Advertisement
More top stories
Zoho ManageEngine flaw is actively exploited, CISA warns
Threat actors are exploiting unpatched ManageEngine instances. CISA adds the vulnerability to its catalog and Zoho urges customers to check their deployments.
US CISA/NSA release new OT/ICS security guidance, reveal 5 steps threat actors take to compromise assets
Advisory from the Cybersecurity and Infrastructure Security Agency and the National Security Agency outlines steps to protect operational technology and industrial control systems.
Apple Holic
Jamf buys ZecOps to bring high-end security to Apple enterprise
ZecOps protects world-leading enterprises, governments, and individuals; Jamf has acquired it to help secure the enterprise.
Advertisement
97% of enterprises say VPNs are prone to cyberattacks: Study
Since the shift to remote and hybrid work, 44% of organizations have witnessed an increase in exploits targeting VPNs, and many are moving toward zero-trust security, according to a report from Zscaler.
The deepfake danger: When it wasn’t you on that Zoom call
Deepfakes pose a real threat to security and risk management and it’s only going to get worse as the technology develops and bad actors can access malicious offerings such as deepfakes as a service.
![Tech Spotlight > Analytics [CSO] > An image of a bottle of poison emanating binary code.](https://images.idgesg.net/images/article/2021/04/spot_analytics_04_cso_bottle_of_poison_by_arek_socha_aka_qimono_cc0-like_via_pixabay_binary_spiral_by_gordon_johnson_aka_gdj_cc0-like_via_pixabay_3x2_2400x1600_hero-100884335-medium.3x2.jpg?auto=webp&quality=85,70)
SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware
The sophisticated campaign sends victims looking for business forms and templates to sites containing malicious files.
Security Recruiter Directory
To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.
A third of Australian population likely affected in Optus cyberattack
Breached information includes names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver's licence or passport numbers.
Ransomware operators might be dropping file encryption in favor of corrupting files
Corrupting files is faster, cheaper, and less likely to be stopped by endpoint protection tools than encrypting them.
![A man with an umbrella appears waist-deep in water against a city skyline. [multiple-exposure]](https://images.idgesg.net/images/article/2020/09/multiple-exposure_man_with_umbrella_appears_waist-deep_in_water_against_city_skyline_risk_insurance_protection_by_anyaberkut_gettyimages-1215138291_2400x1600-100858027-medium.3x2.jpg?auto=webp&quality=85,70)
D&O insurance not yet a priority despite criminal trial of Uber’s former CISO
The cost is too high and the risk too low to offer CISOs directors-and-officers insurance at many companies. Protective governance policies might make more sense.
Advertisement
Multi-factor authentication fatigue attacks are on the rise: How to defend against them
LAPSUS$ is just one cybercriminal group that has breached networks of large companies such as Uber and Microsoft by spamming employees with MFA authentication requests.
Former Broadcom engineer gets eight months in prison for trade secrets theft
Peter Kisang Kim admitted to stealing Broadcom data related to its Trident family of network switching and cloud networking chipsets, while working for a Chinese startup.
Report: The state of secure identity 2022
New research from Okta’s Auth0 access management platform found that credential stuffing and fraudulent registration attacks are on the rise.
![A multitude of arrows pierce a target. [numerous attacks / quantity / severity]](https://images.idgesg.net/images/article/2020/12/arrows_piercing_a_target_numerous_attacks_quantity_by_franck_v_cc0_via_unsplash-100869381-medium.3x2.jpg?auto=webp&quality=85,70)
Top 5 attack surface challenges related to security operations
The growing attack surface is extending the security/software developer gap, increasing vulnerabilities, and slowing security investigations.
Ransomware is (slightly) on the decline, cyberinsurance company says
While ransomware attacks remain highly dangerous, data from a prominent insurer suggests that their frequency and severity is beginning to decline.
From Our Advertisers
-
![HP Wolf Security]()
Featured Sponsor HP Wolf SecurityThe Need for Endpoint Security Rooted In Zero Trust -
![Palo Alto Networks]()
Sponsored by Palo Alto NetworksWhat’s Missing in Most CISO’s Security Risk Management Strategies -
![ns idg 5g deploymentss 1200x800 post 8]()
Sponsored by Netscout5G Deployments, Wireless Hotspots Are Likely Culprits for Increased Attacks -
![istock 1124604407]()
Sponsored by FortinetManaging Cloud Risks with Cloud-Native Protection
