CSO Online | Security at the speed of business

Top 7 zero-day exploitation trends of 2024

Unpatched vulnerabilities are always critical means for compromising enterprise systems, but attacker activity around certain zero-day flaws indicate key trends cyber teams should be aware of.

By Lucian Constantin

23 Dec 202411 mins

SecurityThreat and Vulnerability ManagementVulnerabilities

More security news

US eyes ban on TP-Link routers amid cybersecurity concerns

Experts warn that hacked devices can serve as entry points for corporate espionage, DDoS attacks on enterprise systems, and the interception of sensitive information over VPNs.

By Gyana Swain

19 Dec 2024 5 mins

Network SecuritySecurityVulnerabilities

The European Data Protection Board advised national regulators to allow personal data to be used for AI training, as long as the final product doesn’t reveal personal information.

By Evan Schuman

18 Dec 2024 7 mins

Data PrivacyGDPR

Cisco grabs SnapAttack for threat detection

SnapAttack, a privately held company headquartered in Arlington, Virg., is known for its threat detection and engineering platform.

By Michael Cooney

18 Dec 2024 1 min

Mergers and AcquisitionsNetwork SecuritySecurity

A new ransomware regime is now targeting critical systems with weaker networks

Ransomware entrants are already gaining prominence for using VPN flaws to gain access and maintain persistence in critical industrial systems.

By Shweta Sharma

18 Dec 2024 4 mins

RansomwareSecurity

Meta hit with $263 million fine in Europe over 2018 data breach

This latest penalty adds to a series of GDPR fines against Meta, bringing the total to $3 billion.

By Prasanth Aby Thomas

18 Dec 2024 4 mins

Data BreachGDPRSecurity

Key strategies to enhance cyber resilience

To avoid costly downtime and brand reputational damage security experts offer four key measures to ensure the minimal amount of downtime possible during an unplanned event.

By Jaikumar Vijayan

18 Dec 2024 7 mins

Cloud SecurityCyberattacksData and Information Security

This new cipher tech could break you out of your Gen AI woes

As companies scramble for tougher shields against Gen AI risks, homomorphic encryption steps into the spotlight, bringing a unique superpower: it can crunch encrypted data without ever cracking it open.

By Shweta Sharma

17 Dec 2024 7 mins

EncryptionGenerative AISecurity

Lesson from latest SEC fine for not completely disclosing data breach details: ‘Be truthful’

After a Michigan financial institution agrees to pay US$7 million in regulatory fines, an expert says CISOs and boards should realize proper public disclosure ‘isn’t rocket science.’

By Howard Solomon

17 Dec 2024 6 mins

Data BreachRegulation

Attackers exploit zero-day RCE flaw in Cleo managed file transfer

The exploit takes advantage of a known file upload vulnerability that was not efficiently patched and can still be exploited in up-to-date versions of Cleo LexiCom, VLTrader and Harmony products.

By Lucian Constantin

17 Dec 2024 6 mins

VulnerabilitiesZero-day vulnerability

That cheap webcam? HiatusRAT may be targeting it, FBI warns

Cyberattackers are scanning for vulnerable web cameras and DVRs to install a remote access Trojan previously used against the DoD and over a hundred companies.

By Tristan Fincken

17 Dec 2024 3 mins

CyberattacksSecurityVulnerabilities

US moves to tighten restrictions on China Telecom amid security fears

Last week, the government issued a preliminary ruling deeming China Telecom Americas’ US network and cloud operations a national security risk.

By Prasanth Aby Thomas

17 Dec 2024 1 min

Cloud SecuritySecurityTelecommunications Industry

Black Hat: Latest news and insights

The Black Hat series of international cybersecurity conferences brings together top IT security pros, researchers, and thought leaders to discuss the latest cyber techniques, vulnerabilities, threats, and more. Here’s the latest to know.

By CSO Staff

16 Dec 2024 5 mins

Advanced Persistent ThreatsBlack HatThreat and Vulnerability Management