CSOonline5h
The Assumed Breach conundrum
Assumed Breach is the third but often overlooked principle of zero trust. When we talk about adopting a “not if, but when” ...
CSOonline14h
Russian state-sponsored hacker used GooseEgg malware to steal Windows credentials
A now-patched Windows Print Spooler flaw was used by Forest Blizzard to drop the privilege-elevating malware for credential ...
CSOonline19h
Microsoft’s mea culpa moment: how it should face up to the CSRB’s critical report
What should happen in the wake of the CSRB’s Microsoft report? This former security industry analyst has some suggestions.
CSOonline1d
Authentication failure blamed for Change Healthcare ransomware attack
Absence of adequate remote access authentication has emerged as the probable cause of the infamous Change Healthcare ...
CSOonline2d
More attacks target recently patched critical flaw in Palo Alto Networks firewalls
The vulnerability found in GlobalProtect could be exploited to gain access to corporate networks and has seen a rise in ...
CSOonline1d
DevSecOps: Still a challenge but more achievable than ever
It is vitally important to get DevSecOps right. Security cannot be an afterthought in a world where a lack of it can allow a ...
CSOonline2d
Mitre Corporation targeted by nation-state threat actors
According to the non-profit, the breach occurred in January 2024 when the nation-state threat actor conducted a ...
CSOonline2d
How application security can create velocity at enterprise scale
Modern software has completely transformed the way organizations operate and compete in the market. With the increasing ...
CSOonline6d
Where in the world is your AI? Identify and secure AI across a hybrid environment
As AI becomes integral to systems brought into the enterprise ecosystem it is increasingly critical for security teams to ...
CSOonline4d
Improved incident response planning is a business necessity
Today’s dynamic threat landscape and complex digital environments necessitate a modern, proactive approach to incident ...
CSOonline5d
Ransomware feared in Octapharma Plasma’s US-wide shutdown
US-based human plasma collector, tester, and supplier Octapharma Plasma may have been experiencing a ransomware attack ...
CSOonline6d
AWS and Google Cloud command-line tools can expose secrets in CI/CD logs
Security researchers warn that certain commands executed in the AWS and Google Cloud command-line interfaces (CLIs) will ...