Advertisement

international flags / global business discussion

White House international ransomware initiative outlines hopes and challenges

More than 30 nations discussed tactics for collaborating in the fight against ransomware, but it competes with a Russian-led UN initiative.


Microsoft Windows security  >  Windows laptop + logo with binary lock and key

Microsoft's very bad year for security: A timeline

Microsoft has had a horrible 2021, with vulnerabilities impacting its biggest services.


CSO  >  Right and wrong buttons and question marks

6 zero trust myths and misconceptions

If you’ve fallen for one of these myths, you may need to rethink your zero trust strategy.


Advertisement

CSO  >  secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.


vulnerable breach cyberattack hacker

How shape-shifting threat actors complicate attack attribution

Researchers explain how they identified—or failed to identify—the threat actors behind three high-profile incidents and why attribution is so difficult.


ransomware

REvil ransomware explained: A widespread extortion operation

The REvil group, a.k.a. Sodinokibi, re-victimizes its targets by threatening to release stolen data even after the initial ransom demand is paid.


A laptop displays binary code and the flag of China.

Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation

The attackers used the exploit to deploy a new remote shell Trojan called MysterySnail.


Team members with laptop and mobile phone are superimposed with abstract statistics, data and charts

Google forms Cybersecurity Action Team to support customer security transformation

Google’s initiative will offer security and compliance services to guide governments, critical infrastructure, enterprises, and small businesses through digital transformation.


network security / network traffic scanning

AT&T launches managed XDR suite to provide endpoint-to-cloud security

AT&T is combining security tools including its threat intelligence and detection platform USM Anywhere with endpoint and network security services from partners to roll out a cloud-based, managed XDR platform for end-to-end detection...


Laura Deaner, CISO, Northwestern Mutual

Northwestern Mutual’s Laura Deaner: Resist the urge to solve stuff fast

Technologists want to “solve stuff really fast,” says Northwestern Mutual CISO Laura Deaner. But to cement their roles as business leaders, CISOs must take the time to understand the business and build a security strategy that solves...


Advertisement

broken binary code matrix / breached / failed / hacked

Twitch breach highlights dangers of choosing ease of access over security

Attackers essentially broke into the Twitch house and cleaned out everything. Following least-privilege access principles and encrypted datasets will help others avoid that scenario.


network security / secure connections / integrated system of locks

Time to check software and security settings for Windows network vulnerabilities

October is Cybersecurity Awareness Month, and that's a good excuse to review what's running on your network to identify security risks.


vulnerable breach cyberattack hacker

October is high season for cyberattacks, Infosec Institute study shows

A study by Infosec Institute indicates that there has been an exponential increase in cyberattacks globally in the last five years, and a major part of it happened in the month of October each year as attackers apparently exploit...


spot edgecomputing cso by 4 pm production shutterstock 2400x1600 primary 3

Securing the edge: 4 trends to watch

The global COVID-19 pandemic exacerbated some of the security risks associated with the move to a more distributed computing model. Here are 4 ways security organizations are responding as edge computing threats evolve.


authentication

SAML explained: How this open standard enables single sign on

Security Assertion Markup Language (SAML) is a standard that defines how providers can offer both authentication and authorization services. Here's what you need to know.