Advertisement

5G mobile wireless network

5G security is a mess. Could digital certificates help?

5G inherited security vulnerabilities from earlier mobile technology, but digital certificates might solve the issue of unauthenticated messages.


CSO > breakthrough / penetration testing / hammer breaking binary glass

11 penetration testing tools the pros use

Penetration testing is a simulated cyber attack where professional ethical hackers break into corporate networks to find weaknesses ... before attackers do.


A circuit-board house.
InfoSec at Your Service

The CCPA is an opportunity to get your data security house in order

As California’s privacy legislation goes into effect, it’s time to take stock of your security strategies around data and think about the future. The trend towards greater privacy is set to continue.


Advertisement

Ransomware

Recent ransomware attacks define the malware's new age

By 2018, the ransomware boom seemed to have peaked. But over the past 24 months, shifts in hacker tactics have resulted in a resurgence of ransomware attacks.


Many keys, one lock  >  Brute-force credential stuffing.

APIs are becoming a major target for credential stuffing attacks

New research shows that attackers use APIs to automate credential stuffing attacks. The financial sector is particularly vulnerable.


CSO > global security

How to set up your network to prevent data loss

Critical data is at risk from both insider and external threats. Here's how to configure your Windows network for data loss prevention (DLP).


A firmware message appears on a circuit board.

Lack of firmware validation for computer peripherals enables highly persistent attacks

Vulnerabilities in unvalidated peripheral firmware such as WiFi adapters, cameras, and network interface controllers give attackers control over systems.


RSA 2020's hot new startups

12 hottest new cybersecurity startups at RSA 2020

Cybersecurity startup companies use the RSA Conference to make their public debut and showcase their products. These are some of the more interesting startups coming out of stealth.


Insider Pro | Computerworld  >  Salary Survey [2020]

IT Salary Survey 2020: The results are in

Insider Pro reveals the current salaries for dozens of tech titles, details about IT workers' top concerns, the state of the tech hiring and the tech specialties raking in the biggest compensation.


CSO > A man holds a magnifying glass over the terms of a document / contract / insurance / invoice

5 things you should know about cybersecurity insurance

Understanding what it can and can't do for your business is critical to getting the most out of a cyber insurance policy.


Advertisement

Conceptual image of executives; silhouettes in motion with a virtual global network overlay.

The CSO's playbook for forging board relationships

Security is a board-level concern, but many aren’t confident they have the information and processes to provide effective governance. This nine-point plan will help you cement your role as a trusted advisor.


audience listens to speaker lecture at a conference presentation

The CSO guide to top security conferences, 2020

CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.


A hook is cast at laptop email with fishing lures amid abstract data.

What is phishing? How this cyber attack works and how to prevent it

Phishing is a method of trying to gather personal information using deceptive e-mails and websites. Here's what you need to know about this venerable, but increasingly sophisticated, form of cyber attack.


CSO > Password elimination [conceptual password security lock in a trash bin]

The 25 worst passwords of 2019, and 8 tips for improving password security

Blacklist these 25 passwords now and use these tips to improve enterprise password security.


DDOS attack

DDoS explained: How distributed denial of service attacks are evolving

A distributed denial of service (DDoS) attack is when attackers attempt to make it impossible for a service to be delivered, typically by drowning a system with requests for data. They have been part of the criminal toolbox for twenty...