Advertisement
-
INSIDER
-
Defending quantum-based data with quantum-level security: a UK trial looks to
-
9 top identity and access management tools
-
-
News
-
SQL injection, XSS vulnerabilities continue to plague organizations
-
Google Cloud previews advanced new API security features
-
-
How-To
-
How to mitigate Active Directory attacks that use the KrbRelayUp toolset
-
How to audit Microsoft Active Directory
-
-
Windows Security Tips
-
Microsoft Defender for Business | What security admins need to know
-
Reviewing software risks on your Windows network
-
SQL injection, XSS vulnerabilities continue to plague organizations
Errors that allow SQL injection and cross-site scripting attacks are still the top vulnerabilities that pen-testers find, especially at smaller companies.
LockBit explained: How it has become the most popular ransomware
Criminal use of the LockBit ransomware as a service is growing rapidly thanks to updates to the malware and the decline of other ransomware gangs.
6 signs your IAM strategy is failing, and how to fix it
Mistakes when implementing identity and access management systems, especially during upgrades, can have lasting effects. Here's how to spot and avoid the worst of them.
Advertisement
Zero-day flaw in Atlassian Confluence exploited in the wild since May
Atlassian has issued emergency patches for the vulnerability, which could allow attackers to perform remote code execution.
11 top cloud security threats
More data and applications are moving to the cloud, which creates unique infosecurity challenges. Here are the "Pandemic 11," the top security threats organizations face when using cloud services.
Lessons from a dual career: Happiest Mind’s CISO Vijay Bharati
Bharati explains how being on both sides of the table — as a solution provider and CISO — has helped him in performing better.
Security Recruiter Directory
To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.
Google Cloud previews advanced new API security features
Google’s latest security update for Google Cloud is aimed at curbing API-based attacks.
How you handle independent contractors may determine your insider threat risk
Outside experts can be willing or accidental security threats. Reduce that risk by changing how you onboard, train and offboard them.
Key takeaways from CSA’s SaaS Governance Best Practices guide
Security and governance policies and practices are failing to keep up with the growth of SaaS usage. The Cloud Security Alliance's guidance aims to get that back on track.
Advertisement
SolarWinds creates new software build system in wake of Sunburst attack
Lessons learned from software supply chain breach lead to innovative and secure development scheme.
Google Cloud gets new built-in security features
MITRE ATT&CK integration and baked-in DDoS prevention are now available in Google Cloud.
Sysdig Secure update adds ability to stop container attacks at runtime
Sysdig's Drift Control detects and stops attempts to run packages or binary files that were added or modified at runtime.
Why more zero-day vulnerabilities are being found in the wild
With the number of zero-days spiking in the last 18 months, organizations need to increase their patching efforts. Software vendors can be more transparent, too.
How and why threat actors target Microsoft Active Directory
New vulnerabilities in Active Directory emerge regularly, and unpatched old ones and misconfigurations open doors for attackers.
From Our Advertisers
-
Featured Sponsor IntelCompetitive Advantage with a Modern Data Center that Delivers Boundless Agility
-
Sponsored by NetscoutDeploy NDR to Modernize Your Cybersecurity Strategy
-
Sponsored by Hillstone NetworksSD-WAN and Cybersecurity: Two Sides of the Same Coin