Advertisement

Malware alert  >  United States Capitol Building

TrickBot gets new UEFI attack capability that makes recovery incredibly hard

Researchers discover a new TrickBot module that allows malware to persist even after reformatting or replacing a hard drive.


Windows security and protection [Windows logo/locks]

How attackers exploit Window Active Directory and Group Policy

Attackers have learned to use Active Directory and Group Policy to find weaknesses in Windows networks and identify targets. Here's what you can do to prevent that.


Social media threats / risks / dangers / headaches  >  Text bubbles bearing danger signs

4 tips for partnering with marketing on social media security

Threat actors watch social media accounts to gather intelligence about a targeted company. Here's how to get marketing to work with security to minimize the risk.


Advertisement

cubes - blocks - squares - containers - storage - repository

Half of all Docker Hub images have at least one critical vulnerability

New research reveals the scale at which criminals have exploited public open-source Docker repositories to plant malware among container images.


cso information security policy risk management writing policy by metamorworks getty 2400x1600

2020 security priorities: Pandemic changing short- and long-term approaches to risk

The way organizations assess and respond to security risks will likely never be the same due to COVID, say respondents of a new IDG survey.


conference / convention / audience / applause / clapping

The CSO guide to top security conferences, 2020

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.


Computerworld Cheat Sheet  >  Microsoft Excel 2016

Why Excel 4.0 macro exploits are surging

Researchers discover progressively complex and effective XL4 attacks that take advantage of the many organizations that still rely on the old functionality.


radar grid overlays the pupil of an eye / intrusion detection / scanning / threat assessment

Beyond the firewall: Intrusion Detection Systems

Firewalls are so 2000s. With your "office" now scattered over homes everywhere, you need a new way of protecting your office from network threats and that's IDSs.


cso ts ai ml by just super getty images 2400x1600

How secure are your AI and machine learning projects?

Artificial intelligence and machine learning bring new vulnerabilities along with their benefits. Here's how experts minimized their risk.


Skull-and-crossbones, code and the 'stop' gesture: hand held forward, palm out, fingers pointing up

How to use Windows Defender Attack Surface Reduction rules

With Microsoft's Attack Surface Reduction, you can set rules to block risky actions for each workstation on your network.


Advertisement

swatting swat team raid police by onfokus getty images

What is swatting? Unleashing armed police against your enemies

Swatting is a form of harassment that uses prank calls to send police SWAT teams into victims' homes. Here's what you need to know about this dangerous practice.


phishing threat

8 types of phishing attacks and how to identify them

Phishing comes in many forms, from spear phishing, whaling and business-email compromise to clone phishing, vishing and snowshoeing. Here's how to recognize each type of phishing attack.


resume template job application recruit stack of paper by zhazhin sergey getty

Tech Resume Library: 21 downloadable templates for IT pros

A well-crafted resume will attract recruiters, HR pros and hiring managers, but getting it just right is a daunting task. To jump start the process, Insider Pro has assembled this collection of real resumes revamped by professional...


COVID-19 coronavirus structures are layered amid statistical models.

Top COVID-19 security statistics

Here's what research reveals about how CISOs and their organizations responded to the pandemic and what they should do going forward.


Patch + update options  >  Pixelized tools + refresh symbol with branching paths

Do you have a security tools gap?

Studies show that most CISOs think they have a security tools gap, but a deeper dive into the issue uncovers a much more complex dynamic.