Advertisement

pharming  >  faudulent website redirect

The Prometheus traffic direction system is a major player in malware distribution

Newly discovered Prometheus uses a network of compromised websites and servers to direct victims to malware or scams.


adding processor to circuit board computer hardware

Microsoft's Pluton security processor tackles hardware, firmware vulnerabilities

Pluton-equipped Windows 11 computers are now available, but the decision to purchase them depends on your threat model.


Cyber warfare  >  Russian missile launcher / Russian flag / binary code

Russia-linked cyberattacks on Ukraine: A timeline

Cyber incidents are playing a central role in the Russia-Ukraine conflict. Here's how events are unfolding along with unanswered questions.


Advertisement

Russian hammer and sickle / binary code

Russian cyberattacks on Ukraine raise IT security concerns

The destructive attacks follow a U.S. government warning for a "heightened state of awareness" and to follow state-sponsored threat mitigation advice.


programmer abstract code glasses devops certification skills kevin unsplash

How chaos engineering can help DevSecOps teams find vulnerabilities

DevOps teams have used chaos engineering concepts to find software bugs for years. Tools are now available to help identify security flaws, too.


woman holding playbook guide book guide binary by undefined undefined getty images

Three recent events prove the need for an insider risk playbook

Pfizer, Ubiquiti and Code42 all faced real or potential insider threats that could have been a lot worse if they did not have a plan to deal with them.


Shared responsibility concept  >  Hands take equal shares of pie chart [partnership / teamwork]

Collective resilience: Why CISOs are embracing a new culture of openness

CISOs are finding value in information sharing among trusted, vetted sources. Here’s how they are maximizing the intelligence gathered from these channels.


A stressed businessman with head in hand sits at a desk and computer in an office workspace.

The emotional stages of a data breach: How to deal with panic, anger, and guilt

Intense situations require both the security experts and stakeholders to be calm and focused, but that is easier said than done. This advice can help.


Australia  >  Sydney  >  Aerial cityscape

As adversaries watch and wait, Western Sydney Airport is a greenfield cybersecurity opportunity

Australia’s newest airport is building cybersecurity into its core, offering lessons for other infrastructure projects across the country.


A conceptual security grid of locks overlays a network / datacenter / server room.

Thousands of enterprise servers are running vulnerable BMCs, researchers find

According to analysis by firmware security firm Eclypsium, 7,799 HPE iLO (HPE's Integrated Lights-Out) server baseboard management controllers (BMCs) are exposed to the internet and most do not appear to be running the latest version...


Advertisement

big data merger and acquisition big business smb

Top cybersecurity M&A deals for 2022

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.


A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.


The shadow of hand unsettlingly hovers over a keyboard.

FBI arrests social engineer who allegedly stole unpublished manuscripts from authors

The U.S. Department of Justice claims Filippo Bernardini leveraged knowledge gained by working at Simon & Schuster and other publishers to create fake identities and websites to steal intellectual property.


Many keys, one lock  >  Brute-force credential stuffing.

4 ways cybercriminals hide credential stuffing attacks

Cybercriminals adopt tactics to disguise credential stuffing activity and avoid basic prevention schemes like CAPTHCAs.


thinkstockphotos 499123970 laptop security

Microsoft touts first PCs to ship natively with secure Pluton chip

Along with thwarting malware, the Pluton chip handles BitLocker, Windows Hello, and System Guard and might help prevent physical insider attacks. The technology is also being used in Azure Sphere in the cloud.