1798109056 decision making ciso soc

5 ways to tell you are not CISO material

Cybersecurity professionals looking at the top job have the technical skills to be come a CISO but may wonder if they have what it takes to lead a team while ensuring management and board support. Here are five ways to tell if you are...

major cyber attack global international cybersecurity

Office of the Director of National Intelligence highlights cyber threats in 2023 Intelligence Threat Assessment

CISOs everywhere should pay attention when ODNI outlines cybersecurity threats coming from nation-states and independent groups around the world.

businessman data risk metering management security

PwC UK partners with ReversingLabs to bring software supply chain security to third-party risk management

PwC UK, ReversingLabs partnership aims to operationalize detection and mitigation of security threats inherent in third-party software.


tracking cctv ai facial recognition camera zoom recognizes person surveillance scanning crowd peopl

Biden administration seeks to tamp down the spyware market with a new ban

The Biden administration issued an executive order to outlaw the federal government's use of commercial foreign spyware--with some caveats.

cybercrime cyber crime skull symbol project darknet dark web internet safety cyberattack theft viru

Researchers warn of two new variants of potent IcedID malware loader

The new IcedID variants are likely used for ransomware delivery, and researchers expect new variants to emerge.


Part of Twitter source code leaked on GitHub

Twitter has filed a case in the US District Court for the Northern District of California seeking GitHub to identify the person who shared the code.

social media users

France bans TikTok, all social media apps from government devices

French government says TikTok and all other “recreational apps” pose data security risks if installed on government and senior official devices.


Best practices for protecting AWS RDS and other cloud databases

The Relational Database Service from AWS can help streamline a host of cloud storage operations, but maintaining security requires some attention on the part of the user. Here are some best practices for using RDS.

Security threat [illustration]  >  A hacker with black hat, mask, and crowbar breaks into a laptop.

Critical flaw in WooCommerce can be used to compromise WordPress websites

The vulnerability could allow unauthenticated administrative takeover of websites. WooCommerce has released an update.

cybersecurity eye with binary face recognition abstract eye

Cyberpion rebrands as Ionix, offering new EASM visibility improvements

Ionix is adding a suite of new features to help extend the visibility of interconnected assets and deliver risk-based prioritization.


Android-based banking Trojan Nexus now available as malware-as-a-service

The recently evolved version of Nexus has targeted more than 450 banks and cryptocurrency services. Multiple threat actors are already found to be using Nexus to conduct fraudulent campaigns.

configuring virtual machine laptop

Critical flaw in AI testing framework MLflow can lead to server and data compromise

The now-patched vulnerability in the popular MLflow platform could expose AI and machine-learning models stored in the cloud and allow for lateral movement.

UK | United Kingdom  >  England  >  London  >  cityscape / Big Ben / Parliament

UK parliament follows government by banning TikTok over cybersecurity concerns

TikTok calls the UK ban “misguided” while its chief executive faced tough questioning by the US House of Representatives over whether the popular app is a “tool” of the Chinese Communist Party.

conference / convention / audience / applause / clapping

The CSO guide to top security conferences

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

07 hacktivist anonymous

Russian hacktivists deploy new AresLoader malware via decoy installers

The new malware loader can give attackers remote access and the ability to deliver other payloads.