CSOonline1d
whoAMI name confusion attacks can expose AWS accounts to malicious code execution
Due to a misconfiguration, developers could be tricked into retrieving malicious Amazon Machine Images (AMI) while creating ...
CSOonline1d
CISO success story: How LA County trains (and retrains) workers to fight phishing
The CISO for LA County, charged with safeguarding 38 departments and 100,000 employees, shares tips on cross-agency ...
CSOonline4d
Beyond the paycheck: What cybersecurity professionals really want
In the face of talent shortages, organisations must rethink their approach to retaining cybersecurity professionals as money ...
CSOonline1d
What is anomaly detection? Behavior-based analysis for cyber threats
Anomaly detection can be powerful in spotting cyber incidents, but experts say CISOs should balance traditional ...
CSOonline2d
Unusual attack linked to Chinese APT group combines espionage and ransomware
The attacker deployed a variant of the PlugX cyberespionage toolset previously associated with Chinese APT groups against a ...
CSOonline2d
Russian hacking group targets critical infrastructure in the US, the UK, and Canada
The operation, attributed to the notorious Russian threat actor Seashell Blizzard, has compromised high-profile targets in ...
CSOonline2d
What security teams need to know about the coming demise of old Microsoft servers
While the planned phase-out of Microsoft Exchange 2016 and Exchange 2019 is many months away, evaluate your organization’s ...
CSOonline2d
CISA, FBI call software with buffer overflow issues ‘unforgivable’
The federal directive forbids vendors from shipping software with such flaws, and flags recent Microsoft, and Ivanti ...
CSOonline2d
PostgreSQL patches SQLi vulnerability likely exploited in BeyondTrust attacks
Rapid7 researchers believe the BeyondTrust Remote Support attacks from December also exploited a zero-day flaw in PostgreSQL.
CSOonline4d
Authorities seize Phobos and 8Base ransomware servers, arrest 4 suspects
An international law-enforcement collaboration has taken down two Russian nationals and two unidentified women in Thailand ...
CSOonline5d
CISOs: Stop trying to do the lawyer’s job
CISOs are trained to fix problems. Lawyers are trained to find them. The two must work together to address complex challenges ...
CSOonline5d
Top 5 ways attackers use generative AI to exploit your systems
Cybercriminals are increasingly exploiting gen AI technologies to enhance the sophistication and efficiency of their attacks.