News

Cyber warfare > Russian missile launcher / Russian flag / binary code

Russia’s cyber future connected at the waist to Soviet military industrial complex

New research raises questions about whether Russia's cyber warefare operations are up to modern day challenges.

post 3 image how hardened vms can help with cloud security 1

Excess privilege in the cloud is a universal security problem, IBM says

A new report from IBM said that elevated permissions and role identities in the cloud are present in nearly all successful compromises performed by the company’s X-Force Red penetration testing team.

A frowning, anxious woman looks at her phone in shock and horror.

Cybersecurity startup launches mobile app to protect against phishing attacks

Israeli startup novoShield has released an iPhone app that protects users against malicious websites.

Two developers collaborate on a project as they review code on a display in their workspace.

AutoRabit launches devsecops tool for Salesforce environments

CodeScan Shield comes with a new module, OrgScan, which governs organizational policies by enforcing the security and compliance rules mandated for Salesforce environments.

post 11 image foundational cloud security with cis benchmarks

New Sysdig cloud security software prioritizes risk, cuts remediation time

The cloud security posture management (CSPM) offering comes with ToDo, an actionable checklist showing prioritized risks, and Remediation Guru, guided remediation at the source.

Tech Spotlight > Cloud [CSO] > Conceptual image of laptop users with cloud security overlay.

One in 10 employees leaks sensitive company data every 6 months: report

Departing employees are most likely to leak sensitive information to competitors, criminals or the media in exchange for cash.

CSO: Have you met these hackers? [slide 04]

Iranian cyberspies use multi-persona impersonation in phishing threads

Iran-sponsored groups use fake personas of real people to add credibility to phishing emails designed to deliver malware through remote template injection.

Q-Scout aims for smartphone security without the intrusiveness

A new offering from the recently rebranded Kryptowire—now Quokka—looks to provide mobile application security without infringing on end-user privacy.

post 3 image how hardened vms can help with cloud security 1

One-third of enterprises don’t encrypt sensitive data in the cloud

Organizations are struggling to keep up with ever-expanding cloud attack surfaces and increasing multicloud complexity, according to Orca Security research.

intro cyber attack maps

U.S. government offensive cybersecurity actions tied to defensive demands

Current and former U.S. government officials explain the country's "defense forward" and offensive cybersecurity policies and their risks.

cyber security concept hooded hacker

Hands-on cyberattacks jump 50%, CrowdStrike reports

Malicious hackers hone their tradecraft, reducing the time it takes to move from an initial compromised host machines to other components in enterprise networks, CrowdStrike says.

nycrr cybersecurity gavel regulation compliance law nyc statue of liberty

CISA launches incident, ransomware reporting rulemaking RFI

The U.S. Cybersecurity and Infrastructure Security Agency seeks input on a common set of cybersecurity incident reporting regulations.

Wi-Fi_twilight_blur_800.jpg

Medical device vulnerability could let hackers steal Wi-Fi credentials

Vulnerabilities on battery units for medical infusion pump devices made by Baxter could allow for network access, DoS and man-in-the-middle attacks, highlighting IoT security issues and the need to properly decommission equipment,...

Conceptual image of a network of executives / silhouettes of executives in motion.

New US CISO appointments, September 2022

Keep up with news of CSO, CISO, and other senior security executive appointments.

trojan horse malware virus binary by v graphix getty

North Korean state-sponsored hacker group Lazarus adds new RAT to its malware toolset

Lazarus has used the new remote access Trojan in campaigns that exploit the Log4Shell vulnerability and target energy companies.

ransomware attack

Ransomware attacks on retailers rose 75% in 2021

Securing cyberinsurance coverage for retail organizations has become difficult because of the increasing number of attacks.

supply chain / virtual network of connections

Global companies say supply chain partners expose them to ransomware

A Trend Micro report reveals that 52% of global organizations have a supply chain partner that was hit by ransomware.

instagram app login

Instagram faces $402 million fine for alleged mishandling of children’s data

Parent company Meta said that it plans to appeal the decision by the Irish Data Protection Commissioner, which is the second-largest, privacy-based fine on record.

Data breach > open padlock allowing illicit streaming data collection

TikTok denies breach after hackers claim billions of user records stolen

TikTok says that data samples are publicly accessible information and not a result of compromise of their systems, networks, or database.

Networking cables viewed through a magnifying lens reveal a data breach.

Samsung reports second data breach in 6 months

Samsung claims no consumer devices were affected by the breach, in which customers’ contact information, dates of birth and product registration details were leaked.

Load More