A broken link in a digital chaing / weakness / vulnerability

MOVEit Transfer vulnerability is being exploited widely

A SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database.

shutterstock deal merger acquisition

Top cybersecurity M&A deals for 2023

Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A...

A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.


Time-lapse photography of busy pedestrian traffic on a city street.

ISACA pledges to help grow cybersecurity workforce in Europe

ISACA will provide 20,000 free memberships to students across Europe and support the identification of qualified cybersecurity candidates for organizations.

data scientist analytics cybersecurity

BigID wants to let you tweak your data classifications manually

Sailing the seas of enterprise data may get easier, with BigID’s latest release. The company hopes to make discovery simpler by letting individual users tune its automated discovery engine to their own needs.

hacker handcuffs laptop cybercrime cyber crime arrested

What is the Cybercrime Atlas? How it can help disrupt cybercrime

The Cybercrime Atlas aims to map the cybercriminal ecosystem worldwide and allow global law enforcement agencies to access that information when fighting cybercrime.

05 malware

Gigabyte firmware component can be abused as a backdoor

Attackers can abuse the UEFI firmware to inject executable malware code into the Windows kernel, compromising systems.


Inactive, unmaintained Salesforce sites vulnerable to threat actors

Research highlights the risks posed by inactive Salesforce sites that continue to pull sensitive business data and can be easily exploited by malicious actors.


Trellix, Netskope announce new Amazon Security Lake support to enhance threat detection, remediation

Trellix expands XDR support for Amazon Security Lake while Netskope integrates its SSE platform with AWS’ centralized security data service.


Barracuda patches zero-day vulnerability exploited since October

The vulnerability stemmed from incomplete input validation of user-supplied .tar files as it pertains to the names of the files contained within the archive.


InfoSec4TC Platinum Membership: Cyber Security Training Lifetime Access

What is federated Identity? How it works and its importance to enterprise security

Federated identity can be hugely beneficial for creating a solid user experience and better security, but it can be more costly and complex to implement.

fishing phishing survival competition different point of view

Phishing remained the top identity abuser in 2022: IDSA report

The survey revealed phishing as the most common identity-related incident in 2022, with “emails” as the most popular type.

major cyber attack global international cybersecurity

AI-automated malware campaigns coming soon, says Mikko Hyppönen

The industry pioneer also expects cybersecurity to remain a growth business for years and sees Russian hacktivists as demoralizing European infosec teams.

Multifactor authentication  >  Mobile phone verification of a permission request for laptop login.

Frontegg launches entitlements engine to streamline access authorization

Frontegg’s new entitlement engine will be powered by context-aware logic controls (CALC) technology to effect context-based, fine-grained authorization controls.

Can your employer spy on your iPhone or Android phone?

Screen recording Android app found to be spying on users

iRecorder was a legitimate app made available on Google Play Store in September 2021. A remote access trojan AhRat was most likely added to it a year later.