Advertisement

A gavel rests on open law book. [law / regulation / compliance / legal liability]

CSO's ultimate guide to security and privacy laws, regulations, and compliance

This handy directory provides summaries and links to the full text of each security or privacy law and regulation.


CSO  >  Botnets

Law enforcement takes over Emotet, one of the biggest botnets

Multi-national cooperation removes this key malware delivery service as a threat, at least temporarily.


One lock in a series is unlocked / weakness / vulnerability

Tips to harden Active Directory against SolarWinds-type attacks

The SolarWinds attackers took advantage of Active Directory to gain a foothold. Here's what configurations and policies to check to better protect your network.


Advertisement

infographic of cloudscape reflect to modern multicloud technology picture id1262031859 2

How one multi-cloud-based business manages security controls

AppsFlyer processes 80 terabytes of data a day across multiple cloud hosting services. It scales its security needs by keeping a close eye on identity governance and access controls.


A computer monitor displays abstract data, a skill and crossbones, and 'HACKED.'

SonicWall warns customers about zero-day vulnerabilities

Attack targets SonicWall's SMA Series access management gateways and is another in a string of incidents against security vendors.


green army soldier on a laptop keyboard

Why you're probably doing endpoint security all wrong

The traditional combination of username and password to secure company devices and systems is outdated and could be putting your business at risk. Employing an AI based continuous identity management system could eliminate nearly all...


medical data accessed via tablet / healthcare IoT monitoring

HIPAA explained: definition, compliance, and violations

This landmark law imposes stringent privacy and security mandates on health care providers—and most of their IT vendors.


resume handshake cv career job search interview

10 ways to prep for (and ace) a security job interview

You've landed an interview for that security job you've had your eye on. Now prepare to land the job with these 10 techniques to get noticed and make an impression


square peg in a round hole / wooden block shapes toy
Cybersecurity Snippets

4 ways security has failed to become a boardroom issue

New research finds that despite being more engaged with cybersecurity, business executives and board members continue to view cybersecurity as a technology domain rather than a business concern.


'expert knowledge' stamp of certification

CISSP certification guide: Requirements, training, and cost

Certified Information Systems Security Professional, or CISSP, is a certification for advanced IT professionals who want to demonstrate that they can design, implement, and manage a cybersecurity program at the enterprise level


Advertisement

2 dark web

The state of the dark web: Insights from the underground

The rise of professional criminal gangs, malware as a service, and improved infrastructure for carrying out criminal activity are changing the dark web. Here's what that means for enterprise security.


A fishing lure with multiple hooks baits a binary stream. [fraud / phishing / social engineering]

How to prepare for an effective phishing attack simulation

Here's what users need to know about phishing attacks before you send out a test email.


podcast 3x16 2
Strengthen and Streamline Your Security

Episode 2: Empowering employees to be secure and productive

Episode 2: When it comes to protecting your business, security is a team sport. Criminal hackers –increasingly sophisticated and persistent – are playing offense, trying to find weak spots to breach an organization. And everyone in...


padlock / Domain Name System / DNS / ICANN / security

Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed

A set of seven vulnerabilities, called DNSpooq, allows attackers to redirect users or execute malicious code. Patch dnsmasq now.


ransomware attack

New Intel CPU-level threat detection capabilities target ransomware

The new capabilities in the Intel mobile processors will make it harder for ransomware to avoid detection.