Advertisement

Skull and crossbones emerge from a stream of digital cubes / malicious code / hacking / threat

JSON-based SQL injection attacks trigger need to update web application firewalls

Newly discovered method uses JSON syntax to deliver malicious payloads that bypass SQLi protections in popular WAFs.


Scanning for vulnerabilities.

Microsoft's rough 2022 security year in review

The ubiquity of Microsoft technology in organizations big and small make it a target for attack. These are the most important vulnerabilities and fixes from 2022 that admins need to know.


iCloud key

Apple finally adds encryption to iCloud backups

Apple has rolled out a number of security features that will now offer end-to-end encryption to protect data, including backups, contacts, notes, photos, and wallet passes. The company also announced hardware Security Keys for Apple...


Advertisement

United States Capitol Building / Congress / legislation in a digital landscape

US Congress rolls back proposal to restrict use of Chinese chips

After business groups argued that proposed legislation to curb use of Chinese-made semiconductors would hurt national security, lawmakers amended it—but a final vote and the president's approval of the proposed National Defense...


Conceptual image of a network labeled 'Zero Trust.'

Athletic shoe maker Brooks runs down cyberattacks with zero-trust segmentation

Protecting the most vital areas of the network first is a practical, doable defense, Brooks found when it implemented Illumio Core’s zero-trust segmentation platform.


Data center / enterprise networking

Ransomware attack knocks Rackspace’s Exchange servers offline

Rackspace’s hosting for Exchange servers remained offline Tuesday after an outage Friday that the company now ascribes to a ransomware attack.


skull and crossbones in binary code

Flaws in MegaRAC baseband management firmware impact many server brands

The newly discovered vulnerabilities could allow attackers to gain control of servers that use AMI's MegaRAC BMC firmware.


security threat / hacker / attack

Action1 launches threat actor filtering to block remote management platform abuse

Action1 says remote management platform can now identify and terminate any attempt at misuse by attackers.


digital twins woman in profile ai mirror duplicate duo pair

The cybersecurity challenges and opportunities of digital twins

The virtual representation of objects or systems through digital twins provide organizations greater insight into their assets but it can also invite malicious actors.


lorimerlite framework structure build construction

The changing role of the MITRE ATT@CK framework

Organizations are using the MITRE ATT@CK framework as more than a security operations reference architecture, adding new use cases and making it part of strategic future plans.


Advertisement

Cyber insurance  >  Umbrella hub protecting connected devices + online activities in binary world.

What you should know when considering cyber insurance in 2023

When even the best-laid cybersecurity plans fail, cyber insurance can help mitigate an organization’s exposure to financial and operational risk—but the insurance landscape is shifting with the times.


healthcare technology / medical data

Palo Alto Networks looks to shore up healthcare IoT security

Machine-learning based visibility and monitoring are at the heart of the cybersecurity company’s new healthcare-focused, add-on application to its core firewall products.


siren emergency

FCC’s proposal to strengthen emergency alert security might not go far enough

The FCC has proposed new rules to bolster the security of the nation’s emergency alerting system (EAS) but some experts think the adoption of next-generation technology could help even more.


blame 174280704

When blaming the user for a security breach is unfair – or just wrong

Training non-tech savvy users to recognize phishing and other credential-based attacks is essential but expecting employees to man the front lines against intrusions is a mistake, experts say. Harmony between staff psychology and...


conference / convention / audience / applause / clapping

The CSO guide to top security conferences

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.