Advertisement
New exploits can bypass Secure Boot and modern UEFI security protections
Two research groups demonstrate PC firmware vulnerabilities that are difficult to mitigate and likely to be exploited in the wild.
New US CISO appointments, August 2022
Keep up with news of CSO, CISO, and other senior security executive appointments.
The CSO guide to top security conferences, 2022
Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.
Advertisement
Top cybersecurity products unveiled at Black Hat 2022
Here are some of the most interesting new products launched at Black Hat USA 2022, including zero trust, extended detection and response (XDR), and a host of other threat and vulnerability management offerings.
FTC begins sweeping commercial surveillance and lax data security rulemaking process
While some praise the FTC's efforts, some in Congress worry that it overlaps with and possibly jeopardizes the passing of the American Data Privacy and Protection Act.
Network mistakes, misconfigurations cost companies millions
Titania research pegs losses from misconfigurations at average of 9% of annual revenue.
What happened to the Lapsus$ hackers?
Despite using methods that are "bold, illogical, and poorly thought out, Lapsus$ has successfully breached companies like Microsoft, Vodafone and Nvidia.
Cisco admits hack on IT network, links attacker to LAPSUS$ threat group
Cisco says an employee’s credentials were compromised after an attacker gained control of a personal Google account.
How a Venezuelan disinformation campaign swayed voters in Colombia
A Black Hat presentation explains how Russia-aligned Venezuela influenced the presidential election in Columbia to its political benefit.
Black Basta: New ransomware threat aiming for the big league
The Black Basta ransomware gang has reached a high level of success in a short time and is possibly an offshoot of Conti and REvil.
Advertisement
37 hardware and firmware vulnerabilities: A guide to the threats
Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware and its firmware. This list, though not comprehensive, presents the most significant threats.
Sensitive data in the cloud gets new automated remediation tool from BigID
An automated watchdog designed to keep private files in cloud storage secure is now available for Google Drive users, from data intelligence and management company BigID.
Microsoft urges Windows users to run patch for DogWalk zero-day exploit
Despite previously claiming the DogWalk vulnerability did not constitute a security issue, Microsoft has now released a patch to stop attackers from actively exploiting the vulnerability.
CrowdStrike adds AI-powered indicators of attack to Falcon platform
The new feature leverages millions of examples of malicious activity to more accurately identify signs of an attack.
Chinese APT group uses multiple backdoors in attacks on military and research organizations
The TA428 group has been successful by targeting known vulnerabilities and using known detection evasion techniques.
From Our Advertisers
-
![HP Wolf Security]()
Featured Sponsor HP Wolf SecurityThe Need for Endpoint Security Rooted In Zero Trust -
![city lights at night]()
Sponsored by ZscalerSecurity Service Edge (SSE) Coming In HOT! -
![istock 1294389873]()
Sponsored by Microsoft SecurityIs MFA the Vegetable of Cybersecurity? -
![woman holding tablet]()
Sponsored by PresageTransforming Digital Healthcare Through Video Vital Sign Analysis
