News

Composite image of binary code and biometric fingerprint scanning authorization.
CSO  >  ransomware / security threat

Conceptual image of a network of executives / silhouettes of executives in motion.

Security executives on the move and in the news

Find up-to-date news of CSO, CISO and other senior security executive appointments.

CSO slideshow - Insider Security Breaches - Flag of China, binary code

Telecom insiders detail hardships posed by Chinese technology ban

Banning Chinese Telecom vendors Huawei and ZTE creates fear, uncertainty and doubt as well as new supply chain security ideas among small telcos.

keeping the cloud secure cloud security lock padlock private cloud

AWS re:Inforce 2019: Amazon shows its dedication to cloud security

AWS re:Inforce sets the bar for cloud security and the industry. Now Amazon needs to reinforce this leadership in an era of dynamic software development and hybrid cloud computing.

Telecom tower

Telcos around the world hit by long-term intelligence gathering cyberattack

Operation Soft Cell saw telcos around the world lose over 100GB of call record data, but it could have been much worse. Attackers could have shut down cell networks if they wanted.

rambleed ram memory card hardware hack breach binary by 13threephotography getty

OpenSSH to protect keys in memory against side-channel attacks

The new OpenSSH patch makes it harder to execute attacks such as Spectre, Meltdown, Rowhammer and Rambleed.

CSO > Security automation

New MongoDB field-level encryption can help prevent data breaches

MongoDB aims to prevent exposed data stores by encrypting data in a way that makes it useless if compromised.

rambleed ram memory card hardware hack breach binary by 13threephotography getty

Rowhammer variant RAMBleed allows attackers to steal secrets from RAM

Unlike Rowhammer, which only allows for data corruption, the newly discovered RAMBleed vulnerability provides a way to grab data such as encryption keys from memory.

CSO slideshow - Insider Security Breaches - Flag of China, binary code

Why the Huawei ban is bad for security

Many believe the ban on exporting U.S. technology to Chinese company Huawei could hurt American tech vendors and do little to mitigate supply chain threats.

8 getting breached is bad for business

From phish to network compromise in two hours: How Carbanak operates

Cybercriminal group Carbanak has stolen hundreds of millions of dollars from financial institutions. Here's a detailed analysis by Bitdefender of an attack on one bank.

tf19 032 thumb tf4
video

How the U.S. ban on Huawei is affecting business | TECH(feed)

The U.S. ban on Huawei business has already affected small telecom carriers in rural areas. And, unsurprisingly, Huawei responded to the ban with increased legal pressure. This fight is far from over, and Juliet has the latest updates...

CSO > Phishing attacks that bypass two-factor authentication

Phishing attacks that bypass 2-factor authentication are now easier to execute

Researchers released two tools--Muraen and NecroBrowser--that automate phishing attacks that can bypass 2FA. Most defenses won't stop them.

CSO > Security mechanisms vs. fiery threats

Public SAP exploits could enable attacks against thousands of companies

A recently released exploit takes advantage of a known configuration vulnerability that persists among many on-premise and cloud SAP instances. Here's what companies using SAP should do.

russian hacking us election  putin voting fraud hacked

2016 election hacking in Florida: Russian emails, hidden tracks

The Mueller Report says the Russians planted malware on at least one Florida county system, and Florida's governor announces that two counties were hacked in 2016. Experts believe the problem could be bigger.

CSO > IoT / Internet of Things, unencrypted/unsecured/vulnerable

Over 90% of data transactions on IoT devices are unencrypted

A report from Zscaler reveals some troubling facts about the risks posed by network-connected IoT devices.

passwords exposed authentication hacked vulnerable security breach

IT services giant HCL left employee passwords, other sensitive data exposed online

HCL left employee passwords, customer project details, and other sensitive information exposed online with no authentication.

drafting military for cyber security cybersecurity govenment

Will the U.S. government draft cybersecurity professionals?

A Congressional commission might soon recommend conscription of cybersecurity professionals to serve in both the military and civil service. Will the government force security pros to work for Uncle Sam?

Load More