Skip to content
Search

Latest Stories

Report: E-mail vulnerabilities threaten supply chains

58% of organizations experienced an attempted supply chain attack in the past year, and poor e-mail security may be to blame, cybersecurity firm data show.

banner-5217685_640.jpg

Nearly 60% of organizations have experienced an attempted supply chain attack in the past year, and e-mail vulnerabilities are a prime route to damage, according to data from Waltham, Mass.-based e-mail and cybersecurity firm GreatHorn.


The firm's Threat Intelligence Team released data showing that one of the most prominent techniques used in supply chain attacks is a form of man-in-the-middle (MitM) attack, in which an attacker compromises login credentials to leverage legitimate e-mail communication between parties in order to carry out their supply chain attack. Known as Vendor Email Compromise (VEC), the method allows attackers to log into a user’s e-mail so they can pose as that user and leverage trusted relationships in the user’s supply chain to take advantage of existing e-mail threads, or data, the company said.

“Given the quantity of workers remaining in a remote capacity, and the increase in phishing attacks that lead to malicious sites that compromise credentials, an organization’s supply chain has become a significant target for cybercriminals,” according to GreatHorn’s research on defending against vendor e-mail compromise. “With 3.7% of all e-mails containing potentially malicious links that bypass native e-mail security controls, and 41% of organizations stating that users click on malicious links daily, identifying links that attempt to harvest credentials is the first step for organizations in securing and protecting their users from account takeovers.”

To help prevent attacks, the research shows companies should augment or replace traditional e-mail security approaches with more sophisticated techniques; those include advanced computer vision programs that can analyze suspicious links and prevent employees from accessing password-stealing accounts, as well as biometric authentication programs that can recognize a user’s unique typing patterns such as keystroke speed, pressure, timing, and more.

“Attackers will continue to launch continuous attacks against supply chain partners, gaining access to supplier systems, including e-mail. Identifying spoofed vendors/individuals that can send malicious links and compromised partner accounts calls for advanced e-mail security techniques,” according to the company. “By augmenting or replacing traditional e-mail security approaches with more sophisticated capabilities, organizations can detect and mitigate the risk of supply chain attacks.”

The Latest

More Stories

Screenshot 2024-09-05 at 4.42.57 PM.jpg

Gartner: companies must design “geopolitically elastic” supply chains

Chief supply chain officers (CSCOs) must proactively embrace a geopolitically elastic supply chain strategy to support their organizations’ growth objectives, according to a report from analyst group Gartner Inc.

An elastic supply chain capability, which can expand or contract supply in response to geopolitical risks, provides supply chain organizations with greater flexibility and efficacy than operating from a single geopolitical bloc, the report said.

Keep ReadingShow less

Featured

xeneta air-freight.jpeg

Air cargo carriers enjoy 24% rise in average spot rates

The global air cargo market’s hot summer of double-digit demand growth continued in August with average spot rates showing their largest year-on-year jump with a 24% increase, according to the latest weekly analysis by Xeneta.

Xeneta cited two reasons to explain the increase. First, Global average air cargo spot rates reached $2.68 per kg in August due to continuing supply and demand imbalance. That came as August's global cargo supply grew at its slowest ratio in 2024 to-date at 2% year-on-year, while global cargo demand continued its double-digit growth, rising +11%.

Keep ReadingShow less
seegrid CR1_Renders_1-2_11zon.png

Seegrid lands $50 million backing for autonomous lift trucks

Seegrid Corp., which makes autonomous mobile robots (AMRs) for pallet material handling, has landed $50 million in new financial backing to accelerate its autonomous lift truck initiatives, which are generating more growth than expected, the company said today.

“Unrelenting labor shortages and wage inflation, accompanied by increasing consumer demand, are driving rapid market adoption of autonomous technologies in manufacturing, warehousing, and logistics,” Seegrid CEO and President Joe Pajer said in a release. “This is particularly true in the area of palletized material flows; areas that are addressed by Seegrid’s autonomous tow tractors and lift trucks. This segment of the market is just now ‘coming into its own,’ and Seegrid is a clear leader.”

Keep ReadingShow less
littler Screenshot 2024-09-04 at 2.59.02 PM.png

Congressional gridlock and election outcomes complicate search for labor

Worker shortages remain a persistent challenge for U.S. employers, even as labor force participation for prime-age workers continues to increase, according to an industry report from labor law firm Littler Mendelson P.C.

The report cites data showing that there are approximately 1.7 million workers missing from the post-pandemic workforce and that 38% of small firms are unable to fill open positions. At the same time, the “skills gap” in the workforce is accelerating as automation and AI create significant shifts in how work is performed.

Keep ReadingShow less
stax PR_13August2024-NEW.jpg

Toyota picks vendor to control smokestack emissions from its ro-ro ships

Stax Engineering, the venture-backed startup that provides smokestack emissions reduction services for maritime ships, will service all vessels from Toyota Motor North America Inc. visiting the Toyota Berth at the Port of Long Beach, according to a new five-year deal announced today.

Beginning in 2025 to coincide with new California Air Resources Board (CARB) standards, STAX will become the first and only emissions control provider to service roll-on/roll-off (ro-ros) vessels in the state of California, the company said.

Keep ReadingShow less