Advertisement

red padlock cybersecurity threat ransomeware

The Kaseya ransomware attack: A timeline

REvil's ransomware attack on software provider Kaseya underscored the threats to supply chains that ransomware groups pose. Here is an up-to-date timeline of the attack.


stethoscope mobile healthcare ipad tablet doctor patient

Basic flaws put pneumatic tube transport systems in hospitals at risk

Multiple vulnerabilities could allow persistent take-over and ransom demands by attackers.


virtual certificate icon / certification

CompTIA Security+: Prerequisites, obectives, and cost

Learn how CompTIA Security+ certification will impact your job and salary and how to decide if this cert is right for you.


Advertisement

mobile security login password

5 riskiest mobile apps

Unsanctioned applications on corporate mobile devices is a security headache. Here are the five types of apps CISOs never want to find on corporate mobile devices, with strategies for mitigating the risks they pose.


CSO > global security

CSO Global Intelligence Report: The State of Cybersecurity in 2021

The message is clear in a fresh survey of 2,741 security, IT, and business professionals around the world: The damage from attacks is widespread and organizations are increasing security budgets to fend off further impact.


Ransomware  >  A masked criminal ransoms data for payment.

CSO's guide to the worst and most notable ransomware

The ransomware gangs and their malware listed here have victimized millions of companies and caused billions of dollars in costs.


A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.


iPhone security

10 security tools all remote employees should have

Compromised employee personal devices and accounts can disrupt and possibly threaten business security. Getting these tools into their hands will help.


Aspects of employment / communication / networking / partnership / collaboration / teams / hiring

Microsoft’s new APAC cybersecurity council: Where it fits in

Southeast Asia nations face higher malware and ransomware rates, so Microsoft is hoping to use its broad presence to build a region-wide coalition to improve defences.


A large 'X' marks a conceptual image of a password amid hexadecimal code.

How to review password quality in Active Directory

Regular reviews of the effectiveness of user, admin, and service passwords stored in Active Directory is a good idea. Here's how one password review tool works.


Advertisement

a hand holds an open book from which abstract letters emerge

Mitre D3FEND explained: A new knowledge graph for cybersecurity defenders

D3FEND is a new schema released by Mitre last month to establish a common language to help cyber defenders share strategies and methods. It is a companion project to the company’s ATT&CK framework.


Praying mantis among green leaves [camouflage/stealth]

APT group hits IIS web servers with deserialization flaws and memory-resident malware

Praying Mantis group is likely a nation-state actor that uses custom malware and is adept at avoiding detection.


Conceptual image of a network labeled 'Zero Trust.'

7 tenets of zero trust explained

Cut through the hype. NIST's core zero trust elements provide a practical framework around which to build a zero trust architecture.


man in bed nightmare what keeps you up at night stress sleeping by gorodenkoff getty images

Why code reuse is still a security nightmare

Despite best efforts to track software dependencies, blind spots still exist leading to silent vulnerabilities in software.


hacking critical infrastructure security

Protecting Southeast Asia’s critical infrastructure against cyberattacks

Increased digitalisation is making the region more attractive to cybercriminals, so governments and businesses are acting to protect essential operations.