Advertisement
More top stories
How to defend Windows networks against destructive cyberattacks
Defending against attacks intended to destroy systems rather than steal or extort requires a different approach, as Russia's cyberattacks against Ukraine demonstrate.
Data residency laws pushing companies toward residency as a service
Many countries now require companies that operate within its boundaries to store data on their residents locally. Using residency-as-a-service providers is becoming an important option.
SEC eyes more expansive cybersecurity requirements
New rules for publicly traded companies could add protections for consumer information, strengthen incident reporting, and require assessment of third-party risk.
Advertisement
Using the NIST Cybersecurity Framework to address organizational risk
NIST's CSF, used with other guidance, can help map risk to actual threats and better comply with security mandates such as the U.S.'s cybersecurity executive order.
Prioritizing and remediating vulnerabilities in the wake of Log4J and Microsoft's Patch Tuesday blunder
Vulnerability disclosures often come in bunches, and unvetted patch updates can create their own problems. Here's how to assess and prioritize both.
Education sector hounded by cyberattacks in 2021
The education and research sector recorded a 75% year-on-year increase in cyberattacks as the move to working from home enlarged the attack surface and opened up new vulnerabilities.
High anxiety spreads among Russian criminal groups in wake of REvil raid
Fearful chatter reveals unprecedented concern about future criminal operations, though some doubt Russia's commitment to stopping ransomware.
22 cybersecurity myths organizations need to stop believing in 2022
Security teams trying to defend their organizations need to adapt quickly to new challenges. Yesterday’s buzzwords and best practices have become today’s myths.
Red vs. blue vs. purple teams: How to run an effective exercise
Playing the role of an attacker can make your team better at defense if you include all the stakeholders and carefully design goals.
MoonBounce UEFI implant used by spy group brings firmware security into spotlight
The MoonBounce rootkit implants a malicious driver in the Windows kernel to provide persistence and stealthiness.
-
-
Solution Brief
Sponsored -
-
Video/Webcast
Sponsored
Advertisement
Attackers use public cloud providers to spread RATs
Cisco discovers malware campaign using Azure and AWS to spread Nanocore, Netwire and AsyncRATs.
McAfee, FireEye merger yields Trellix, a unified XDR security company
Trellix will build on existing McAfee and Fire Eye applications, machine learning and automation technology to create an XDR platform of interoperable of products for threat prevention, detection and response.
Cybersecurity Snippets
Security hygiene and posture management: A 2022 priority
Disjointed tools and manual processes provide an incomplete and unacceptable picture of cyber-risk.
New US CISO appointments, January 2022
Keep up with news of CSO, CISO, and other senior security executive appointments.
Biden memo aims to bolster cybersecurity in national security systems
A national security memorandum places new cybersecurity requirements for reporting and preventing security incidents involving sensitive national security systems.
From Our Advertisers
-
![cso sponsored background]()
Featured Sponsor AkamaiFuture of Life Challenge: Compete for a slice of $1M to scale your big idea. -
![teenage hacker girl attacks corporate servers in dark typing on red picture id946613770]()
Sponsored by SophosYou’ve Been Hit by Ransomware. Now What? -
![why cyber resiliency has transitioned from a security initiati 1200x800]()
Sponsored by NetscoutWhy Your Business Strategy Needs to Include Cyber Resiliency in 2022 -
![istock 1270518089]()
Sponsored by SectigoA Guide to Certificate Lifecycle Management: Benefits and Use Cases
