vulnerable breach cyberattack hacker

Hackers abuse legitimate remote monitoring and management tools in attacks

Researchers and government agencies warn that threat actors are increasing their use of commercial RMM tools to enable financial scams.

Ransomware  >  A masked criminal ransoms data for payment.

FBI takes down Hive ransomware group in an undercover operation

FBI covertly infiltrated the Hive network—which has targeted more than 1,500 victims in over 80 countries around the world—and thwarted over $130 million in ransom demands.

conference / convention / audience / applause / clapping

The CSO guide to top security conferences

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.


Patch + update options  >  Pixelized tools + refresh symbol with branching paths

9 API security tools on the frontlines of cybersecurity

Top API security tools can help hold the line against modern threats to the important and ubiquitous software development interfaces.

cso security hacker breach ransomeware gettyimages 1081349274 by sestovic 2400x1600px

Recent legal developments bode well for security researchers, but challenges remain

Security researchers gained greater federal legal protections over the past two years, but US state laws and China’s recently adopted vulnerability disclosure law pose threats.

binary code, magnifying lens, skull and crossbones

Attackers move away from Office macros to LNK files for malware delivery

Barriers that Microsoft has placed to prevent malicious macros has forced some cybercriminals to use LNK files for malware delivery, but at the cost of easier detection.

man in boat surrounded by sharks risk fear decision attack threat by peshkova getty

Chinese threat actor DragonSpark targets East Asian businesses

The group is seen using SparkRAT, a multi-platform remote access Trojan, to target firms in Hong Kong, Taiwan, China, and Singapore.

Security threat   >   One endpoint on a network has been compromised.

Timeline of the latest LastPass data breaches

Attackers apparently used data taken in an August attack on the password management firm to enable another attack in November.

military veteran cybersecurity

Veterans bring high-value, real-life experience as potential cybersecurity employees

Veterans come with a range of hard and soft skills acquired during their military service that often dovetail perfectly into a career in cybersecurity.

recovery gauge [disaster recovery - crisis survival - business continuity]

CYGNVS exits stealth, trumpeting its cyberattack recovery platform

CYGNVS platform promises a playbook, out-of-band connectivity, and more to help organizations recovery from major cyberattacks.


money currency international denominations global currency by metamorworks getty images 1129515470

P-to-P fraud most concerning cyber threat in 2023: CSI

Peer-to-peer fraud and other digital fraud constituted more than 29% of bankers categorizing it as the most worrying cyber threat in 2023, according to CSI.

security vulnerabilities such as hackers and cyberattacks

ServiceNow to detect open source security vulnerabilities with Snyk integration

ServiceNow Vulnerability Response users will now have access to Snyk’s product that scans open source code during the development process.

cloud security shield with checkmark / cloud / digital connections / cloud security expert / CASB

Skyhawk launches platform to provide threat detection and response across multi-cloud environments

Skyhawk says the Synthesis CDR platform employs machine learning aimed at eliminating alert fatigue with runtime protection of cloud infrastructure.

Many keys, one lock  >  Brute-force credential stuffing.

How passkeys are changing authentication

Well-implemented passkeys can improve the user experience and make it harder for cybercriminals to launch phishing and other attacks.

australia military shutterstock 1519594076

Australia fronts International Counter Ransomware Taskforce

The taskforce is a result of the International Counter Ransomware Initiative initially led by the US government and now counts on 37 members globally, including the European Union.