Advertisement
CISA's Cloud Security Technical Reference Architecture: Where it succeeds and where it falls short
CISA's reference architecture will help federal government agencies improve cloud security, but it relies too much on outdated guidance.
How to choose an endpoint protection suite
Endpoint protection has come a long way since the days of dedicated antivirus servers. Here are the basic and more advanced features to look for in an enterprise endpoint protection suite.
MITRE ATT&CK, VERIS frameworks integrate for better incident insights
The MITRE ATT&CK/VERIS collaboration aims to create a common dictionary for communicating information about security incidents.
Advertisement
Seven strategies for building a great security team
The dangers of a dysfunctional security team are easy to imagine, ranging from difficulty attracting and retaining talent to putting your organization at risk. These seven steps can make a world of difference.
Security Recruiter Directory
To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.
Breach reporting required for health apps and devices, FTC says
A new policy statement makes it clear that the US Federal Trade Commission will hold healthcare app and device makers accountable for reporting data breaches.
10 top API security testing tools
Application programming interfaces have become a favorite target for attackers. These tools and platforms (both commercial and open source) will help identify errors, vulnerabilities, and excessive permissions.
Exchange Autodiscover feature can cause Outlook to leak credentials
A design issue in the Microsoft Exchange Autodiscover feature can cause Outlook and other third-party Exchange client applications to leak plaintext Windows domain credentials to external servers. Here’s what companies can do now to...
Yes, the FBI held back REvil ransomware keys
The ransomware keys might have been acquired by an ally, which would invoke the third-party doctrine where the decision to release was not the FBI's alone.
US cryptocurrency exchange sanctions over ransomware likely not the last
The sanctions are aimed to cut ransomware gangs off from their revenue. Advisory on sanctions risks regarding ransomware payments also updated.
-
Video/Webcast
Sponsored -
-
Video/Webcast
Sponsored -
Video/Webcast
Sponsored
Advertisement
How to mitigate the Microsoft Office zero-day attack
Follow this advice to block malicious Office files from doing harm to your network even if you've implemented Microsoft's recommended actions.
Software cybersecurity labels face practical, cost challenges
The federal government wants consumer software to have cybersecurity labels; experts question the feasibility of the mandate.
The Kaseya ransomware attack: A timeline
REvil's ransomware attack on software provider Kaseya underscored the threats to supply chains that ransomware groups pose. Here is an up-to-date timeline of the attack.
Biden sanctions Suex cryptocurrency exchange to stifle ransomware payments
In the wake of significant ransomware attacks, President Biden has sanctioned cryptocurrency exchange Suex in a clear attempt to prevent ransomware payments.
The new math of cybersecurity value
An increasing number of CISOs are devising a new set of metrics to show how they’re impacting risk at their organizations.
From Our Advertisers
-
![HP Wolf Security]()
Featured Sponsor HP Wolf SecurityThe Need for Endpoint Security Rooted In Zero Trust -
![Ecommerce]()
Sponsored by AkamaiWhich Online Shopping Experience Should I Try Today? -
![zero trust security model secured network picture id1313494602 2]()
Sponsored by FortinetZero Trust Needs to Play Well with Others -
![istock 1274394138]()
Sponsored by OktaTrust Transformation – Creating a Robust Security Culture Built for Tomorrow’s
