Cisco announces AI-powered Hypershield for autonomous exploit patching in the cloud | CSO Online
AI-based capability is part of Cisco’s Security Cloud platform for hyperscalers.| CSO Online
AI-based capability is part of Cisco’s Security Cloud platform for hyperscalers.| CSO Online
API security firm says eBPF will be used to map the API attack surface area of customers, addressing key API security challenges.| CSO Online
A meticulously curated dataset included WeChat IDs, bank details, Alipay data, home addresses, and behavioral profiles.| CSO Online
CSO delivers the critical information about trends, practices, and products enterprise security leaders need to defend against criminal cyberattacks and other threats.| CSO Online
The vulnerability affects not only Java-based applications and services that use the library directly, but also many other popular Java components and development frameworks that rely on it.| CSO Online
A group believed to be Russia's Cozy Bear gained access to government and other systems through a compromised update to SolarWinds' Orion software. Most organizations aren't prepared for this sort of software supply chain attack.| CSO Online
PCI DSS (Payment Card Industry Data Security Standard) is a cybersecurity standard backed by all the major credit card and payment processing companies that aims to keep credit and debit card numbers safe.| CSO Online
NotPetya superficially resembles the Petya ransomware in several ways, but there are a number of important ways in which it's different, and much more dangerous.| CSO Online
The US Securities and Exchange Commission’s aggressive new rules mark a profound regulatory shift in how businesses are now required to manage their cybersecurity risks.| CSO Online
The new SEC rules also require registrants to report ransomware payments within 24 hours to report ransomware payments and to submit annual cyber risk management, strategy, and governance reports.| CSO Online
Advanced planning, training and simulation, and understanding organizational risk will go a long way to avoid rookie mistakes when a cybersecurity team meets its first critical incident.| CSO Online
Used as an analyst assist application, generative AI can help threat intelligence programs in areas like data collection, analysis, and dissemination.| CSO Online
Accenture’s annual State of Cybersecurity Resilience finds while attacks are up, “Cyber Champions” have better security defenses against criminals| CSO Online
A tabletop exercise is an informal, discussion-based session in which a team or discusses their roles and responses during an emergency, walking through one or more example scenarios.| CSO Online
Tooling complexity and generative AI may harm many companies’ security posture.| CSO Online
Risk is an unavoidable consequence of doing business in the digital age. These six steps for creating a risk assessment plan can help anticipate the danger.| CSO Online
CISOs can anticipate and prepare for cyberattacks conducted by participants in geopolitical conflict such as the Israel/Hamas war by understanding the threat actors' motivations and goals.| CSO Online
AMD has confirmed an unpatched “processor vulnerability” that may require CISOs to isolate their systems or even air gap them until there’s a fix.| CSO Online
Payouts from ransomware victims declined by 38% in 2022, which has prompted hackers to adopt more professional and corporate tactics to ensure higher returns.| CSO Online
Ransomware is on the rise across all industries. Here are the criminal operations cybersecurity professionals must be aware of.| CSO Online
The Cyber Security Agency of Singapore warns of Dire Wolf’s double-extortion tactics, which have already impacted 16 organizations across 11 countries, crippling operations and exposing sensitive data.| CSO Online
Application security posture management tools need to integrate with other security tools to do their job.| CSO Online
The proof of concept shows it's possible to upload malicious PyTorch releases to GitHub by exploiting insecure misconfigurations in GitHub Actions.| CSO Online
The cyberespionage group uses compromised credentials to steal emails and data from public and private sector organizations across a wide range of industries.| CSO Online
Study shows more than 97% of employees use the same devices for work and personal activities.| CSO Online
The novel technique exploits the cross-device sign-in option on FIDO to create an authenticated session controlled by attackers.| CSO Online
When it comes to implementing Open Authorization (OAuth) technology, constant monitoring and review is the key to maintaining a properly secure organization.| CSO Online
With identity becoming a top way attackers gain access to corporate networks, security admins must take control of Windows authentication and access policies.| CSO Online
Microsoft and CISA urge admins to quickly plug a high-severity vulnerability.| CSO Online
Security awareness training is being overmatched by cybercriminals who are enhancing attacks with generative AI — and moving phishing campaigns outside the inbox.| CSO Online
New phishing campaigns attempt to evade detection by constructing rogue QR codes with special ASCII characters and load phishing pages locally using the local blob URL feature in browsers.| CSO Online
Multiple reports show a dramatic rise in phishing scams employing QR codes. Now is the time for security leaders to take proactive steps.| CSO Online
Security awareness training helps develop an information security mindset in your workforce, equipping employees with the knowledge to be your organization’s first line of cyber defense.| CSO Online
Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts.| CSO Online
