CSO | Security news, features and analysis about prevention, protection and business innovation.

audience listens to speaker lecture at a conference presentation

The CSO guide to top security conferences, 2019

CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

CSO staff

Bingo balls read 19, 20 and 21; no. 20 at the forefront.

2020 cybersecurity trends: 9 threats to watch

Here's how your biggest threats of 2019 will likely trend for 2020 and how you might change your defensive strategy for them.

Michael Nadeau

What it takes to become a CISO

The chief information security officer (CISO) role has been steadily rising in importance and visibility. CISOs now carry the burden of responsibility for securing some of a company’s most valuable resources.

Bob Violino

virus specimen / world map / binary code

Best antivirus software: 12 top tools

These top-ranking Windows 10 client antivirus products were tested on three primary criteria: protection, performance and usability.

Maria Korolov

How to secure your DNS traffic under Windows

DNS traffic is prone to snooping, and it’s often far too easy for attackers to hijack and change a company’s DNS settings. These simple steps will amp up your DNS protection.

Susan Bradley

Remote hackers can modify CPU voltage to steal secrets from Intel SGX enclaves

By manipulating the voltage of Intel CPUs that use SGX, researchers can extract sensitive data, including full RSA encryption keys, from memory using the Plundervolt vulnerability.

Lucian Constantin

Cryptojacking > Binary skull, code and bitcoin symbols invade systems as malware

Cryptominers and fileless PowerShell techniques make for a dangerous combo

This new dual-payload cryptojacking malware can disable Windows Antimalware Scan Interface and inject itself directly into memory of legitimate processes.

Lucian Constantin

The race for quantum-proof cryptography

Lawmakers briefed on quantum computing’s threat to encryption and the urgent need for mathematical research.

Cynthia Brumfield

rear view mirror with desert scene in the distance

IDG Contributor Network

2019 in review: data breaches, GDPR’s teeth, malicious apps, malvertising and more

As 2019 draws to a close, it is time to reflect on what’s happened in cybersecurity over the past twelve months – and in some cases, what didn’t happen this year.

Rick Grinnell

How a nuclear plant got hacked

India's Kudankulam Nuclear Power Plant (KNPP) publicly admitted they discovered malware on their networks. It likely could have been easily avoided.

J.M. Porup

Popular Resources

View All

9 top fuzzing tools: Finding the weirdest application errors

Fuzz testing tools root out odd programming errors that might result in dangerous unexpected application errors that attackers can exploit.

John Breeden II

Cloud Computing

3 cloud security ‘hacks’ to consider today

Keeping your cloud deployments secure is a full-time job. Here are a few shortcuts that make your cloud security better and your life easier

David Linthicum

CSO > breakthrough / penetration testing / sledgehammer breaking through a binary wall

InfoSec at Your Service

8 common pen testing mistakes and how to avoid them

Penetration testing is vital, but are you doing it right? Here are some common mistakes and advice on how to avoid them.

Michelle Drolet

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

CSO staff

silver platter passwords exposed authentication hacked vulnerable security breach

Future Identity

4 authentication use cases: Which protocol to use?

Choosing the wrong authentication protocol could undermine security and limit future expansion. These are the recommended protocols for common use cases.

Susan Morrow

From Our Advertisers

cso online

Insider risk management – who’s the boss?

8 common pen testing mistakes and how to avoid them

New CSO appointments in India, 2019

The CSO guide to top security conferences, 2019

CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

2020 cybersecurity trends: 9 threats to watch

Here's how your biggest threats of 2019 will likely trend for 2020 and how you might change your defensive strategy for them.

What it takes to become a CISO

The chief information security officer (CISO) role has been steadily rising in importance and visibility. CISOs now carry the burden of responsibility for securing some of a company’s most valuable resources.

Best antivirus software: 12 top tools

These top-ranking Windows 10 client antivirus products were tested on three primary criteria: protection, performance and usability.

How to secure your DNS traffic under Windows

DNS traffic is prone to snooping, and it’s often far too easy for attackers to hijack and change a company’s DNS settings. These simple steps will amp up your DNS protection.

Remote hackers can modify CPU voltage to steal secrets from Intel SGX enclaves

By manipulating the voltage of Intel CPUs that use SGX, researchers can extract sensitive data, including full RSA encryption keys, from memory using the Plundervolt vulnerability.

Cryptominers and fileless PowerShell techniques make for a dangerous combo

This new dual-payload cryptojacking malware can disable Windows Antimalware Scan Interface and inject itself directly into memory of legitimate processes.

The race for quantum-proof cryptography

Lawmakers briefed on quantum computing’s threat to encryption and the urgent need for mathematical research.

2019 in review: data breaches, GDPR’s teeth, malicious apps, malvertising and more

As 2019 draws to a close, it is time to reflect on what’s happened in cybersecurity over the past twelve months – and in some cases, what didn’t happen this year.

How a nuclear plant got hacked

India's Kudankulam Nuclear Power Plant (KNPP) publicly admitted they discovered malware on their networks. It likely could have been easily avoided.

9 top fuzzing tools: Finding the weirdest application errors

Fuzz testing tools root out odd programming errors that might result in dangerous unexpected application errors that attackers can exploit.

3 cloud security ‘hacks’ to consider today

Keeping your cloud deployments secure is a full-time job. Here are a few shortcuts that make your cloud security better and your life easier

8 common pen testing mistakes and how to avoid them

Penetration testing is vital, but are you doing it right? Here are some common mistakes and advice on how to avoid them.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

4 authentication use cases: Which protocol to use?

Choosing the wrong authentication protocol could undermine security and limit future expansion. These are the recommended protocols for common use cases.