News
![Windows security and protection [Windows logo/locks]](https://images.idgesg.net/images/article/2018/02/windows_security_safety_protection_encryption_locks_thinkstock_831741980-100749419-medium.3x2.jpg)
Popular Avaya enterprise VoIP phones are vulnerable to hacking
Attackers can use the vulnerability to gain complete control of the phone. It underscores the risks of using old open-source code in IoT devices.
Black Hat keynote: Why security culture needs to change
Dino Dai Zovi tells Black Hat audience to embrace a culture where security is everyone's job and risks are shared. Automation with feedback loops also key to solving security challenges at scale
Inside the 2014 hack of a Saudi embassy
According to documents seen by CSO, an unknown attacker took control of the official email account of the Saudi embassy in The Netherlands and demanded a ransom of $50 million for ISIS.
New Spectre-like CPU vulnerability bypasses existing defenses
The SWAPGS vulnerability can allow attackers to access contents of kernel memory addresses. Microsoft and Intel have coordinated on a mitigation.
Critical VxWorks flaws expose millions of devices to hacking
Researchers have found 11 serious vulnerabilities in VxWorks, the world's most popular real-time operating system (RTOS) that powers over 2 billion devices including enterprise network firewalls and routers, industrial controllers and...
Security executives on the move and in the news
Find up-to-date news of CSO, CISO and other senior security executive appointments.
15 signs you've been hacked -- and how to fight back
Redirected internet searches, unexpected installs, rogue mouse pointers: Here's what to do when you've been hacked.
Equifax’s data breach disaster: Will it change executive attitudes toward security?
Equifax's 2017 breach will cost it billions in fines, customer restitution and mandated and voluntary security improvements. All organizations that profit from consumer data should take notice.
Why getting election security right for 2020 matters
The U.S. is moving at glacial speed to secure election systems against possible interference by foreign adversaries. We're not even close to ready, and that could call contests into question.
Companies with zero-trust network security move toward biometric authentication
According to new research, more companies are enabling biometric authentication on devices to verify access requests.
To pay or not pay a hacker’s ransomware demand? It comes down to cyber hygiene
A recent call for city leaders to stop paying ransomware demands underscores the need for municipalities to step up their cyber practices and have a good backup process in place.
Telecom insiders detail hardships posed by Chinese technology ban
Banning Chinese Telecom vendors Huawei and ZTE creates fear, uncertainty and doubt as well as new supply chain security ideas among small telcos.
AWS re:Inforce 2019: Amazon shows its dedication to cloud security
AWS re:Inforce sets the bar for cloud security and the industry. Now Amazon needs to reinforce this leadership in an era of dynamic software development and hybrid cloud computing.
Telcos around the world hit by long-term intelligence gathering cyberattack
Operation Soft Cell saw telcos around the world lose over 100GB of call record data, but it could have been much worse. Attackers could have shut down cell networks if they wanted.
OpenSSH to protect keys in memory against side-channel attacks
The new OpenSSH patch makes it harder to execute attacks such as Spectre, Meltdown, Rowhammer and Rambleed.
Sponsored Links