Letting your guard down is not the most reasonable thing to do at a time when cybersecurity risks are on the rise; cyber attackers are not resting. What's more, they are well aware of what happens at this time of year, hence they take advantage of the circumstance to launch more aggressive campaigns.| CSO Online
Hundreds of Model Context Protocol (MCP) servers used to link LLMs to third-party services, data sources, and tools include default configurations that could expose users to unauthorized OS command execution and other risks.| CSO Online
Chinese AI startup DeepSeek left critical user data and internal secrets unprotected, raising alarms over security risks in the AI industry.| CSO Online
Orca Security’s analysis of major cloud infrastructure reveals widespread use of tools with known vulnerabilities, exposed AI models and data, misconfigured systems, and unencrypted data — all to capitalize quickly on AI.| CSO Online
NIST, security leaders warn that hackers will launch more poisoning attacks as artificial intelligence use increases, testing the strength of today’s security programs| CSO Online
Each organization needs to develop its own ongoing process for evaluating needs and justifying security spend. Here's how two CISOs do it.| CSO Online
Security leaders must fight proposed cuts by justifying return on investments and zeroing in on the risk narrative. A recent survey of CISO peers sheds light on which cuts are more likely to result in security consequences.| CSO Online
It’s a given that threats to enterprise are going to keep rising, stretching the resources of cybersecurity chiefs who must make their budgets go as far as possible. Here are some helpful strategies.| CSO Online
Securing a cybersecurity investment isn’t just about crunching numbers — it’s about fostering cross-functional relationships. For CISOs, engaging key stakeholders will help build support to secure critical funding.| CSO Online
Safepay gang says 3.5TB of oh, dearstolen data will be released if Ingram doesn't capitulate.| CSO Online
When budget cuts hit, CISOs face tough choices. But clear priorities, transparency, and a focus on people and processes can help them navigate the moment.| CSO Online
Model Context Protocol (MCP) use is increasing in popularity for connecting AI agents to data sources, and other services. But so too are vulnerabilities that bring unique risks to agentic systems.| CSO Online
Critical flaw in new tool could allow attackers to steal data at will from developers working with untrusted repositories.| CSO Online
As generative AI transforms business, security experts are adapting hacking techniques to discover vulnerabilities in intelligent systems — from prompt injection to privilege escalation.| CSO Online
Das Darkweb ist nicht nur ein Hort für (Cyber-)Kriminelle, sondern auch ein wichtiges Werkzeug für Sicherheitsprofis.| CSO Online
Developers adept at multiple coding languages are tricked into installing a familiar-sounding package from within the Node Package Manager registry instead of the original source.| CSO Online
The packages carry backdoors that first collect environment information and then delete entire application directories.| CSO Online
All malicious npm packages carried identical payloads for snooping sensitive network information from developers’ systems.| CSO Online
Phishing attacks on package maintainer accounts led to infected JavaScript type testing utilities.| CSO Online
The incident highlights rising AI risks as malicious actors exploit powerful tools amid weak safeguards and oversight.| CSO Online
An alten Gewohnheiten festzuhalten, kann böse enden. Insbesondere, wenn es um Cybersicherheit geht.| CSO Online
Well-received for its cybersecurity provisions, Trump’s AI action plan could face hurdles in practice due to a lack of implementation hooks and the burden it adds to agencies navigating budget cuts, experts say.| CSO Online
DLL-based malware targets Windows users after a phishing campaign tricked the maintainer into leaking a token.| CSO Online
Der Bundestag verzeichnet zahlreiche Hackerangriffe. Präsidentin Klöckner will die Schutzmaßnahmen hochfahren. Nachbesserungsbedarf bei der Sicherheit sieht sie auch in einem anderen Bereich.| CSO Online
The vulnerability with active exploitations allows local non-privileged users to access freed-up memory for staging new attacks.| CSO Online
While there’s no single solution for outpacing today’s cybercriminals, there are several steps you should take now to ensure your team is prepared to guard against attackers’ evolving methods.| CSO Online
CVE is a program launched in 1999 by MITRE, a nonprofit that operates research and development centers sponsored by the federal government. Its purpose is to identify and catalog vulnerabilities in software or firmware into a free “dictionary” for organizations to improve their security.| CSO Online
A crisis at the key US service for ranking vulnerabilities has been fueled by short resources and an explosion of security flaws as the volume of software production increases.| CSO Online
Akamai’s latest study finds organizations are not prepared for API-based attacks as most report scant controls.| CSO Online
Summarily firing workers who have access to national secrets is creating a nearly unprecedented environment for classified data exposure, writes CIA Distinguished Career Intelligence Medal awardee Christopher Burgess.| CSO Online
Two indictments, one arrest, and other actions across 16 states puts a dent in the illicit remote work schemes targeting US companies.| CSO Online
Attackers from the Lazarus group used social engineering tactics to impersonate recruiters and gain access to systems in a well-coordinated campaign over several months.| CSO Online
