Advertisement
More top stories
Biden memo aims to bolster cybersecurity in national security systems
A national security memorandum places new cybersecurity requirements for reporting and preventing security incidents involving sensitive national security systems.
What CISOs can learn about insider threats from Iran's human espionage tactics
Israel's arrest of four women recruited to spy for Iran reveals how an adversary might recruit an insider to act on its behalf.
BadUSB explained: How rogue USBs threaten your organization
The FBI has warned of an attack campaign that sends USB drives containing malicious software to employees. Here is what you need to know about BadUSB and mitigating its risks.
Advertisement
Arm’s vulnerability management program has legs
CISO Tim Fitzgerald’s vulnerability management program has delivered measured improvements and earned the security team recognition as a business-enablement function.
INTERPOL and Nigerian Police bust business email compromise ring, arrest 11
Operation Falcon II focused on malware skills and knowledge to track suspects thought to be members of the SilverTerrier BEC network that has harmed thousands of companies globally.
Supply chain vulnerability allows attackers to manipulate SAP transport system
The vulnerability permits malicious interference in the SAP change management and software deployment processes. SAP issues patch to protect file system from exploitation.
The Prometheus traffic direction system is a major player in malware distribution
Newly discovered Prometheus uses a network of compromised websites and servers to direct victims to malware or scams.
Microsoft's Pluton security processor tackles hardware, firmware vulnerabilities
Pluton-equipped Windows 11 computers are now available, but the decision to purchase them depends on your threat model.
Russia-linked cyberattacks on Ukraine: A timeline
Cyber incidents are playing a central role in the Russia-Ukraine conflict. Here's how events are unfolding along with unanswered questions.
Russian cyberattacks on Ukraine raise IT security concerns
The destructive attacks follow a U.S. government warning for a "heightened state of awareness" and to follow state-sponsored threat mitigation advice.
-
-
-
-
Video/Webcast
Sponsored
Advertisement
How chaos engineering can help DevSecOps teams find vulnerabilities
DevOps teams have used chaos engineering concepts to find software bugs for years. Tools are now available to help identify security flaws, too.
![Hands are stacked together in unity and trust. [colleagues / teamwork / collaboration]](https://images.idgesg.net/images/article/2020/09/all_hands_in_stacked_together_in_unity_and_trust_during_meeting_colleagues_teamwork_collaboration_by_jonathan_erasmus_gettyimages-1199216681_2400x1600-100858476-medium.3x2.jpg?auto=webp&quality=85,70)
Tech sector embraces public-private collaboration on open-source software security
Participants in a White House meeting on securing open-source software expressed optimism for working effectively with government to help prevent Log4j-like events.
Three recent events prove the need for an insider risk playbook
Pfizer, Ubiquiti and Code42 all faced real or potential insider threats that could have been a lot worse if they did not have a plan to deal with them.
![Shared responsibility concept > Hands take equal shares of pie chart [partnership / teamwork]](https://images.idgesg.net/images/article/2021/06/shared_cloud_responsibility_concept_hands_take_equal_shares_of_pie_chart_partnership_teamwork_collaboration_by_griboedov_shutterstock_671288839_royalty-free_digital-only_cso-100890638-medium.3x2.jpg?auto=webp&quality=85,70)
Collective resilience: Why CISOs are embracing a new culture of openness
CISOs are finding value in information sharing among trusted, vetted sources. Here’s how they are maximizing the intelligence gathered from these channels.
The emotional stages of a data breach: How to deal with panic, anger, and guilt
Intense situations require both the security experts and stakeholders to be calm and focused, but that is easier said than done. This advice can help.
From Our Advertisers
-
![cso sponsored background]()
Featured Sponsor AkamaiFuture of Life Challenge: Compete for a slice of $1M to scale your big idea. -
![Cloud computing]()
Sponsored by Akamai and AT&THow to Best Protect Multi-cloud and Hybrid Environments -
![new year 2022 loading picture id1350426022]()
Sponsored by Fortinet5 Threats to Watch Out for in 2022 -
![fy22q3 idg post 9 new apache 4logj vulnerability 1200x800]()
Sponsored by NetscoutDetect and Remediate the Exploitation of the Log4j Vulnerability
