UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

Features

Triangular alert with exclamation mark amid abstract binary and sketches of scattered books.

What is a dictionary attack? And how you can easily stop them

A targeted form of brute force attack, dictionary attacks run through lists of common words, phrases, and leaked password to gain access to accounts.

security access / authorization / login credentials / username / password / mobile phone

8 steps to protecting login credentials

Follow this advice to help users and network admins to better protect login credentials to corporate systems.

Multiple individual cloud instances / cloud deployments

CIO Think Tank: Setting the multi-cloud agenda

How can enterprises handle the complexity of multiple clouds — and reap unprecedented benefits? In a series of virtual roundtables, 30 IT leaders articulated the challenges and delivered insightful recommendations.

binary data inside of a safe / secure containerization

9 container security tools, and why you need them

Most traditional security tools won't help with protecting container data and images. These options were built specifically for container security.

A network of security components overlays a credit card payment made by laptop user.

PCI compliance: 4 steps to properly scope a PCI assessment

Although it might sound straightforward, scoping a PCI assessment can be a challenge even for experienced organizations. Experts offer their best advice for avoiding PCI missteps.

hovering drone / camera / propellor blades

How drones affect your threat model

As use of unmanned aerial vehicles grows, organizations should have a plan for managing the risk associated with drones, whether or not they deploy them, experts say.

padlock / Domain Name System / DNS / ICANN / security

DNSSEC explained: Why you might want to implement it on your domain

The Domain Name System Security Extensions provide cryptographic authentication to prevent redirection to rogue websites, but owners of many domains have yet to adopt it.

credit card theft / credit card fraud / credit card hack

Credit card fraud: What you need to know now

Credit and payment card thieves are getting more sophisticated as chipped cards drive them to account takeover and card-not-present schemes.

software update

Latest Microsoft Windows security update options explained

New features might require you to change current update policies, especially if you're supporting more remote workers.

shocked, surprised men in a binary context

Top 8 weirdest, meanest and dumbest hacks of all time

Hackers have used some strange ways to break into networks or commit fraud. Not all are clever or smart.

Aspects of employment / communication / networking / partnership / collaboration / teams / hiring

The state of security hiring: Jobs, skills & salaries

Even in today's tough job market, demand for security pros remains high. We look at the hottest industries and markets for cyber security jobs — and what it will take to land a one of these top jobs.

locked data / bitcoins

A history of ransomware: The motives and methods behind these evolving attacks

Ransomware was a novelty until Bitcoin emerged. Today, ransomware is big business as gangs keep innovating.

Microsoft Office the most targeted platform to carry out attacks

The number of attacks carried out using the popular suite has increased in the past two years as browsers become harder targets. Office files are now more popular than PDFs to deliver malware.

handshake / teamwork / collaboration / partnership / deal / negotiation

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

A hacker with laptop diplays a skull and crossbones with Microsoft colors.

RDP hijacking attacks explained, and how to mitigate them

Attackers take advantage of a Windows Remote Desktop Protocol feature to take over previously disconnected sessions and appear as a legitimate user to gain system access and control,

raining data on keyboard programming developer code

What is DevSecOps? Why it's hard to do well

DevSecOps is about introducing security earlier in the life cycle of application development, thus minimizing vulnerabilities and bringing security closer to IT and business objectives.

An empty office has been cleared out with only a moving box remaining.

7 steps to securely shutting down business units

Closing down parts or all of a business involves more than just decommissioning IT assets. CISOs must lead a holistic effort to ensure data and access aren’t left exposed.

black hat / hacker entering a binary room through a keyhole

11 top DEF CON and Black Hat talks of all time

Hacker summer camp is almost upon us again. Here are some of the best talks of all time. Will this year's virtual talks measure up to these legends?

Load More

Popular Resources

White Paper

Building Finance Resiliency and Returning the Business to Scale
eGuide
Sponsored

Do Your Life's Work From Anywhere With NVIDIA Virtual GPU Solutions
White Paper

10 Things Not To Tell Your Board About Your OT Cybersecurity Program
White Paper

Cloud-Native Security Platforms: The Solution for the Digital Age
White Paper

Moving To Disaster-Recovery-as-a-Service (DRaaS)

See All

Most Popular

BrandPosts

Sponsored by Fortinet

Organizations Leverage Fortinet SaaS Offerings for Advanced Security and
Sponsored by Extrahop

How to Get Broader, Deeper MITRE Attack Coverage by Using EDR and NDR Together
Sponsored by Cisco

Securing and Connecting a New Era of Remote Work