CISOs are urged to carry out tighter vetting of new hires to ward off potential ‘moles’ — who are increasingly finding their way onto company payrolls and into their IT systems.| CSO Online
Russians and North Koreans contributed to the scheme to provide illegal remote IT workers to US companies to fund the North Korean regime.| CSO Online
With business continuity, CISOs must navigate a complex mix of security, business priorities and operational resilience — often without clear ownership of the process.| CSO Online
Virtual private networks still have a place in the enterprise for protecting data and networks. Here's what you need to know when selecting a VPN.| CSO Online
Enterprise VPNs might not always be as safe as you think. Be aware of these RCE vulnerabilities in popular enterprise VPN solutions.| CSO Online
A zero day is a security flaw that has not yet been patched by the vendor and can be exploited. The name evokes a scenario where an attacker has gotten the jump on a software vendor, implementing attacks that exploit the flaw before the good guys of infosec are able to respond.| CSO Online
The vulnerability could leave AI inference servers open to remote code execution that would allow them to be taken over.| CSO Online
The flaw has a critical severity rating with a CVSS score of 9.6 and allows a remote unauthenticated actor to execute arbitrary commands by specially crafted HTTP requests.| CSO Online
Static root credentials left in limited Unified Communications Manager builds could let attackers gain full control over enterprise communications systems.| CSO Online
An authentication bypass vulnerability in the printers, hardcoded at the factory, can be chained with another flaw for remote code execution on affected devices.| CSO Online
Whether by dumb luck or ruthless skill, these malware attacks left their mark on the internet.| CSO Online
TPRM today prioritizes fear of penalty over pursuit of real security. By investing in a comprehensive, targeted approach, organizations can reclaim TPRM as an essential part of their security strategies.| CSO Online
Executive “supersatisified” with work so far on project to overhaul company security culture and application design.| CSO Online
L+R's pursuit of SOC 2 certification was complicated by hardware inadequacies and its early adoption of AI, but a successful audit has provided security and business benefits.| CSO Online
New research reveals a simple way threat actors are using Microsoft 365 Direct Send to phish employees, without even having to steal credentials.| CSO Online
With AI agents multiplying across enterprises, IBM’s watsonx–Guardium integration aims to provide unified AgentOps visibility, automated red teaming, and regulatory accelerators to future-proof compliance.| CSO Online
The newly discovered vulnerabilities could allow attackers to gain control of servers that use AMI's MegaRAC BMC firmware.| CSO Online
According to analysis by firmware security firm Eclypsium, 7,799 HPE iLO (HPE's Integrated Lights-Out) server baseboard management controllers (BMCs) are exposed to the internet and most do not appear to be running the latest version of the firmware. But the problem doesn't stop there.| CSO Online
Cybercriminals adopt tactics to disguise credential stuffing activity and avoid basic prevention schemes like CAPTHCAs.| CSO Online
The surge in remote work has rekindled interest in brute-force attacks, but a few simple steps can make your organization less of a target for them.| CSO Online
New research shows that attackers use APIs to automate credential stuffing attacks. The financial sector is particularly vulnerable.| CSO Online
Researchers released two tools--Muraen and NecroBrowser--that automate phishing attacks that can bypass 2FA. Most defenses won't stop them.| CSO Online
The 2012 LinkedIn breach, along with other old third-party breaches, is still paying dividends for criminals, who now have free access to 1.4 billion previously exposed email addresses and passwords.| CSO Online
Policies and software are not enough to secure your data, staff must be regularly trained.| CSO Online
A botnet is a collection of internet-connected devices that an attacker has compromised to launch DDoS attacks, spread phishing spam, mine bitcoin, and more.| CSO Online
A password manager stores a user’s passwords and logins for various sites and apps and generates new, strong passwords, making it a valuable tool for implementing strong passwords in your business.| CSO Online
The draft guidelines revise password security recommendations and altering many of the standards and best practices security professionals use when forming policies for their companies.| CSO Online
End-users must have a different password for every website and security domain| CSO Online
Hackers are using credential-stuffing to attack endpoints that are used to support the cross-origin authentication feature.| CSO Online
Lumma Stealer operation hit 400,000 computers worldwide before coordinated takedown shut down Russian cybercrime kingpin.| CSO Online
Law enforcement action has failed to dent the impact of infostealer malware, a potent and growing threat to enterprise security.| CSO Online
IT teams should revisit PowerShell restrictions as an increasingly used click-and-fix technique has users self-serving fake system issues by invoking malicious PowerShell scripts themselves, reducing suspicion.| CSO Online
The state of cloud security has reached a critical tipping point, as attackers increasingly turn attention to cloud environments that enterprises aren’t doing enough to secure.| CSO Online
A single click and Ctrl+V combo now compromises endpoints with zero file downloads.| CSO Online
