Moody's turns up the heat on 'riskiest' sectors for cyberattacks
$22 trillion of global rated debt has 'high' or 'very high' cyber-risk exposure
CSO03 Oct 2022 |
CSO
Covert malware targets VMware shops for hypervisor-level espionage
Mandiant tracks back operators, finds ties to China
CSO29 Sep 2022 | 3
Microsoft to kill off old access rules in Exchange Online
Awoooogah – this is your one-year warning to switch over, enterprises
CSO28 Sep 2022 | 13
Ukraine fears 'massive' Russian cyberattacks on power, infrastructure
Will those be before or after the nuke strikes Putin keeps banging on about?
CSO27 Sep 2022 | 13
Uber explains how it was pwned this month, points finger at Lapsus$ gang
From annoying MFA alerts to 'several internal systems' infiltrated
CSO19 Sep 2022 | 27
Indonesia accuses Google of abusing monopoly
Asia In Brief PLUS: Qualys CEO says APAC has infosec advantages; Singapore's Sea ebbs in Americas; Toshiba's tepid takeover update; and more
CSO19 Sep 2022 | 4
Nearly one in two industry pros scaled back open source use over security fears
Log4j being the main driver, this data science poll claims
Cybersecurity Month14 Sep 2022 | 17
Twitter whistleblower Zatko disses bird site as dysfunctional data dump
Mudge tells senators his former bosses are 'terrified' of the French, US regulators are toothless
CSO14 Sep 2022 | 38
Musk seeks yet another excuse to get out of Twitter buyout: This time it's Mudge's severance check
If at first you don't succeed...
CSO13 Sep 2022 | 54
Dump these small-biz routers, says Cisco, because we won't patch their flawed VPN
Nothing like an authentication bypass for your private IPSec network
CSO08 Sep 2022 | 56
Nadine Dorries promotes 'Brexit rewards' of proposed UK data protection law
Culture secretary talks up pre-Commons reading as UK waits to hear who new leader will be
CSO05 Sep 2022 | 163
77% of security leaders fear we’re in perpetual cyberwar from now on
In brief Also, Charming Kittens from Iran scrape email inboxes, France could fine Google again, and more
CSO27 Aug 2022 | 32
Twilio, Cloudflare just two of 135 orgs targeted by Oktapus phishing campaign
Updated This, this is more like what we mean by a sophisticated cyberattack
CSO25 Aug 2022 | 6
Shout-out to whoever went to Black Hat and had North Korean malware on their PC
I am the one who NOCs
CSO25 Aug 2022 | 25
Block sued after ex-staffer siphons customer data
'Don't be such a Square' hits different these days
CSO24 Aug 2022 | 8
VMware confirms Carbon Black causes BSODs, boot loops on Windows
Well, you can't be attacked if your PC won't start
CSO24 Aug 2022 | 11
Lloyd's to exclude certain nation-state attacks from cyber insurance policies
Updated Kim Jong-un has entered the chat
CSO24 Aug 2022 | 55
Twitter savaged by former security boss Mudge in whistleblower complaint
Loose access to production systems, out of date software, and more claimed
CSO23 Aug 2022 | 36
Smartphone gyroscopes threaten air-gapped systems, researcher finds
Network interface card LEDs are a risk too by blinking in Morse code
CSO23 Aug 2022 | 54
The truth about that draft law banning Uncle Sam buying insecure software
There's always a get-out clause
CSO19 Aug 2022 | 43
Popular
Steganography alert: Backdoor spyware stashed in Microsoft logo
Now that's sticker shock
Text-to-image models are so last month, text-to-video is here
In brief Plus: Bruce Willis sells his image rights to AI biz creating deepfakes, and more
BlackCat malware lashes out at US defense IT contractor
In Brief Also, Amazon's Ring footage TV shows draws criticism, US v Soviet spying docs found, and more
Linux kernel 6.0 debuts, Linus Torvalds teases ‘core new things’ coming in version 6.1
Linux boss' launch message is more ‘6.0 is overrated’ than ‘The joy of 6.0’
Tetchy trainee turned the lights down low to teach turgid lecturer a lesson
Who, Me? Sure, I’ll sit here all day taking notes because you’re too cheap to print them out
Samsung’s Smart Monitor tries too hard to be clever
