Advertisement

Unlocked circuit board / security threat

5 top vulnerability management tools and how they help prioritize threats

Organizations handle vulnerability management in various ways, from training and best-practice implementations to filtering out all but the most dangerous threats. Here's a look at some of today's more innovative solutions.


A hacker targets a sitting duck  >  easy target / easy pickings / victim targeting

Privacy dominates Australians’ concerns as cybercriminals pummel banks

Major bank blocking “tens of millions” of attacks monthly in fight to protect customers’ data.


A magnifying lens examines top secret information amid binary code.

Confidential Computing: What is it and why do you need it?

Confidential Computing can significantly enhance enterprise security, but what is it, and what do you need to do about it?


Advertisement

Encryption  >  Encrypted data / hexadecimal code

4 hot areas for encryption innovation

Researchers are making progress on a variety of approaches to strengthen encryption techniques and algorithms. Here are some of the hottest areas in cryptographic research.


Impersonation / disguise / fraud / false identity / identity theft

Identity theft explained: Why businesses make tempting targets

Identity theft is the use of someone else's personal information without permission, typically to conduct financial transactions. Here's what you need to know to protect yourself and your organization.


Insider threats  >  Employees suspiciously peering over cubicle walls

Preventing insider threats: What to watch (and watch out) for

Understanding human behaviors that precede malicious actions from an insider is the best way to avoid data loss or disruption, experts say.


bucket with holes breach security vulnerability

SAP ASE leaves sensitive credentials in installation logs

Two vulnerabilities in SAP ASE's Cockpit component leaves some sensitive information available to anyone on the network and other data susceptible to brute-force attacks.


A broken link in a digital chaing / weakness / vulnerability

Microsoft's Zerologon vulnerability fix: What admins need to know

Microsoft patched its Netlogon Remote Protocol to prevent Zerologon exploits, but a second update is coming in February. Here's what you need to do now to prepare.


Meredith Harper, Eli Lilly and Company

Eli Lilly security finds strength in flexibility in WFH shift

CISO Meredith Harper shares the greatest challenges her organization faced in the wide-scale move to work-from-home and lessons learned that will outlast the pandemic.


CSO  >  Searching for vulnerabilities  >  Magnifying lens in a virtual interface idnetifies weakness

Zerologon explained: Why you should patch this critical Windows Server flaw now

Attackers have learned how to exploit the Zerologon vulnerability in Windows Server, potentially gaining domain admin control.


Advertisement

frustrated defeated discouraged upset mistake failure karina carvalho 87593 unsplash

University of Tasmania breach a tough lesson in cloud misconfiguration errors

Human error back in the spotlight after Office 365 permissions lapse.


Phishing attack   >   A fish hook hover above binary code with a caution triangle.

9 top anti-phishing tools and services

Some of these solutions will help find and stop phishing emails before they can cause damage, while others will find phishers fraudulently using your business's brand.


locked data / bitcoins

WastedLocker explained: How this targeted ransomware extorts millions from victims

WastedLocker is sophisticated ransomware created by Evil Corp, a notorious cyber criminal group.


A heavy vault-like door / security mechanism secures a laptop amid glowing blue circuits.

You're going to be using confidential computing sooner rather than later

These days it's not enough to secure your data when it's on your disk or moving across your network, you need to lock it down in memory as well.


Ransomware

Ransomware attacks growing in number, severity: Why experts believe it will get worse

Law enforcement and federal experts discuss recent ransomware trends and challenges of fighting the attacks.