CSO | Security news, features and analysis about prevention, protection and business innovation.

MoonBounce UEFI implant used by spy group brings firmware security into spotlight

The MoonBounce rootkit implants a malicious driver in the Windows kernel to provide persistence and stealthiness.

Lucian Constantin

cloud security / data protection / encryption / security transition

Attackers use public cloud providers to spread RATs

Cisco discovers malware campaign using Azure and AWS to spread Nanocore, Netwire and AsyncRATs.

John P. Mello Jr.

CSO > secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

McAfee, FireEye merger yields Trellix, a unified XDR security company

Trellix will build on existing McAfee and Fire Eye applications, machine learning and automation technology to create an XDR platform of interoperable of products for threat prevention, detection and response.

Shweta Sharma

Eyeglasses rest on a binary field / code review / threat assessment / check vulnerabilities

Cybersecurity Snippets

Security hygiene and posture management: A 2022 priority

Disjointed tools and manual processes provide an incomplete and unacceptable picture of cyber-risk.

Jon Oltsik

2 man with binoculars data breach research spy

What CISOs can learn about insider threats from Iran's human espionage tactics

Israel's arrest of four women recruited to spy for Iran reveals how an adversary might recruit an insider to act on its behalf.

Christopher Burgess

BadUSB explained: How rogue USBs threaten your organization

The FBI has warned of an attack campaign that sends USB drives containing malicious software to employees. Here is what you need to know about BadUSB and mitigating its risks.

Michael Hill

Cybersecurity > Email security threats, such as phishing

INTERPOL and Nigerian Police bust business email compromise ring, arrest 11

Operation Falcon II focused on malware skills and knowledge to track suspects thought to be members of the SilverTerrier BEC network that has harmed thousands of companies globally.

Michael Hill

rules rulebook letters compliance regulation by alex ishchenko getty

UK government proposes changes to NIS Regulations and cybersecurity qualifications

The UK government has announced two new consultation periods aimed at strengthening the nation’s cybersecurity posture with focus on bolstering cyber resilience and embedding new career pathways across the profession.

Michael Hill

Supply chain vulnerability allows attackers to manipulate SAP transport system

The vulnerability permits malicious interference in the SAP change management and software deployment processes. SAP issues patch to protect file system from exploitation.

Michael Hill

The Prometheus traffic direction system is a major player in malware distribution

Newly discovered Prometheus uses a network of compromised websites and servers to direct victims to malware or scams.

Lucian Constantin

Popular Resources

View All

White Paper

Ransomware Emergency Kit
White Paper

The Digital CFO
White Paper

Experience smarter personalization, designed and delivered by IBM® and Adobe®
eGuide
Sponsored

Preparing Your Corporate Network For Microsoft Teams Telephony – A Simple Guide

adding processor to circuit board computer hardware

Microsoft's Pluton security processor tackles hardware, firmware vulnerabilities

Pluton-equipped Windows 11 computers are now available, but the decision to purchase them depends on your threat model.

Susan Bradley

Cyber warfare > Russian missile launcher / Russian flag / binary code

Russia-linked cyberattacks on Ukraine: A timeline

Cyber incidents are playing a central role in the Russia-Ukraine conflict. Here's how events are unfolding along with unanswered questions.

Cynthia Brumfield

Russian cyberattacks on Ukraine raise IT security concerns

The destructive attacks follow a U.S. government warning for a "heightened state of awareness" and to follow state-sponsored threat mitigation advice.

Christopher Burgess

programmer abstract code glasses devops certification skills kevin unsplash

How chaos engineering can help DevSecOps teams find vulnerabilities

DevOps teams have used chaos engineering concepts to find software bugs for years. Tools are now available to help identify security flaws, too.

Peter Wayner

woman holding playbook guide book guide binary by undefined undefined getty images

Three recent events prove the need for an insider risk playbook

Pfizer, Ubiquiti and Code42 all faced real or potential insider threats that could have been a lot worse if they did not have a plan to deal with them.

Christopher Burgess

From Our Advertisers

cso online

A 2022 checklist for protecting Microsoft 365 users and data

4 ways cybercriminals hide credential stuffing attacks

Cybercrime group Elephant Beetle lurks inside networks for months

MoonBounce UEFI implant used by spy group brings firmware security into spotlight

The MoonBounce rootkit implants a malicious driver in the Windows kernel to provide persistence and stealthiness.

Attackers use public cloud providers to spread RATs

Cisco discovers malware campaign using Azure and AWS to spread Nanocore, Netwire and AsyncRATs.

McAfee, FireEye merger yields Trellix, a unified XDR security company

Trellix will build on existing McAfee and Fire Eye applications, machine learning and automation technology to create an XDR platform of interoperable of products for threat prevention, detection and response.

Security hygiene and posture management: A 2022 priority

Disjointed tools and manual processes provide an incomplete and unacceptable picture of cyber-risk.

What CISOs can learn about insider threats from Iran's human espionage tactics

Israel's arrest of four women recruited to spy for Iran reveals how an adversary might recruit an insider to act on its behalf.

BadUSB explained: How rogue USBs threaten your organization

The FBI has warned of an attack campaign that sends USB drives containing malicious software to employees. Here is what you need to know about BadUSB and mitigating its risks.

INTERPOL and Nigerian Police bust business email compromise ring, arrest 11

Operation Falcon II focused on malware skills and knowledge to track suspects thought to be members of the SilverTerrier BEC network that has harmed thousands of companies globally.

UK government proposes changes to NIS Regulations and cybersecurity qualifications

The UK government has announced two new consultation periods aimed at strengthening the nation’s cybersecurity posture with focus on bolstering cyber resilience and embedding new career pathways across the profession.

Supply chain vulnerability allows attackers to manipulate SAP transport system

The vulnerability permits malicious interference in the SAP change management and software deployment processes. SAP issues patch to protect file system from exploitation.

The Prometheus traffic direction system is a major player in malware distribution

Newly discovered Prometheus uses a network of compromised websites and servers to direct victims to malware or scams.

Microsoft's Pluton security processor tackles hardware, firmware vulnerabilities

Pluton-equipped Windows 11 computers are now available, but the decision to purchase them depends on your threat model.

Russia-linked cyberattacks on Ukraine: A timeline

Cyber incidents are playing a central role in the Russia-Ukraine conflict. Here's how events are unfolding along with unanswered questions.

Russian cyberattacks on Ukraine raise IT security concerns

The destructive attacks follow a U.S. government warning for a "heightened state of awareness" and to follow state-sponsored threat mitigation advice.

How chaos engineering can help DevSecOps teams find vulnerabilities

DevOps teams have used chaos engineering concepts to find software bugs for years. Tools are now available to help identify security flaws, too.

Three recent events prove the need for an insider risk playbook

Pfizer, Ubiquiti and Code42 all faced real or potential insider threats that could have been a lot worse if they did not have a plan to deal with them.