Advertisement
Russian cyberspies target cloud services providers and resellers to abuse delegated access
A new Microsoft advisory claims Russia's Nobelium group is trying to gain long-term access to the technology supply chain and offers mitigation advice.
NIST's new devsecops guidance to aid transition to cloud-native apps
The NIST guidance dives into technical and procedural nuances associated with implementing devsecops with cloud-native applications and microservices architectures.
5 steps to security incident response planning
Most firms will experience a breach or vulnerability that exposes sensitive data. Minimizing impact on business and reputation depends on having a strong response plan before an incident happens.
Advertisement
10 essential skills and traits of ethical hackers
Learn just what it takes to snag this demanding and rewarding job.
Cheap and free cybersecurity training: 8 ways to build skills without breaking the bank
Whether you're finding bargains online or taking advantage of your own internal resources, you can keep your team up-to-date without writing a big check.
Reddit’s Allison Miller builds trust through transparency
Miller joined the social media company in February 2021, assuming a range of responsibilities, from security and privacy to trust and safety, that reflect broadening of the CISO position itself—a role she summarizes as “keeping...
How deepfakes enhance social engineering and authentication threats, and what to do about it
Cybercriminals are investing in deepfake technology to make social engineering and authentication bypass campaigns more effective. Here are strategies for defending against the most notable deepfake cyberthreats.
Security Recruiter Directory
To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.
Decline in ransomware claims could spark change for cyber insurance
New research indicates that ransomware attack and payment claims are in decline as resiliency takes priority for organizations.
Detecting anomalies with TLS fingerprints could pinpoint supply chain compromises
Researchers at Splunk outline a technique, pioneered by Salesforce, that could detect malicious activity in the software supply chain, but with some limitations.
-
Video/Webcast
Sponsored -
Video/Webcast
Sponsored -
eBook
Sponsored -
White Paper
Advertisement
Kraft Heinz dishes up security transformation
For CISO Ricardo Lafosse, security modernization is the first order of business.
What is Magecart? How this hacker group steals payment card data
Hacking groups that make up Magecart are effective and persistent at stealing customer and payment card data through skimmers. Here's how they work and what you can do to mitigate the risk.
New Windows browser security options and guidance: What you need to know
Microsoft has added new Edge update options and enhanced browser security modes, including a beta Super Duper Secure Mode.
(ISC)2 pilots new entry-level cybersecurity certification to tackle workforce shortages
New certification aims to validate knowledge of foundational cybersecurity concepts and best practices to address skills gap. Is another cybersecurity qualification the answer?
SSRF attacks explained and how to defend against them
Server-side request forgery (SSRF) attacks consist of an attacker tricking the server into making an unauthorized request. Defending against them can be relatively easy.
From Our Advertisers
-
![intel sponsored campaign]()
Featured Sponsor IntelCompetitive Advantage with a Modern Data Center that Delivers Boundless Agility -
![istock 1251209471]()
Sponsored by CiscoXDR Solutions Drive Faster Incident Response -
![istock 1206098096]()
Sponsored by FortinetSecure SD-WAN Improves Network Protection in Fuel Distribution System -
![Healthcare]()
Sponsored by AkamaiHelping Healthcare Win Its Other Big Battle: Cyberattacks
