a new council created by the 2018 SECURE Act and responsible for developing government-wide policies and criteria for securing IT supply chains.   

Shon Lyublanovits, a former General Services Administration official, has been tapped to lead the new office. During her speech at a recent GovExec event, she noted that agencies are struggling to implement proper C-SCRM because they don’t know where to start, or how to get their leadership on board with implementing these recommended policy changes. Lyublanovits also stressed that she hopes to create a “roadmap” that entities can use to make improvements moving forward. 

For one of its first initiatives, CISA’s C-SCRM office is planning to release training courses on supply chain risk management, as well as a series of roundtables focused on “operationalizing C-SCRM,” according to Lyublanovits. The programming will offer different tracks for a variety of stakeholders: federal employees, industry, and all levels of government (state, local, etc.). 

News Roundup

Here are the stories we’re paying attention to this week…     

GuLoader malware using malicious NSIS executables to target E-commerce industry (The Hacker News)

E-commerce firms in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the malware.

Royal Mail faces threat from ransomware group LockBit (Reuters)

The UK's Royal Mail is facing a threat from the ransomware group LockBit. This ransomware attack comes on the heels of another “cyber incident” at the Royal Mail, which was reported in January.

Matthew Arnow, Head of Public Sector Solutions at Tidelift, warned that the increasing reliance on open source software poses security risks to avionics (Avionics International)

"Over the past decade, all industries—including the aviation industry—have seen a large increase in the amount of open-source software being used in applications... However, it often comes with hidden security and maintenance risks including internal open-source security and maintenance and external open-source software supply chain resilience challenges."

Ransomware outbreak hits Florida Supreme Court, U.S. and European universities (Reuters)

A global ransomware outbreak has scrambled servers belonging to Florida's Supreme Court and several universities in the U.S. and Central Europe. Those organizations are among more than 3,800 victims of a fast-spreading digital extortion campaign that locked up thousands of servers in Europe over the weekend.

Linux variant of Clop ransomware spotted, but uses faulty encryption algorithm (The Hacker News)

"The ELF executable contains a flawed encryption algorithm making it possible to decrypt locked files without paying the ransom," SentinelOne researcher Antonis Terefos said in a report shared with The Hacker News.

Get up to speed on key trends and understand the landscape with The State of Software Supply Chain Security 2024. Plus: Learn about ReversingLabs Spectra Assure for software supply chain security.

More Blog Posts

    Special Reports

    Latest Blog Posts

    The State of Open Source Software Security The State of Open Source Software Security

    Conversations About Threat Hunting and Software Supply Chain Security

    RG: Tampering RG: Tampering

    Glassboard conversations with ReversingLabs Field CISO Matt Rose

    Software Package Deconstruction: Video Conferencing Software Software Package Deconstruction: Video Conferencing Software

    Analyzing Risks To Your Software Supply Chain