Advertisement

FBI Flag

FBI cleans web shells from hacked Exchange servers in rare active defense move

The FBI has been deleting backdoors placed by cyberespionage group Hafnium on Microsoft Exchange servers. The court order allowing them to do so signals a more active defense approach.


Russian hammer and sickle / binary code

US sanctions Russian government, security firms for SolarWinds breach, election interference

The Biden administration places economic sanctions on Russian government organizations, individuals, and companies including several security firms.


conference / convention / audience / applause / clapping

The CSO guide to top security conferences, 2021

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.


Advertisement

CSO  >  secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.


CSO > Password elimination [conceptual password security lock in a trash bin]

The password hall of shame (and 10 tips for better password security)

Banish these common passwords now and employ these tips for better password security.


A large 'X' marks a conceptual image of a password amid encrypted data.

Tips to improve domain password security in Active Directory

Follow this advice to better secure domain passwords in a Microsoft environment.


Security system alert: 'DANGER'

6 tips for receiving and responding to third-party security disclosures

Your first notification of your next breach or significant threat might come from outside your organization. Have these preparations in place to effectively and quickly respond to inbound security intelligence.


A fishing lure with multiple hooks baits a binary stream. [fraud / phishing / social engineering]

7 new social engineering tactics threat actors are using now

Old tactics in new packages lead the list of current social engineering attacks. Experts provide real-world examples.


Tech Spotlight   >   Analytics [Overview]   >   Conceptual image of data analytics.

5 perspectives on modern data analytics

You can't navigate business challenges without the right instruments. Done right, analytics initiatives deliver the essential insights you need, as these five articles explore.


Tech Spotlight   >   Analytics [CSO]   >   An image of a bottle of poison emanating binary code.

How data poisoning attacks corrupt machine learning models

Data poisoning is a type of attack that involves tampering with and polluting a machine learning model's training data, impacting the model's ability to produce accurate predictions.


Advertisement

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

Zero days explained: How unknown vulnerabilities become gateways for attackers

A zero day is a security flaw that has not yet been patched by the vendor and can be exploited. The name evokes a scenario where an attacker has gotten the jump on a software vendor, implementing attacks that exploit the flaw before...


security posture / cybersecurity landscape / binary eye / locks / keyholes / firewall / gears
Cybersecurity Snippets

4 steps to better security hygiene and posture management

Increasing scale and complexity have made keeping up with security hygiene and posture management cumbersome and error prone, leaving organizations exposed. Here's what leading CISOs are doing to close the gap.


handshake / teamwork / collaboration / partnership / deal / negotiation

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.


Unitd States cybersecurity   >   U.S. flag with a digital network of locks instead of stars

Experts fear that Biden’s cybersecurity executive order will repeat mistakes of the past

President Biden is expected to issue an executive order soon in response to the SolarWinds and Exchange Server attacks. Leaked details suggest it might not focus on the most effective actions.


Artificial intelligence and digital identity

What is IAM? Identity and access management explained

IAM products provide IT managers with tools and technologies for controlling user access to critical information within an organization.