5 Email Threat Predictions for 2021

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

katzscan,
User Rank: Apprentice
12/24/2020 | 1:44:19 PM

Hacking and phishing versus supply chain fraud.

The penetration of the network infrastructure via hacking and phishing schemes is not supply chain fraud. Piercing hardware and software anti-virus protection and firewalls and fooling people into clicking on links and divulging user IDs and passwords is not supply chain fraud.

Inasmuch as there are frauds that occur within supply chains, such as theft and asset mismanagement, supply chain fraud has more to do with the falsification of transactional data and the representative "stuff" as it enters and passes through the two primary supply chain cycles: order-to-cash and procure-to-pay.

Transactions generated by traditional supply chain systems - Enterprise Resource Planning (ERP), Electronic Data Interchange (EDI), and Automatic Identification (e.g. barcode labeling & scanning) - that are used to grade supply chain performance can also be used to ascertain supply chain risk and to detect and therefore reduce fraud, both at the source and in the aggregate.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

NSA Appoints Rob Joyce as Cyber Director

Dark Reading Staff 1/15/2021

Vulnerability Management Has a Data Problem

Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber, 1/14/2021

Who Is Responsible for Protecting Physical Security Systems From Cyberattacks?

IFSEC Global, Staff, 1/14/2021

Webinars

Building the SOC of the Future: Next-Generation Security Operations

Making Cybersecurity Work in Small and Medium-Sized Businesses

5 Steps to Solving Modern Scalability Problems

Webinar Archives

White Papers

How to Prioritize Risk Across the Cyberattack Surface

The 2020 Duo Security Trusted Access Report

Cyber Threats & Trends: Jan-June 2020

Frost Radar: Global Threat Intelligence Platform Market

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: This is not what I meant by "I would like to share some desk space"

Cartoon Archive

Current Issue

2020: The Year in Security

Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Assessing Cybersecurity Risk in Today's Enterprises

COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.

Download Now!

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

Building an Effective Cybersecurity Incident Response Team

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-3686
PUBLISHED: 2021-01-21

Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the length of array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobi...

CVE-2020-3687
PUBLISHED: 2021-01-21

Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue in XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

CVE-2020-3691
PUBLISHED: 2021-01-21

Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We...

CVE-2020-11167
PUBLISHED: 2021-01-21

Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends more data than expected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Weara...

CVE-2020-11179
PUBLISHED: 2021-01-21

Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon ...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]