Advertisement

Cybersecurity industry reacts as anti-virus pioneer John McAfee found dead

McAfee was found dead in a Spanish prison cell after a suspected suicide. He was due to be extradited to the US to stand trial for tax evasion and money laundering.


security audit - risk assessment - network analysis

Flaws in Dell's over-the-air device recovery and update impacts millions of devices

As many as 40 million Dell devices are vulnerable to targeted man-in-the-middle attacks. Dell advises BIOS/UEFI updates.


CSO  >  secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.


Advertisement

Jason Lee, Chief Information Security Officer, Zoom

CISO Jason Lee on Zoom's response to its pandemic security challenges

A year into his role, Lee discusses how he and Zoom's security team addressed security and privacy issues amid rapid growth and public scrutiny.


login credential - user name, password - administrative controls - access control - single sign-on

4 tips to prevent easy attacker access to Windows networks

The Colonial Pipeline attackers likely got in using old, compromised VPN credentials. This advice will force attackers to work much harder.


A multitude of arrows pierce a target. [numerous attacks / quantity / severity]

7 best practices for enterprise attack surface management

Follow this advice to minimize vulnerabilities and give threat actors fewer opportunities to compromise your organization's network and devices.


hsm shredder

IT asset disposal is a security risk CISOs need to take seriously

Sensitive company and personal data often leaves organizations on disposed devices. An auditable chain of custody that shows data destruction is essential for any ITAD program.


A group discussion takes place in a glass conference room, in a busy office workspace.

Tabletop exercises explained: Definition, examples, and objectives

A tabletop exercise is an informal, discussion-based session in which a team or discusses their roles and responses during an emergency, walking through one or more example scenarios.


technology debt drowning in debt piggy bank by romolo tavani hudiem getty images

7 ways technical debt increases security risk

Shoddily developed and deployed projects can leave your enterprise vulnerable to attacks. Here's how to stop technical debt from sending your organization to the cyber-poorhouse.


Digital bugs amid binary code. [security threats / malware / breach / hack / attack]

10 old software bugs that took way too long to squash

As these examples show, vulnerabilities can lurk within production code for years or decades—and attacks can come at any time.


Advertisement

Cybersecurity awareness  >  A man with a binary blindfold finds his way through question marks.

Report: Active Directory Certificate Services a big security blindspot on enterprise networks

Microsoft's Active Directory PKI component commonly have configuration mistakes that allow attackers to gain account and domain-level privileges.


healthcare data breach / medical patient privacy security violation

5 biggest healthcare security threats for 2021

Healthcare organizations can expect ransomware, botnets, cloud misconfigurations, web application attacks, and phishing to be their top risks.


A hook is cast at laptop email with fishing lures amid abstract data.

4 steps to prevent spear phishing

Your users are in the crosshairs of the best attackers out there. Follow these steps to better protect them.


CSO  >  Searching for vulnerabilities  >  Magnifying lens in a virtual interface idnetifies weakness

Thousands of publicly accessible VMware vCenter Servers vulnerable to critical flaws

With proofs of concept public, attackers are likely exploiting this vulnerability weeks after patches were released.


ransomware breach hackers dark web

Unique TTPs link Hades ransomware to new threat group

New research exposes details of Gold Winter threat group that links it to the infamous Hades ransomware.