How to mitigate the Microsoft Office zero-day attack

The new math of cybersecurity value

7 unexpected ransomware costs

Advertisement

A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

CSO staff
programmer developer devops apps developer code hacker dark secrets by peopleimages getty

10 top API security testing tools

Application programming interfaces have become a favorite target for attackers. These tools and platforms (both commercial and open source) will help identify errors, vulnerabilities, and excessive permissions.

cso security hack breach water leak gettyimages 466029458 by firmafotografen 2400x1600px

Exchange Autodiscover feature can cause Outlook to leak credentials

A design issue in the Microsoft Exchange Autodiscover feature can cause Outlook and other third-party Exchange client applications to leak plaintext Windows domain credentials to external servers. Here’s what companies can do now to...

Advertisement

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

How to mitigate the Microsoft Office zero-day attack

Follow this advice to block malicious Office files from doing harm to your network even if you've implemented Microsoft's recommended actions.

CSO SecurIT 2021 Event

Virtual Event

CSO Australia Presents a Virtual Event: SecurIT - Australia Under Attack: How can CISOs respond? Cybersecurity experts, including top CSOs and CISOs, will open their playbooks and discuss in granular detail how they’re successfully combating a broad range of security threats.

One person uses a calculator while another reviews financial data.

The new math of cybersecurity value

An increasing number of CISOs are devising a new set of metrics to show how they’re impacting risk at their organizations.

job growth climbing the corporate ladder promotion stairs corporate govenernance new job nathan dum

CRISC certification: Your ticket to the C-suite?

Certified in Risk and Information Systems Control (CRISC) is a certification that focuses on enterprise IT risk management. Learn about the exam, prerequisites, study guides, and potential salary.

security threats and vulnerabilities

APT actors exploit flaw in ManageEngine single sign-on solution

US government agencies urge immediate action to look for indicators of compromise and, if found, take recommended steps to mitigate.

radar grid / computer circuits / intrusion detection / scanning
Cybersecurity Snippets

5 observations about XDR

The technology is evolving, so security professionals and pundits must be open-minded and closely track market developments.

A U.S. dollar sign casts a question mark shadow.

7 unexpected ransomware costs

Indirect costs related to a ransomware attack can add up over time. These are the expenses and financial risks that CISOs should be aware of.

Popular Resources
View All

Advertisement

alert hacking threat detected

How Superloop reduced false positives with behavioural threat detection

The security team at the Australian telco got its network detection response down from four hours down to one hour a day.

CSO > secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.

danger lurking in mobile binary code

How APTs become long-term lurkers: Tools and techniques of a targeted attack

A new McAfee report details the tools and techniques an APT group used to go undetected on a client network for over a year.

Tech Spotlight > Cybersecurity [CSO] > Hands gesture in conversation

How CISOs and CIOs should share cybersecurity ownership

CISOs and CIOs weigh in on how their cybersecurity responsibilities are evolving with changes in the business environment and threat landscape.

Joanna Burkey, CISO, HP

HP CISO Joanna Burkey: Securing remote workers requires a collaborative approach

New research finds 91% of IT teams feel pressure to compromise cybersecurity for WFH business continuity. HP CISO Joanna Burkey urges security leaders to tackle workforce IT conflicts to secure the remote and hybrid workplace.

From Our Advertisers