Desktop Tourism Barely adequate as a desktop alternative, but delightful as a dual purpose monitor
Moody's turns up the heat on 'riskiest' sectors for cyberattacks
$22 trillion of global rated debt has 'high' or 'very high' cyber-risk exposure
Founder of cybersecurity firm Acronis is afraid of his own vacuum cleaner
It is the exponential changes in the course of human history that worry Serg Bell
The open internet repels its most insidious attackers. They’ll return
Opinion It’ll take an army of billions to hold them back. Let’s make one
Between ransomware and month-long engagements, IR teams need a hug – and a nap
Here's what 1,100 incident responders say about their jobs, just in time for NSCAM
STORIES
Google blocks third record-breaking DDoS attack in as many months
46 million requests per second network flood comes as attacks increase by more than 200% compared to last year
CSO18 Aug 2022 | 11
After 7 years, long-term threat DarkTortilla crypter is still evolving
.NET-based malware can push wide range of malicious payloads, and evades detection, Secureworks says
CSO17 Aug 2022 | 2
TikTok wants your trust around US midterm elections data
Misinformation's a concern, but Chinese media giant's own data privacy practices also have people worried
CSO17 Aug 2022 | 4
PC store told it can't claim full cyber-crime insurance after social-engineering attack
Two different kinds of fraud, says judge while throwing out lawsuit against insurer
CSO16 Aug 2022 | 4
Microsoft's macOS Tamper Protection hits general availability
A boon for administrators having to deal with Apple hardware while also keeping everything secure
CSO16 Aug 2022 | 5
Reckon Russian spies are lurking in your inbox? Check for these IOCs, Microsoft says
Seaborgium targeted dozens of orgs this year alone
CSO16 Aug 2022 | 7
It's 2022 and there are still thousands of public systems using password-less VNC
Let alone the ones with 123456 to login. How sophisticated do attackers really need to be?
CSO16 Aug 2022 | 8
Hi, I'll be your ransomware negotiator today – but don't tell the crooks that
Interview What it's like bargaining with criminals ... and advising clients suffering their worst day yet
CSO06 Aug 2022 | 41
Robinhood's crypto unit hit with $30m fine over security, anti-crime misses
Updated And just lays off about a quarter of staff
CSO02 Aug 2022 | 4
T-Mobile US to cough up $550m after info stolen on 77m customers
Oops, did the Un-carrier under-count by 29m punters?
CSO25 Jul 2022 | 8
Microsoft closes off two avenues of attack: Office macros, RDP brute-forcing
Blockade against VBA scripts in downloaded files is back on by default
CSO22 Jul 2022 | 15
What does software supply chain pain really feel like? Find out right here
This Immersive Labs webinar will make it feel mighty real
Webinar
TikTok's chief security officer steps aside, thanks to Oracle move
Takes up advisory role that might leave time to play with parent company's homebrew cloudy SmartNICs
CSO18 Jul 2022 |
This big phish can swim around MFA, says Microsoft Security
Slippery AiTM attacks targeted more than 10,000 orgs over the past nine months
CSO13 Jul 2022 | 2
Mergers and acquisitions put zero trust to the ultimate test
Bypasses an arduous integration process with right security footing from the start
CSO13 Jul 2022 | 1
Defense contractor pays $9m to settle whistleblower's cybersecurity allegations
Former Aerojet Rocketdyne employee cites failure to meet minimums for NASA, Pentagon
CSO11 Jul 2022 | 10
Jenkins warns of security holes in these 25 plugins
Relax, most of the vulnerabilities so far have, er, no fix
CSO30 Jun 2022 | 4
Start using Modern Auth now for Exchange Online
Before Microsoft shutters basic logins in a few months
CSO29 Jun 2022 | 28
India extends deadline for compliance with infosec logging rules by 90 days
Updated Helpfully announced extension on deadline day
CSO28 Jun 2022 | 9
Contractor loses entire Japanese city's personal data in USB fail
In brief Also, Chrome add-ons are great for fingerprinting, and hacked hot tubs splurge details
CSO27 Jun 2022 | 14
