News

CSO Online4h
North Korea-backed Kimsuky targets unpatched BlueKeep systems in new campaign
The use of RDP vulnerability scanners suggests that BlueKeep is being used for gaining initial access to South Korean and ...
CSO Online8h
Security leaders shed light on their zero trust journeys
Most CISOs recognize the improved security posture zero trust will bring. But cultural and technological changes make for an ...
CSO Online9h
Generative AI is making pen-test vulnerability remediation much worse
Organizations already struggle to fix flaws discovered during penetration testing. Gen AI apps bring added complexity and the ...
CSO Online11h
Public exploits already available for a severity 10 Erlang SSH vulnerability; patch now
Impacted devices are pervasive in IoT and telecom, and attackers exploiting the vulnerability can easily gain full access, ...
CSO Online21h
Microsoft SFI update: Five of 28 security objectives nearly complete
Executive “supersatisified” with work so far on project to overhaul company security culture and application design.
CSO Online23h
Addressing the gaps in modern cloud protection: Using CNAPP to unify cloud security
The core elements of cloud-native application protection platforms work together to provide a holistic approach to securing ...
CSO Online1d
ASUS patches critical router flaw that allows remote attacks
Users who cannot apply patches immediately must strengthen router and WiFi authentication to protect against attackers ...
CSO Online1d
Two ways AI hype is worsening the cybersecurity skills crisis
Expected to ease security teams’ workloads, AI is adding pressure, forcing them to govern and adopt it while managing ...
CSO Online1d
AI in incident response: from smoke alarms to predictive intelligence
AI is transforming incident response from a reactive scramble to a proactive force, sniffing out threats, decoding chaos, and ...
CSO Online8d
AI hallucinations lead to a new cyber threat: Slopsquatting
Attackers can weaponize and distribute a large number of packages recommended by AI models that don’t really exist.
CSO Online5d
CVE program averts swift end after CISA executes 11-month contract extension
After DHS did not renew its funding contract for reasons unspecified, MITRE’s 25-year-old Common Vulnerabilities and ...
CSO Online5d
Russia-linked APT29 targets European diplomats with new malware
Cyberespionage group known as APT29 and linked to Russia’s foreign intelligence service (SVR), has added a new malware loader ...