How and why threat actors target Microsoft Active Directory

Why more zero-day vulnerabilities are being found in the wild

Adversarial machine learning explained: How attackers disrupt AI and ML systems

Advertisement

closeup of female hand holding red marker checking off list
Cybersecurity Snippets

5 things security pros want from XDR platforms

New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform.

radar grid / computer circuits / intrusion detection / scanning

Attacker groups adopt new penetration testing tool Brute Ratel

APT group's use of a legitimate pen-testing tool gives them stealth capabilities, allowing them to avoid detection by EDR and antivirus tools.

Industry 4.0 / Industrial IoT / Smart Factory

Smart factories unprepared for cyberattacks

Smart factory operators are well aware of the cyberthreats they face but acknowledge lack of readiness to defend against them.

Advertisement

Encryption > A conceptual technological lock and encrypted code.

NIST names new post-quantum cryptography standards

One public-key encryption and three digital signature algorithms determined to provide the best defense against quantum attacks.

CSO Event Paloalto

Hyde Hacienda, Sydney

Cyber attackers worldwide are displaying an increasing level of sophistication. This is a major issue for Australian CISOs and their teams who often lack the resources required to deal with more frequent and complex attacks by well-resourced cyber criminals. At the same time, legacy security operations centres (SOCs) are dealing with an unmanageable volume of alerts. This leads to ‘alert fatigue’ that slows key processes down and makes it easier to miss potentially significant issues that could be buried in the noise. Hiring an army of security engineers to deal with these challenges is also expensive and doesn’t scale. Join CSO Australia’s associate editor, Byron Connolly, and senior executives from Palo Alto Networks for this exclusive, invitation-only roundtable discussion, ‘No more weekend war rooms: Shift from reactive to proactive security.’

network security / network traffic scanning

How to keep attackers from using PowerShell against you

New guidance shows how to harden PowerShell and make it more difficult for threat actors to hijack for malicious purposes.

trojan horse malware virus binary by v graphix getty

APT campaign targeting SOHO routers highlights risks to remote workers

The ZuoRAT remote access Trojan malware can compromise multiple router brands and likely has been active for years.

A broken link in a digital chaing / weakness / vulnerability

SQL injection, XSS vulnerabilities continue to plague organizations

Errors that allow SQL injection and cross-site scripting attacks are still the top vulnerabilities that pen-testers find, especially at smaller companies.

ransomware breach hackers dark web

LockBit explained: How it has become the most popular ransomware

Criminal use of the LockBit ransomware as a service is growing rapidly thanks to updates to the malware and the decline of other ransomware gangs.

One avatar is uniquely identified among others at the center of a bullseye in a digital environment.

6 signs your IAM strategy is failing, and how to fix it

Mistakes when implementing identity and access management systems, especially during upgrades, can have lasting effects. Here's how to spot and avoid the worst of them.

Advertisement

CSO > danger / security threat / malware / frustrated businessman overwhelmed by infected files

Asia could be placing all the wrong cybersecurity bets

Only 12% of companies in Asia quantify their financial exposure to cyber threats, less than half the global average of 26% according to a recent study by Microsoft and Marsh.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

Zero-day flaw in Atlassian Confluence exploited in the wild since May

Atlassian has issued emergency patches for the vulnerability, which could allow attackers to perform remote code execution.

Cloud security threats > Lightning strikes a digital landscape via binary clouds.

11 top cloud security threats

More data and applications are moving to the cloud, which creates unique infosecurity challenges. Here are the "Pandemic 11," the top security threats organizations face when using cloud services.

A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

CSO staff
abstract internet network cyber security concept picture id1072278762

Google Cloud previews advanced new API security features

Google’s latest security update for Google Cloud is aimed at curbing API-based attacks.

From Our Advertisers