Advertisement
- Don't Miss:
- CSO50 2022 Award Winners
- CSO Hall of Fame honorees
Remote code execution exploit chain available for VMware vRealize Log Insight
Researchers found four vulnerabilities in vRealize Log Insight that were relatively non-threatening on their own but lead to significant compromise when used together.
NTT, Palo Alto partner for managed SASE with AIOps
Using a managed services provider to deliver SASE can streamline deployment and free up enterprise resources.
Foreign states already using ChatGPT maliciously, UK IT leaders believe
Most UK IT leaders are concerned about malicious use of ChatGPT as research shows how its capabilities can significantly enhance phishing and BEC scams.
Advertisement
APT groups use ransomware TTPs as cover for intelligence gathering and sabotage
Changing tactics by North Korean, Russian, and Chinese APT groups suggest that Western companies are at greater risk.
New “MITRE ATT&CK-like” framework outlines software supply chain attack TTPs
The OSC&R Framework aims to help security professionals better understand and measure software supply chain risk.
Misconfiguration and vulnerabilities biggest risks in cloud security: Report
About 87% of container images include a high or critical vulnerability, while 90% of granted permissions are not used, according to cybersecurity firm Sysdig.
US DOJ applies carrot-and-stick approach to Foreign Corrupt Practices Act policy
Corporations (and their CISOs) that discover wrongdoing or corruption within their own business are well-advised to self-report such activities and cooperate with prosecutors. The stakes are high for those who don’t.
Why you might not be done with your January Microsoft security patches
Microsoft released a flurry of security patches and updates in January, so it would be easy to overlook these two.
IoT, connected devices biggest contributors to expanding application attack surface
New report shines light on application security challenges impacting global businesses.
Guardz debuts with cybersecurity-as-a-service for small businesses
An easy-to-use cybersecurity toolkit from Tel Aviv-based startup Guardz targets small and medium-size businesses (SMBs).
Advertisement
Privacera connects to Dremio’s data lakehouse to aid data governance
The integration of open-source based Privacera into Dremio’s data lakehouse is designed to allow joint customer enterprises to manage and organize secure data access.
Trulioo launches end-to-end identity platform
The new Trulioo platform will combine all existing Trulioo products into a single platform, allowing the ID verification firm to target global enterprise customers.
Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges
Proofpoint discovers threat actors targeting verified status in the Microsoft environment to abuse OAuth privileges and lure users into authorizing malicious apps.
New UN cybercrime convention has a long way to go in a tight timeframe
Nations around the world are hammering out a new cybercrime convention, but some UN members seek to criminalize activities that are not bona fide crimes.
How to survive below the cybersecurity poverty line
The security poverty line has become the benchmark of acceptable cybersecurity for businesses. Here are the factors that determine that benchmark and advice for those below it.
From Our Advertisers
-
Featured Sponsor HP Wolf SecurityThe Need for Endpoint Security Rooted In Zero Trust
-
Sponsored by Microsoft SecurityNation-State Threats and the Rise of Cyber Mercenaries: Exploring the
-
Sponsored by CiscoIs Your Organization Security Resilient? Here’s How to Get There
-
Sponsored by Palo Alto NetworksWhat’s Next in Securing Healthcare