Advertisement

QR code on mobile phone [CC0 image by Gerd Altmann via Pexels]

How attackers exploit QR codes and how to mitigate the risk

Attackers are taking advantage of the increased use of QR codes to steal sensitive information or conduct phishing campaigns. Here's what security teams and employees need to know.


Cloud security threats  >  Lightning strikes a digital landscape via binary clouds.

11 top cloud security threats

More data and applications are moving to the cloud, which creates unique infosecurity challenges. Here are the "Egregious 11," the top security threats organizations face when using cloud services.


Security system alert, warning of a cyberattack.

Common pitfalls in attributing cyberattacks

Attack attribution is always difficult as criminal groups often share code and techniques, and nation-state actors excel at deception. Here, security researchers share their techniques and common pitfalls.


Advertisement

Election security  >  Backlit hand drops a vote in a ballot box with US flag + binary code overlay

Late-game election security: What to watch and watch out for

Despite disruption of the Trickbot botnet network, last-minute leaks of stolen documents and post-election undermining of trust in the election system remain big concerns.


5 cryptography and data protection

What is cryptography? How algorithms keep information secret and safe

Cryptography is the science of keeping information secret and safe by transforming it into form that unintended recipients cannot understand. It makes secure data transmission over the internet possible.


Ransomware  >  A masked criminal ransoms data for payment.

Financial crime group FIN11 pivots to ransomware and stolen data extortion

FIN11, believed to be Russia-based, follows a trend of cybercriminal groups expanding their operations beyond financial crime.


CSO > Azure automation for Let's Encrypt certificates

Azure Security Benchmark v2: What you need to know

Here's what Microsoft's new security benchmarks include and how they can help you better understand your Azure security posture.


One lock in a series is unlocked / weakness / vulnerability

Half of all virtual appliances have outdated software and serious vulnerabilities

New study shows that even security vendors can use outdated and vulnerable virtual appliances. Top advice: Make sure your vulnerability management processes include virtual appliances.


IDG Tech Spotlight  >  IT Leadership [ September 2020 ]

IT leaders grapple with the new normal

Five articles examine the challenges faced by leaders across all segments of IT – and the solutions that have made a difference.


IDG Tech Spotlight  >  IT Leadership [ September 2020 / CSO ]

The CISO’s newest responsibility: Building trust

Leading CISOs have already embraced the concept of trust as a deliverable and indeed are making it the central theme of their entire security function.


Advertisement

businessman bridges gap

Taking aim at the cybersecurity skills shortage: 5 approaches to closing the gap

Programs have emerged to draw professionals into the field and prepare them for jobs, but their task is daunting.


A circuit board with CPU / chip displaying glowing binary code.

Homomorphic encryption tools find their niche

Current homomorphic encryption offerings require fewer specialized skills and are proving themselves effective in some use cases.


A man casts the shadow of an ominous hooded figure against a circuit-based wall.

Elusive hacker-for-hire group Bahamut linked to historical attack campaigns

The Bahamut group targets high-value victims and takes meticulous care with its own operational security.


CSO  >  security shield / binary code / handshake / agreement / contract

11 biggest cybersecurity M&A deals in 2020

COVID-19 hasn't slowed the pace of mergers and acquisitions for 2020, although the size of the transactions is down from last year.


Facebook / network connections / privacy / security / breach / wide-eyed fear

How SilentFade group steals millions from Facebook ad spend accounts

SilentFade steals credentials and ad spend account information and sells the information to other bad actors. The group returned with improved malware after Facebook's initial mitigation efforts.