csoonline.comCSO Online | Security at the speed of business

Topics Events Newsletters Resources Community AboutAdvertise Contact Us Foundry Careers Reprints Newsletters Policies Terms of Service Privacy Policy Cookie Policy Member Preferences About AdChoices E-commerce Links Your California Privacy Rights Our Network CIO Computerworld InfoWorld Network World More Awards Blogs BrandPosts Events Podcasts Videos Enterprise Buyer’s Guides Close Artificial Intelligence Generative AI Business Operations Careers Industry IT Leadership Compliance Security Application Security Business Continuity Cloud Security Critical Infrastructure Cybercrime Identity and Access Management Network Security Physical Security Privacy Risk Management Security Infrastructure Vulnerabilities Software Development Enterprise Buyer’s Guides Back Close Americas United States Asia ASEAN India Europe United Kingdom Oceania Australia Back Close Popular Topics Search US-EN Topics Events Newsletters Resources Community About Policies Our Network More Back Topics Artificial Intelligence Generative AI Business Operations Careers Industry IT Leadership Compliance Security Application Security Business Continuity Cloud Security Critical Infrastructure Cybercrime Identity and Access Management Network Security Physical Security Privacy Risk Management Security Infrastructure Vulnerabilities Software Development Enterprise Buyer’s Guides Back AboutAdvertise Contact Us Foundry Careers Reprints Newsletters Back Policies Terms of Service Privacy Policy Cookie Policy Member Preferences About AdChoices E-commerce Links Your California Privacy Rights Back Our Network CIO Computerworld InfoWorld Network World Back More Awards Blogs BrandPosts Events Podcasts Videos Enterprise Buyer’s Guides feature Ridding your network of NTLM The path to eradicating this ancient protocol and security sinkhole won’t be easy, but the time has come for its complete eradication. By David Strom May 13, 2024 8 mins Authentication Windows Security Network Security feature Some strategies for CISOs freaked out by the specter of federal indictments By Cynthia Brumfield May 10, 2024 7 mins CSO and CISO Legal Security Practices news Zscaler shuts down exposed system after rumors of a cyberattack By Shweta Sharma May 09, 2024 3 mins Data Breach Cyberattacks news IntelBroker steals classified data from the Europol website By Shweta Sharma May 13, 2024 3 mins Data Breach Hacker Groups news CISA inks 68 tech vendors to secure-by-design pledge — but will it matter? By Jon Gold May 10, 2024 4 mins Regulation Technology Industry Security Practices news Google Chrome gets a patch for actively exploited zero-day vulnerability By Lucian Constantin May 10, 2024 3 mins Threat and Vulnerability Management Zero-day vulnerability Vulnerabilities news Dell data breach exposes data of 49 million customers By Shweta Sharma May 10, 2024 3 mins Data Breach Hacking interview Strong CIO-CISO relations fuel success at Ally By Dan Roberts May 09, 2024 9 mins CIO CSO and CISO IT Leadership news Palo Alto launches AI-powered solutions to fight AI-generated cyberthreats By Prasanth Aby Thomas May 09, 2024 3 mins Generative AI Security Software More security news news F5 patches BIG-IP Next Central Manager flaws that could lead to device takeover Two high-risk vulnerabilities could allow attackers to gain full administrative control on devices via leaked password hashes. By Lucian Constantin May 08, 2024 5 mins Threat and Vulnerability Management Cloud Security Vulnerabilities news Suspected Chinese hack of Britain’s Ministry of Defence linked to contractor, minister confirms The UK’s defence minister would not confirm that the attack was conducted by an element of the Chinese state, rather blaming the potential failings” of a partner. By John Dunn May 08, 2024 4 mins Aerospace and Defense Industry Data Breach Government news analysis Massive security hole in VPNs shows their shortcomings as a defensive measure Researchers found a deep, unpatchable flaw in virtual private networks dubbed Tunnelvision can allow attackers to siphon off data without any indication that they are there. By Evan Schuman May 08, 2024 8 mins Threat and Vulnerability Management Data and Information Security Network Security news DocGo says hackers stole patient data in a recent cyberattack The attack compromised some healthcare data with no material or financial losses, the company said. By Shweta Sharma May 08, 2024 3 mins Data Breach Hacking news Google, Meta, Spotify accused of flouting Apple’s device fingerprinting rules Security researchers allege that several apps are collecting data from iOS devices, violating Apple’s policy on device fingerprinting. By Gyana Swain May 08, 2024 7 mins Mobile Security Application Security news analysis Kinsing crypto mining campaign targets 75 cloud-native applications Five years after being discovered, the Kinsing cryptojacking operation remains very active against organizations, employing daily probes for vulnerable applications using an ever-growing list of exploits. By Lucian Constantin May 08, 2024 6 mins Cryptocurrency Malware Application Security news Administrator of ransomware operation LockBit named, charged, has assets frozen A Russian national alleged to have been the administrator of the notorious and prolific LockBit ransomware provider faces international charges. A $10-million reward for the suspect’s arrest has been offered. By Lucian Constantin May 07, 2024 3 mins Advanced Persistent Threats Hacker Groups Ransomware news US doing all it can to manage global cybersecurity threats, secretary of state tells RSAC The US government is moving to address the challenges of quantum computing, cloud strategies, and generative AI, Anthony Blinken said in a speech that was light on specifics. By Evan Schuman May 07, 2024 4 mins Cyberattacks Government Threat and Vulnerability Management news Change Healthcare went without cyber insurance before debilitating ransomware attack In doing so, Change exposed itself not just to greater financial risk, but reputational damage too. By John Leyden May 07, 2024 5 mins Data Breach Ransomware news Citrix quietly fixes a new critical vulnerability similar to Citrix Bleed Much similar to Citrix-Bleed, the information disclosure bug was identified within NetScaler devices configured as gateway or virtual servers. By Shweta Sharma May 07, 2024 3 mins Vulnerabilities news Most interesting products to see at RSAC 2024 Tools, platforms, and services that the CSO team recommends 2024 RSA Conference attendees check out. By CSO Staff May 07, 2024 12 mins RSA Conference Security news Google launches Google Threat Intelligence at RSA Conference The new addition to Google Cloud Security is designed to inform security teams on approaches to protecting against external threats, managing attack surfaces, and mitigating digital risks. By Sascha Brodsky May 06, 2024 4 mins RSA Conference Cloud Security Security Software Show more Show less Explore a topic Generative AI Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security View all topics All topics Close Generative AI Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Popular topics Generative AI news Securiti adds distributed LLM firewalls to secure genAI applications By Shweta Sharma Apr 30, 2024 4 mins Generative AI news Top cybersecurity product news of the week By CSO staff Apr 26, 2024 81 mins Generative AI Security feature Keeping up with AI: OWASP LLM AI Cybersecurity and Governance Checklist By Chris Hughes Mar 14, 2024 10 mins Generative AI Security Practices Open Source View topic...