Advertisement

A network of security components overlays a credit card payment made by laptop user.

PCI compliance: 4 steps to properly scope a PCI assessment

Although it might sound straightforward, scoping a PCI assessment can be a challenge even for experienced organizations. Experts offer their best advice for avoiding PCI missteps.


hovering drone / camera / propellor blades

How drones affect your threat model

As use of unmanned aerial vehicles grows, organizations should have a plan for managing the risk associated with drones, whether or not they deploy them, experts say.


An australian iconic road sign with kangaroo showing a long road with bright blue sky

Threat intelligence puts on an Australian accent

Details of local breaches are being collated to inform a better cybersecurity response.


Advertisement

data keys encryption password by gerd altmann cc0 via pixabay

Mathematical Mesh alpha release promises better end-to-end encryption

Web pioneer proposes a new cryptographic system that relies on threshold key infrastructure to improve end-to-end encryption.


untitled design 2

SecurIT 2020

Live Virtual Event

As enterprises forge deeper into the digital realm, managing risk and security become even more important for senior information technology and security executives. And in today’s global, multi-cloud, multi-generational workplace, there are risks in every corner – and the board wants to know what you are doing about it.

padlock / Domain Name System / DNS / ICANN / security

DNSSEC explained: Why you might want to implement it on your domain

The Domain Name System Security Extensions provide cryptographic authentication to prevent redirection to rogue websites, but owners of many domains have yet to adopt it.


credit card theft / credit card fraud / credit card hack

Credit card fraud: What you need to know now

Credit and payment card thieves are getting more sophisticated as chipped cards drive them to account takeover and card-not-present schemes.


CSO  >  Searching for vulnerabilities  >  Magnifying lens in a virtual interface idnetifies weakness

Linux GRUB2 bootloader flaw breaks Secure Boot on most computers and servers

The vulnerability can also affect Windows systems. A patch is available, but will require manual testing and deployment.


software update

Latest Microsoft Windows security update options explained

New features might require you to change current update policies, especially if you're supporting more remote workers.


shocked, surprised men in a binary context

Top 8 weirdest, meanest and dumbest hacks of all time

Hackers have used some strange ways to break into networks or commit fraud. Not all are clever or smart.


Advertisement

locked data / bitcoins

A history of ransomware: The motives and methods behind these evolving attacks

Ransomware was a novelty until Bitcoin emerged. Today, ransomware is big business as gangs keep innovating.


boxing man defense

Australia must outline ‘clear consequences’ for cyber attacks: panel

An industry panel’s 60 recommendations will guide looming overhaul of the government’s Cyber Security Strategy for the post-COVID era.


Microsoft Office logo within an environment of abstract binary code with shield and lock.

Microsoft Office the most targeted platform to carry out attacks

The number of attacks carried out using the popular suite has increased in the past two years as browsers become harder targets. Office files are now more popular than PDFs to deliver malware.


handshake / teamwork / collaboration / partnership / deal / negotiation

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.


A hacker with laptop diplays a skull and crossbones with Microsoft colors.

RDP hijacking attacks explained, and how to mitigate them

Attackers take advantage of a Windows Remote Desktop Protocol feature to take over previously disconnected sessions and appear as a legitimate user to gain system access and control,