Advertisement

United States Capitol building / United States Congress / abstract security concept

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

The US agency highlight four areas where cybersecurity gaps in federal agencies threaten national security. Cites OMB for not helping CIOs get available funds.


red padlock cybersecurity threat ransomeware

The Kaseya ransomware attack: A timeline

REvil's ransomware attack on software provider Kaseya underscored the threats to supply chains that ransomware groups pose. Here is an up-to-date timeline of the attack.


stethoscope mobile healthcare ipad tablet doctor patient

Basic flaws put pneumatic tube transport systems in hospitals at risk

Multiple vulnerabilities could allow persistent take-over and ransom demands by attackers.


Advertisement

virtual certificate icon / certification

CompTIA Security+: Prerequisites, obectives, and cost

Learn how CompTIA Security+ certification will impact your job and salary and how to decide if this cert is right for you.


mobile security login password

5 riskiest mobile apps

Unsanctioned applications on corporate mobile devices is a security headache. Here are the five types of apps CISOs never want to find on corporate mobile devices, with strategies for mitigating the risks they pose.


CSO > global security

CSO Global Intelligence Report: The State of Cybersecurity in 2021

The message is clear in a fresh survey of 2,741 security, IT, and business professionals around the world: The damage from attacks is widespread and organizations are increasing security budgets to fend off further impact.


USA / United States of America stars + stripes and binary code superimposed over The White House

Biden memo, infrastructure deal deliver cybersecurity performance goals and money

The White House initiatives and expected passage of the US infrastructure plan will set new cybersecurity standards for critical infrastructure, provide money to state and local governments.


Ransomware  >  A masked criminal ransoms data for payment.

CSO's guide to the worst and most notable ransomware

The ransomware gangs and their malware listed here have victimized millions of companies and caused billions of dollars in costs.


A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.


iPhone security

10 security tools all remote employees should have

Compromised employee personal devices and accounts can disrupt and possibly threaten business security. Getting these tools into their hands will help.


Advertisement

Conceptual image of a network of executives / silhouettes of executives in motion.

New US CISO appointments, July 2021

Keep up with news of CSO, CISO, and other senior security executive appointments.


A large 'X' marks a conceptual image of a password amid hexadecimal code.

How to review password quality in Active Directory

Regular reviews of the effectiveness of user, admin, and service passwords stored in Active Directory is a good idea. Here's how one password review tool works.


a hand holds an open book from which abstract letters emerge

Mitre D3FEND explained: A new knowledge graph for cybersecurity defenders

D3FEND is a new schema released by Mitre last month to establish a common language to help cyber defenders share strategies and methods. It is a companion project to the company’s ATT&CK framework.


Praying mantis among green leaves [camouflage/stealth]

APT group hits IIS web servers with deserialization flaws and memory-resident malware

Praying Mantis group is likely a nation-state actor that uses custom malware and is adept at avoiding detection.


United States Capitol building / United States Congress / abstract security concept

18 new cybersecurity bills introduced as US congressional interest heats up

The new bills, many with bi-partisan support, aim to increase cybersecurity funding, improve breach reporting, investigate cryptocurrencies, and more.