programming / coding elements / lines of code / development / developers / teamwork

Splunk adds new security and observability features

New security and observability features will be added to Splunk Mission Control and its Observability Cloud to identify threats and incidents more efficiently, the company said.

a hooded figure targets a coding vulnerability

55 zero-day flaws exploited last year show the importance of security risk management

Cybercriminals are now exploiting zero-day vulnerabilities for higher profits, which might require a reassessment of your risk.

innovation co innovation startup venn overlapping partnering iot by pettycon via pixabay

Landmark UK-Israeli agreement to boost mutual cybersecurity development, tackle shared threats

The 2030 Roadmap for Israel-UK Bilateral Relations promises ongoing cooperation in tackling cyberthreats, governing global cyberspace, developing cybersecurity skills, and investing in the cybersecurity ecosystem.


An IT technician works on laptop in data center, with other IT staff in the background.

Average enterprise storage/backup device has 14 vulnerabilities, three high or critical risks

State of Storage and Backup Security Report 2023 reveals significant gap in the state of enterprise storage and backup security compared to other layers of IT and network security.

certification woman on laptop programmer devops data scientist by picjumbo

Backslash AppSec solution targets toxic code flows, threat model automation

New cloud-native solution aims to address time-consuming, manual methods for discovering and mapping application code security risks.

virus chatbot chatcpgt security binary code cybersecurity infosec information data leak

Sharing sensitive business data with ChatGPT could be risky

ChatGPT and similar large language models learn from the data you put in — and there are big risks in sharing sensitive business information with AI chatbots.

Palo Alto Networks

Ping Identity debuts decentralized access management system in early access

A new decentralized identity management system from Ping Identity promises fewer headaches and more robust security.

CSO  >  Microsoft Office  >  Patches + updates

As critical Microsoft vulnerabilities drop, attackers may adopt new techniques

As critical Microsoft software vulnerabilities decline, attackers will need to chain together less severe exploits to achieve code execution, elevate system privilege levels, and move around victim networks.

Palo Alto Networks

Developed countries lag emerging markets in cybersecurity readiness

Organizations in Asia-Pacific countries including Indonesia, the Philippines, Thailand, and India are generally more prepared for cyberattacks than their peers in more economically developed nations, according to a new Cisco report....

1887170134 attack surface programming abstract

9 attack surface discovery and management tools

The main goal of cyber asset attack surface management tools is to protect information about a company’s security measures from attackers. Here are 9 tools to consider when deciding what is best for the business.


Two developers collaborate on a project as they review code on a display in their workspace.

ForgeRock, Secret Double Octopus offer passwordless authentication for enterprises

ForgeRock is adding Enterprise Connect Passwordless to its Identity Platform to provide no-code and low-code approaches for enterprises to add passwordless authentication to their IT infrastructure.

A magnifying lens exposes an exploit amid binary code.

CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws

The CISA pilot program will notify organizations of vulnerabilities that can lead to ransomware attacks, with small organizations the primary beneficiaries.


BianLian ransomware group shifts focus to extortion

The shift in the operating model comes as a result of Avast’s release of a decryption tool that allowed a victim of the BianLian ransomware gang to decrypt and recover their files without paying the ransom.

email popup warning window phishing cybersecurity security

7 guidelines for identifying and mitigating AI-enabled phishing campaigns

Phishing has always been a thorn in the side of enterprise cybersecurity, and recent AI developments such as ChatGPT are making things even worse. Here are some guidelines for dealing with the increasingly sophisticated phishing...

hand at keyboard with Windows logo

Two Patch Tuesday flaws you should fix right now

Vulnerabilities affecting both Outlook for Windows and Microsoft SmartScreen were patched recently — both could have wide-ranging impact.