- feeds
- popular
- recent
- reader
- about
- story
- technologies
- what is rss
- connect
- dmca
- contact
- Feed Preview Want to know how the bad guys attack AI systems? MITRE’S ATLAS can show you | CSO Online
Want to know how the bad guys attack AI systems? MITRE’S ATLAS can show you
It’s one thing to understand that artificial intelligence introduces new and rapidly evolving threats, but it’s quite another — incredibly daunting — task to stay on top of what those thr...
What is pretexting? Definition, examples, and attacks
PRETEXTING DEFINITION Pretextingis form of social engineering in which an attacker fabricates a story to convince a victim to give up valuable information or access to a service or system. Th...
https://www.csoonline.com/article/569453/what-is-pretexting-definition-examples-and-prevention.html
Reveal of Chinese-controlled botnet is another warning to CISOs to keep up with asset and patch management
A Chinese-controlled botnet of tens of thousands of unpatched internet-connected firewalls, network attached storage devices, internet-connected surveillance cameras, and small office/home office...
Need better network performance? Adopt better secure networking strategies
Many organizations consider digital acceleration a key initiative because those in the C-Suite and IT leadership understand that to be competitive they must have a high-performance network. Howev...
Microsoft warns of ransomware attacks on US healthcare
Ransomware group Vanilla Tempest is targeting US healthcare providers using the INC ransomware service, according to Microsoft. “Microsoft observed the financially motivated threat actor trac...
Companies skip security hardening in rush to adopt AI
Security analysis of assets hosted on major cloud providers’ infrastructure shows that many companies are opening security holes in a rush to build and deploy AI applications. Common findings i...
https://www.csoonline.com/article/3529615/companies-skip-security-hardening-in-rush-to-adopt-ai.html
Deepfakes break through as business threat
Deepfakes targeting enterprise financial data used to be a hypothetical concern, but that’s no longer the case, as criminal deepfakers now target more than a quarter of all companies, according...
https://www.csoonline.com/article/3529639/deepfakes-break-through-as-business-threat.html
Do boards understand their new role in cybersecurity?
Julie Ragland was CIO of vehicle manufacturing company Navistar, and has held IT leadership roles at Adient and Johnson Controls. To Ragland, who also sits on several state agency and non-profit ...
https://www.cio.com/article/3523667/do-boards-understand-their-new-role-in-cybersecurity.html
How cybersecurity red teams can boost backup protections
Cybersecurity red teams are known for taking a more adversarial approach to security by pretending to be an enemy that’s attacking an organization’s IT systems. Let’s look at the tactics, s...
SpyCloud Unveils Massive Scale of Identity Exposure Due to ...tealers, Highlighting Need for Advanced Cybersecurity Measures
Research indicates that an infostealer malware infection is often a precursor to a ransomware attack SpyCloud , the leader in Cybercrime Analytics, today announced new cybersecurity research h...
Australian cops bust underworld app through compromised software updates
Australia’s Federal Police (AFB) said it hacked into a dedicated encrypted communication platform, Ghost, to dismantle global criminal operations. The action was carried out as part of “Ope...
Personhood: Cybersecurity’s next great authentication battle as AI improves
CISOs may be intimately familiar with the dozens of forms of authentication for privileged areas of their environments, but a very different problem is arising in areas where authentication has t...
Cybersecurity vet Madison Horn makes her bid for US Congress
It’s safe to say that Madison Horn is the only candidate for US Congress in history who has ever injected Taylor Swift lyrics into a teleprompter during a pen test. A few years ago, while wor...
Microsoft fixes Authenticator design flaw after eight years overwriting accounts
Having ignored user complaints about a security design flaw within Microsoft Authenticator for eight years, Microsoft confirmed in an email to CSO on Tuesday that it has finally corrected the iss...
Warning to ServiceNow admins: Block publicly available KB articles
Many organizations using ServiceNow are inadvertently exposing sensitive personal and corporate data through misconfigured Knowledge Base (KB) articles created by employees, says a security prov...
Navigating the future of OT security
Operational technology (OT) infrastructure is facing an unprecedented wave of cyberattacks, with a reported 73% surge in incidents, according to the Fortinet 2024 State of Operational Technology ...
https://www.csoonline.com/article/3526285/navigating-the-future-of-ot-security.html
Microsoft re-categorizes fixed Trident bug as zero day
A recently patched Windows MSHTML (Trident) Platform Spoofing Vulnerability had zero day exploitations since before July 2024, in conjunction with another MSHTML spoofing bug, according to Micro...
European digital identity: this is how the EU’s big bet is evolving
Imagine you’ve just arrived at your vacation destination. You have to pick up the rental car at the office and from there head to the hotel to check in. Maybe you go to the pharmacy first, beca...
Ransomware whistleblower: Columbus could have avoided its mistakes
A ransomware attack on Columbus, Ohio, has drawn international attention and condemnation for how city leaders mismanaged their response to the incident. First, the mayor’s office erroneously...
Will potential security gaps derail Microsoft’s Copilot?
Microsoft has bet big on Copilot , the generative AI (genAI) assistant it’s integrating into nearly its entire product line, notably Microsoft 365 . The company believes businesses of all sizes...