Advertisement
- Don't Miss:
- CSO50 2022 Award Winners
- CSO Hall of Fame honorees
More top stories
Lacework’s new CIEM uses ML to fish out high-risk identities
The new CIEM will merge with existing threat detection capabilities to consolidate Lacework’s cloud security offering.
OWASP lists 10 most critical large language model vulnerabilities
The list highlights the impact and prevalence of the 10 most critical vulnerabilities found in artificial intelligence applications based on LLMs.
Cloud misconfiguration causes massive data breach at Toyota Motor
Vehicle data and customer information were exposed for over eight years due to a cloud misconfiguration at Toyota Motor that impacted over 260,000 customers.
Advertisement
Department of Defense AI principles have a place in the CISO’s playbook
The American defense establishment has put in place some very useful guidelines that CISOs can easily translate and incorporate into their own policies on handling artificial intelligence.
Shadow IT is increasing and so are the associated security risks
Shadow IT — tech brought into an organization without the security team’s knowledge — continues to be a threat. Managing visibility through increased vigilance and employee education can help mitigate its dangers.
Clop ransomware gang exploits the MOVEit Transfer vulnerability to steal data
At least one organization, UK payroll provider Zellis, has confirmed a breach via the MOVEit utility.
Atomic Wallet hack leads to at least $35M in stolen crypto assets
The biggest victim of the cryptocurrency hack on Atomic Wallet was an individual who reportedly lost $7.95 million in Tether.
SAFE Security claims to predict data breaches with new generative AI offering
SAFE Security’s Cyber Risk Cloud of Clouds generates likelihoods for different risk scenarios based on an organization’s cybersecurity posture.
CISOs, IT lack confidence in executives’ cyber-defense knowledge
Cybercriminals target senior executives, but IT security professionals say these executives are unprepared to defend their devices, software, and home network.
Governments worldwide grapple with regulation to rein in AI dangers
As generative AI revolutionizes tech, governments around the world are trying to come up with regulations that encourage its benefits while minimizing risks such as bias and disinformation.
Advertisement
10 notable critical infrastructure cybersecurity initiatives in 2023
How vendors, governments, industry bodies, and nonprofits are contributing to increasing the cyber resilience of critical national infrastructure this year.
Federal cyber incidents reveal challenges of implementing US National Cybersecurity Strategy
As federal government cybersecurity incidents continue to mount, the Biden administration's National Cybersecurity Strategy should help, although experts say implementing it won't be easy.
Russia points finger at US for iPhone exploit campaign that also hit Kaspersky Lab
The Operation Triangulation surveillance campaign infects Apple iPhones without the need for user action and is difficult to detect.
Attackers use Python compiled bytecode to evade detection
Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software.
MOVEit Transfer vulnerability appears to be exploited widely
A SQL injection vulnerability has been found in the MOVEit Transfer web application, allowing an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database.
From Our Advertisers
-
![HP Wolf Security]()
Featured Sponsor HP Wolf SecurityThe Need for Endpoint Security Rooted In Zero Trust -
![istock 610855316]()
Sponsored by Microsoft SecurityHow the combination of XDR and SIEM can improve SOC operations -
![bussiness risk is critical 1200x800 photo1 1]()
Sponsored by CiscoBusiness risk is a critical component of cloud-native application protection -
![istock 935964300]()
Sponsored by FortinetThe state of operational technology and cybersecurity