$6b mega contract electronics vendor Sanmina jumps into zero trust
Company was an early adopter of Google Cloud, which led to a search for a new security architecture
CSO23 Jun 2022 | 1
Voicemail phishing emails steal Microsoft credentials
As always, check that O365 login page is actually O365
CSO21 Jun 2022 | 20
RSAC branded a 'super spreader event' as attendees share COVID-19 test results
RSA Conference That, and Black Hat, are about to reveal risk assessment skills of our cyber-risk experts
CSO16 Jun 2022 | 26
Former US state agency CIO, IT exec plead guilty to bribery and extortion scheme
Pair's multimillion-dollar contract caper unraveled
CSO15 Jun 2022 | 5
Cloudflare says it thwarted record-breaking HTTPS DDoS flood
26m requests a second? Not legit traffic, not even Bill Gates doing $1m giveaways could manage that
CSO14 Jun 2022 | 2
Inside the RSAC expo: Buzzword bingo and the bear in the room
RSA Conference We mingle with the vendors so you don't have to
CSO14 Jun 2022 | 2
US cyber chiefs: Moving to Shields Down isn't gonna happen
RSA Conference Promises new alert notices but warn 'we can sometimes predict thunderstorms but not lightning strikes'
CSO08 Jun 2022 | 6
Cisco EVP: We need to lift everyone above the cybersecurity poverty line
RSA Conference Exclusive It's going to become a human-rights issue, Jeetu Patel tells The Register
CSO06 Jun 2022 | 9
Feeling highly stressed about your job? You must be a CISO
'The attack surface has expanded exponentially' during the work-from-home pandemic, says one
CSO04 Jun 2022 | 23
FBI, CISA: Don't get caught in Karakurt's extortion web
Is this gang some sort of Conti side hustle? The answer may be yes
CSO03 Jun 2022 | 7
Cloud security unicorn cuts 20% of staff after raising $1.3b
Time to play blame bingo: Markets? Profits? Too much growth? Russia? Space aliens?
CSO27 May 2022 | 17
How to find NPM dependencies vulnerable to account hijacking
Security engineer outlines self-help strategy for keeping software supply chain safe
CSO23 May 2022 | 21
Patch your VMware gear now – or yank it out, Uncle Sam tells federal agencies
Critical authentication bypass revealed, older flaws under active attack
CSO19 May 2022 | 6
FBI warns of North Korean cyberspies posing as foreign IT workers
Looking for tech talent? Kim Jong-un's friendly freelancers, at your service
CSO17 May 2022 | 10
Europe moves closer to stricter cybersecurity standards, reporting regs
More types of biz fall under expanded rules – and fines for those who fall short
CSO17 May 2022 | 9
Software patching must work like car safety recalls, says US cyber boss
Black Hat Asia Adds infosec regulation coming to more industries but with a light touch, more collaboration
CSO13 May 2022 | 30
Five Eyes turn spotlight on MSPs: Potential weak links in IT supply-chain security
We can think of one thing the S stands for in some unfortunate cases
CSO11 May 2022 | 8
Email domain for NPM lib with 6m downloads a week grabbed by expert to make a point
Special report Campaign to coax GitHub-owned outfit to improve security starts showing results
CSO10 May 2022 | 47
US, Europe formally blame Russia for data wiper attacks against Ukraine, Viasat
Thank goodness someone cleared that one up
CSO10 May 2022 | 9
Industry pushes back against India's data security breach reporting requirements
Filling in a form at 4am improves infosec or privacy how, exactly?
CSO10 May 2022 | 13
False-flag cyberattacks a red line for nation-states, says Mandiant boss
NSA director says he doesn't know of a 'big one' that was successful
CSO07 May 2022 | 27
Microsoft, Apple, Google accelerate push to eliminate passwords
Analysis Passphrases PIP'd, FIDO and W3C projects promoted
CSO05 May 2022 | 76
Should security teams be giving service with a smile?
Our Vectra Masked CISO series tackles some of the biggest issues in security and how to overcome them
Advertorial
Homeland Security bug bounty program uncovers 122 holes in its systems
Thinking of another word for this US govt department's name
CSO25 Apr 2022 | 4
