CSOonline1h
How CISOs can rebuild trust after a security incident
Cybersecurity leaders share insight on a crucial but overlooked task after any security incident: rebuilding trust with the ...
CSOonline3h
Password managers under increasing threat as infostealers triple and adapt
Security experts warn of surge in malware targeting credentials stored in password vaults and managers as adversarial focus ...
CSOonline7h
New family of data-stealing malware leverages Microsoft Outlook
CISOs have yet another attack vector to worry about with the discovery of a new family of data-stealing malware that uses ...
CSOonline1d
Ransomware gangs extort victims 17 hours after intrusion on average
The window for intrusion detection keeps getting shorter as ransomware group’s time-to-ransom (TTR) accelerates.
CSOonline3d
What is anomaly detection? Behavior-based analysis for cyber threats
Anomaly detection can be powerful in spotting cyber incidents, but experts say CISOs should balance traditional ...
CSOonline3d
CISO success story: How LA County trains (and retrains) workers to fight phishing
The CISO for LA County, charged with safeguarding 38 departments and 100,000 employees, shares tips on cross-agency ...
CSOonline4d
Unusual attack linked to Chinese APT group combines espionage and ransomware
The attacker deployed a variant of the PlugX cyberespionage toolset previously associated with Chinese APT groups against a ...
CSOonline6d
Beyond the paycheck: What cybersecurity professionals really want
In the face of talent shortages, organisations must rethink their approach to retaining cybersecurity professionals as money ...
CSOonline4d
PostgreSQL patches SQLi vulnerability likely exploited in BeyondTrust attacks
Rapid7 researchers believe the BeyondTrust Remote Support attacks from December also exploited a zero-day flaw in PostgreSQL.
CSOonline4d
Russian hacking group targets critical infrastructure in the US, the UK, and Canada
The operation, attributed to the notorious Russian threat actor Seashell Blizzard, has compromised high-profile targets in ...
CSOonline4d
What security teams need to know about the coming demise of old Microsoft servers
While the planned phase-out of Microsoft Exchange 2016 and Exchange 2019 is many months away, evaluate your organization’s ...
CSOonline3d
whoAMI name confusion attacks can expose AWS accounts to malicious code execution
Due to a misconfiguration, developers could be tricked into retrieving malicious Amazon Machine Images (AMI) while creating ...