Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond. This week: CISA’s newest office is working to operationalize cyber supply chain risk management (C-SCRM). Also: a GuLoader malware campaign is targeting the global e-commerce industry.
This Week’s Top Story
CISA's newest office to offer guidance on cyber supply chain security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is making arrangements to build a new office centered on cyber supply chain risk management (C-SCRM), says Federal News Network. The office is being created in an effort to assist government and industry entities in putting C-SCRM into practice, based on the various guidelines and policies put into effect in recent years.
The Federal Acquisition Security Council (FASC), enacted in 2018 via the SECURE Act, is responsible for developing government-wide policies and criteria for securing IT supply chains, which CISA operationalizes through its efforts, such as the creation of this C-SCRM-centered office.
Shon Lyublanovits, a former General Services Administration official, has been tapped to lead the new office. During her speech at a recent GovExec event, she noted that agencies are struggling to implement proper C-SCRM because they don’t know where to start, or how to get their leadership on board with implementing these recommended policy changes. Lyublanovits also stressed that she hopes to create a “roadmap” that entities can use to make improvements moving forward.
For one of its first initiatives, CISA’s C-SCRM office is planning to release training courses on supply chain risk management, as well as a series of roundtables focused on “operationalizing C-SCRM,” according to Lyublanovits. The programming will offer different tracks for a variety of stakeholders: federal employees, industry, and all levels of government (state, local, etc.).
News Roundup
Here are the stories we’re paying attention to this week…
GuLoader malware using malicious NSIS executables to target E-commerce industry (The Hacker News)
E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the malware.
Royal Mail faces threat from ransomware group LockBit (Reuters)
UK's Royal Mail is facing a threat from ransomware group LockBit, according to information published on a website, at a time when the British postal and parcel firm is grappling with the fallout of a "cyber incident" from last month.
Opinion: The impact of open-source software on the aviation industry (Avionics International)
"Over the past decade, all industries—including the aviation industry—have seen a large increase in the amount of open-source software being used in applications... However, it often comes with hidden security and maintenance risks including internal open-source security and maintenance and external open-source software supply chain resilience challenges."
Ransomware outbreak hits Florida Supreme Court, U.S. and European universities (Reuters)
A global ransomware outbreak has scrambled servers belonging to Florida's Supreme Court and several universities in the U.S. and Central Europe. Those organizations are among more than 3,800 victims of a fast-spreading digital extortion campaign that locked up thousands of servers in Europe over the weekend.
Linux variant of Clop ransomware spotted, but uses faulty encryption algorithm (The Hacker News)
"The ELF executable contains a flawed encryption algorithm making it possible to decrypt locked files without paying the ransom," SentinelOne researcher Antonis Terefos said in a report shared with The Hacker News.
Article Link: The Week in Security: CISA operationalizes software supply chain security, GuLoader targets e-commerce