newsNew Trojan ZenRAT masquerades as Bitwarden password managerA report by Proofpoint identifies the new Trojan as undocumented and possessing information-stealing capabilities.By Lucian ConstantinSep 28, 20234 minsCyberattacksHackingData and Information Security news Gitlab fixes bug that exploited internal policies to trigger hostile pipelinesBy Shweta SharmaSep 21, 20233 minsVulnerabilitiesfeature Key findings from the CISA 2022 Top Routinely Exploited Vulnerabilities reportBy Chris HughesSep 21, 20238 minsZero TrustThreat and Vulnerability ManagementSecurity Practices newsMicrosoft reveals memory corruption bugs in ‘ncurses’ libraryBy Shweta Sharma Sep 18, 20233 minsVulnerabilities news analysisAutomotive supply chain vulnerable to attack as cybersecurity regulation loomsBy Michael Hill Sep 14, 20235 minsRegulationAutomotive IndustrySupply Chain news analysisNew Kubernetes vulnerability allows privilege escalation in WindowsBy Lucian Constantin Sep 13, 20234 minsDevSecOpsApplication SecurityVulnerabilities news analysisSevere Azure HDInsight flaws highlight dangers of cross-site scripting By Lucian Constantin Sep 13, 20235 minsInternet SecurityVulnerabilities featureEmerging cyber threats in 2023 from AI to quantum to data poisoningBy Mary K. Pratt Sep 07, 202310 minsAdvanced Persistent ThreatsHackingThreat and Vulnerability Management newsNew research reveals most-attacked, most-vulnerable assetsBy Michael Hill Sep 05, 20234 minsCritical InfrastructureNetwork SecurityVulnerabilities Articlesnews analysisMicrosoft demonstrates remote code execution exploit against PLCs that support CODESYS CODESYS patched the latest versions of the protocol, industrial equipment manufacturers might not have deployed them yet.By Lucian Constantin Aug 11, 2023 6 minsCritical InfrastructureVulnerabilitiesnewsWhirlpool malware rips open old Barracuda woundsCISA has found yet another backdoor malware variant in compromised Barracuda systems with zero-day ESG vulnerability. By Shweta Sharma Aug 11, 2023 3 minsMalwareVulnerabilitiesnews analysisIBM launches open-source detection and response framework for MFT attacksThe goal is to help defenders more quickly detect attacks enabled by managed file transfer application vulnerabilities and provide an incident response playbook.By Lucian Constantin Aug 09, 2023 5 minsCyberattacksNetwork SecurityVulnerabilitiesfeatureWill CVSS 4.0 be a vulnerability-scoring breakthrough or is it broken?The soon-to-be-released scoring system update has promise, but challenges remain for it to deliver exactly what CISOs need to get ahead of the latest vulnerabilities.By Chris Hughes Aug 07, 2023 8 minsThreat and Vulnerability ManagementROI and MetricsVulnerabilitiesnews analysisNew peer-to-peer worm infects Redis instances through Lua vulnerabilityThe worm, dubbed P2PInfect, works across platforms and is resistant to takedowns. It might be the first stage of a larger attack.By Lucian Constantin Jul 31, 2023 6 minsCyberattacksMalwareVulnerabilitiesnews analysisNew vulnerabilities mean it's time to review server BMC interfacesTwo recently discovered vulnerabilities in widely used baseboard management controllers could give remote and local threat actors full control over servers. By Lucian Constantin Jul 28, 2023 6 minsNetwork SecurityVulnerabilitiesnewsEPSS vulnerability scores can help focus on key patches, study saysThe ML-based Exploit Prediction Scoring System overcomes limitations of legacy vulnerability scoring systems, helping security teams identify systems at greatest risk of attack.By Shweta Sharma Jul 27, 2023 4 minsThreat and Vulnerability ManagementVulnerabilitiesnewsGovernments scramble to patch Ivanti Endpoint Manager Mobile security flawThe former MobileIron Core MDM system has a severe security flaw that could allow remote access, and all users are urged to patch their systems as soon as possible.By