Advertisement
Smart factories unprepared for cyberattacks
Smart factory operators are well aware of the cyberthreats they face but acknowledge lack of readiness to defend against them.
An updated pipeline security directive is underway, reflecting TSA struggles
The TSA directives issued after the Colonial Pipeline attack have been widely criticized, but the agency is working with the industry to improve them.
NIST names new post-quantum cryptography standards
One public-key encryption and three digital signature algorithms determined to provide the best defense against quantum attacks.
Advertisement
![A vast network of identity avatars. [identity management]](https://images.idgesg.net/images/article/2020/03/network_of_identity_avatars_by_dem10_gettyimages-955974214_2400x1600-100836245-medium.3x2.jpg?auto=webp&quality=85,70){kind=avatar}
What is decentralized identity?
Decentralized identity, also referred to as self-sovereign identity, is a model for identity management that gives individuals control over their own data. It is a concept that almost certainly will play a role in digital identity...
How to keep attackers from using PowerShell against you
New guidance shows how to harden PowerShell and make it more difficult for threat actors to hijack for malicious purposes.
APT campaign targeting SOHO routers highlights risks to remote workers
The ZuoRAT remote access Trojan malware can compromise multiple router brands and likely has been active for years.
SQL injection, XSS vulnerabilities continue to plague organizations
Errors that allow SQL injection and cross-site scripting attacks are still the top vulnerabilities that pen-testers find, especially at smaller companies.
LockBit explained: How it has become the most popular ransomware
Criminal use of the LockBit ransomware as a service is growing rapidly thanks to updates to the malware and the decline of other ransomware gangs.
6 signs your IAM strategy is failing, and how to fix it
Mistakes when implementing identity and access management systems, especially during upgrades, can have lasting effects. Here's how to spot and avoid the worst of them.
Asia could be placing all the wrong cybersecurity bets
Only 12% of companies in Asia quantify their financial exposure to cyber threats, less than half the global average of 26% according to a recent study by Microsoft and Marsh.
Advertisement
Zero-day flaw in Atlassian Confluence exploited in the wild since May
Atlassian has issued emergency patches for the vulnerability, which could allow attackers to perform remote code execution.
11 top cloud security threats
More data and applications are moving to the cloud, which creates unique infosecurity challenges. Here are the "Pandemic 11," the top security threats organizations face when using cloud services.
Security Recruiter Directory
To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.
Google Cloud previews advanced new API security features
Google’s latest security update for Google Cloud is aimed at curbing API-based attacks.
How you handle independent contractors may determine your insider threat risk
Outside experts can be willing or accidental security threats. Reduce that risk by changing how you onboard, train and offboard them.
From Our Advertisers
-
![HP Wolf Security]()
Featured Sponsor HP Wolf SecurityThe Need for Endpoint Security Rooted In Zero Trust -
Sponsored by Microsoft Security5 Attack Elements Organizations Should Monitor: Anatomy of an External Attack
-
![istock 1322517295 2]()
Sponsored by FortinetAdvancing Cybersecurity Skillsets Helps Organizations Against Threats -
![22 dg 040 agentless vs agent based security]()
Sponsored by CrowdStrikeSo You Want To Defend Your Cloud… Agentless or Agent-based, Which Approach Is
