Advertisement

bucket with holes breach security vulnerability

SAP ASE leaves sensitive credentials in installation logs

Two vulnerabilities in SAP ASE's Cockpit component leaves some sensitive information available to anyone on the network and other data susceptible to brute-force attacks.


A broken link in a digital chaing / weakness / vulnerability

Microsoft's Zerologon vulnerability fix: What admins need to know

Microsoft patched its Netlogon Remote Protocol to prevent Zerologon exploits, but a second update is coming in February. Here's what you need to do now to prepare.


Meredith Harper, Eli Lilly and Company

Eli Lilly security finds strength in flexibility in WFH shift

CISO Meredith Harper shares the greatest challenges her organization faced in the wide-scale move to work-from-home and lessons learned that will outlast the pandemic.


Advertisement

CSO  >  Searching for vulnerabilities  >  Magnifying lens in a virtual interface idnetifies weakness

Zerologon explained: Why you should patch this critical Windows Server flaw now

Attackers have learned how to exploit the Zerologon vulnerability in Windows Server, potentially gaining domain admin control.


frustrated defeated discouraged upset mistake failure karina carvalho 87593 unsplash

University of Tasmania breach a tough lesson in cloud misconfiguration errors

Human error back in the spotlight after Office 365 permissions lapse.


Phishing attack   >   A fish hook hover above binary code with a caution triangle.

9 top anti-phishing tools and services

Some of these solutions will help find and stop phishing emails before they can cause damage, while others will find phishers fraudulently using your business's brand.


locked data / bitcoins

WastedLocker explained: How this targeted ransomware extorts millions from victims

WastedLocker is sophisticated ransomware created by Evil Corp, a notorious cyber criminal group.


A heavy vault-like door / security mechanism secures a laptop amid glowing blue circuits.

You're going to be using confidential computing sooner rather than later

These days it's not enough to secure your data when it's on your disk or moving across your network, you need to lock it down in memory as well.


Ransomware

Ransomware attacks growing in number, severity: Why experts believe it will get worse

Law enforcement and federal experts discuss recent ransomware trends and challenges of fighting the attacks.


A man with his head in his hands amid abstract security contruct.

Stretched and stressed: Best practices for protecting security workers' mental health

Security work is stressful under the best of circumstances, but remote work presents its own challenges. Here's how savvy security leaders can best support their teams today — wherever they're working.


Advertisement

Data viewed secretively with binoculars.

What data China collected about 35,000 Aussies—and 2.4 million people globally

Zhenhua Data defends “research”—but concerns mount over what Australia has discovered about Chinese gathering of personal data.


executive pushing boulder uphill deadline stress struggle
Cybersecurity Snippets

5 persistent challenges security pros face

Highlights from the fourth annual “Life and Times of Cybersecurity Professionals” report


handshake / teamwork / collaboration / partnership / deal / negotiation

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.


access management / access control / user connections / identities

7 best practices when selecting a PAM solution

The right PAM solution will enable security and compliance teams to define and enforce robust privileged account policies. So how do you pick the right PAM solution?


Double-exposure shot of a businesswoman using a mobile phone, binary code and statistical graphs..

Skills and traits of a business-savvy CISO

CISOs looking to advance their careers or land a plum job must prove they are really on top of their game. Here's what recruiters say sets business-savvy CISOs apart.