Jon Gold Jul 25, 2023 3 minsCyberattacksMobile SecurityNetwork Securitynews analysisThreat actors actively exploiting critical flaw in NetScaler ADC devicesNew research shows that more than half the NetScaler ADC devices remain unpatched.By Lucian Constantin Jul 24, 2023 5 minsCyberattacksZero-day vulnerabilityNetwork SecuritynewsVast majority of organizations are no longer vulnerable to MOVEitOrganizations are remediating MOVEit vulnerabilities 21 times faster compared to other vulnerabilities, according to research by Bitsight. By Apurva Venkat Jul 24, 2023 4 minsApplication SecurityVulnerabilitiesfeatureWhy API attacks are increasing and how to avoid themGrowing use of APIs give attackers more ways to break authentication controls, exfiltrate data, or perform disruptive acts.By Maria Korolov Jul 24, 2023 20 minsApplication SecurityData and Information SecurityVulnerabilitiesnews analysisAttackers can abuse Google Cloud Build to poison production environmentsPermissions for predefined Google Cloud Build user roles can be abused for privilege escalation.By Lucian Constantin Jul 18, 2023 7 minsCloud SecurityVulnerabilities Show more Show less View all Resources whitepaper 2023 Gartner(R) Peer Insights(TM) "Voice of the Customer": Data Masking OpenText was recognized as Customers' Choice, based on Voltage SecureData's customer ratings and User Interest and Adoption in the Data Masking market. The post 2023 Gartner(R) Peer Insights(TM) "Voice of the Customer": Data Masking appeared first on Whitepaper Repository. By OpenText 29 Sep 2023Business OperationsData IntegrationData Management whitepaper 2023 Gartner(R) Peer Insights(TM) "Voice of the Customer": Data Masking By OpenText 29 Sep 2023Big DataBusiness OperationsData and Information Security whitepaper The Forrester Wave(TM): Data Security Platforms, Q1 2023 Voltage is a Leader! By OpenText 29 Sep 2023Big DataBusiness OperationsData and Information Security View all Video on demand videoPrinters: The overlooked security threat in your enterprise | TECHtalkPrinters, often a forgotten target in the enterprise, are vulnerable to all the usual cyberattacks. Watch as IDG TECH(talk) hosts Ken Mingis and Juliet Beauchamp and CSO Online's J.M. Porup discuss the threats to these devices, plus how to secure them and protect your network. Nov 07, 2019 20 minsHackingPrintersVulnerabilities Don't ignore application security | Salted Hash Ep 35 Jul 23, 2018 18 minsApplication SecurityVulnerabilitiesSecurity The Dyn cyberattack, one year later | Salted Hash Ep 11 Dec 11, 2017 22 minsCybercrimeInternet of ThingsVulnerabilities See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Generative AI Show me morePopularArticlesPodcastsVideos news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity By Michael Hill Sep 29, 20234 mins Education IndustryEducation IndustryEducation Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches By Michael Hill Sep 29, 20233 mins GovernmentCybercrimeData and Information Security feature Cybersecurity startups to watch for in 2023 By CSO Staff Sep 29, 202319 mins CSO and CISOSecurity podcast CSO Executive Sessions Australia with Nicole Neil, Director of Information Security at Seer Medical Sep 20, 202312 mins CSO and CISO podcast CSO Executive Sessions Australia with Siddiqua Shaheen, Head of Cyber Governance at Lander & Rogers Sep 07, 202317 mins CSO and CISO podcast CSO Executive Sessions / ASEAN: IHH Healthcare's Francis Yeow on defining the CISO role Sep 06, 202310 mins CSO and CISO video CSO Executive Sessions Australia with Nicole Neil, Director of Information Security at Seer Medical Sep 20, 202312 mins CSO and CISO video What is zero trust security? Sep 06, 20233 mins AuthenticationZero TrustNetwork Security video CSO Executive Sessions / ASEAN: IHH Healthcare's Francis Yeow on defining the CISO role Sep 06, 202310 mins CSO and CISO