3 ways CISOs can win over their boards this budget season – CSO Online
As the year comes to a close, CISOs are already deep into building next year’s cybersecurity budget. That’s a difficult task in itself — yet the most challenging part of…
CSO Online
China‑linked PlushDaemon hijacks DNS via ‘EdgeStepper’ to weaponize software updates – CSO Online
PlushDaemon, a China-linked APT group, has been deploying a previously undocumented network implant dubbed EdgeStepper to hijack DNS traffic on compromised network devices. According to findings disclosed by ESET researchers,…
Selling to the CISO: An open letter to the cybersecurity industry – CSO Online
The cybersecurity market has lost its mind. It seems like every week a new vendor appears, investors throw money at half-baked ideas, and CISOs get buried in pitches for products…
Attack Surface Management – ein Kaufratgeber – CSO Online
Mit diesen Attack Surface Management Tools sorgen Sie im Idealfall dafür, dass sich Angreifer gar nicht erst verbeißen. Sergey Zaykov | shutterstock.com Regelmäßige Netzwerk-Scans reichen für eine gehärtete Angriffsfläche nicht…
Der große KI-Risiko-Guide – CSO Online
KI-Risiken zu bewerten und zu quantifizieren, ist in der GenAI-Ära unerlässlich. Lerbank-bbk22 | shutterstock.com Wie jede Technologie birgt auch künstliche Intelligenz (KI) nicht nur Vorteile. Insbesondere seit dem Aufkommen von…
Iranian APT hacks helped direct missile strikes in Israel and the Red Sea – CSO Online
Cyber-related activities of two Iran-linked threat actors played key roles in subsequent high-profile missile strikes, according to Amazon’s Threat Intel team, which sees the incidents as indicative of increased use…
WhatsApp flaw allowed discovery of the 3.5 billion mobile numbers registered to the platform – CSO Online
Researchers have uncovered a WhatsApp privacy flaw that allowed them to discover the 3.5 billion mobile numbers using the app globally, and possibly infer the identities of some of the…
The nexus of risk and intelligence: How vulnerability-informed hunting uncovers what everything else misses – CSO Online
For years, I watched organizations treat vulnerability data like a compliance chore. It was something to scan, sort and patch against deadlines. Yet buried in those reports is a treasure…
Hidden API in Comet AI browser raises security red flags for enterprises – CSO Online
SquareX has disclosed a previously undocumented API within the Comet AI browser that allows its embedded extensions to execute arbitrary commands and launch applications — capabilities mainstream browsers intentionally block.…
Datenpanne bei Eurofiber France – CSO Online
Der TK-Anbieter Eurofiber France ist von Datendiebstahl betroffen. PixelBiss – shutterstock.com Der TK-Konzern Eurofiber Group hat sich auf die digitale Infrastruktur von Unternehmen spezialisiert und betreibt ein Glasfasernetz in den…
Overcome the myriad challenges of password management to bolster data protection – CSO Online
Strengthening the protection of confidential and sensitive data is currently a priority for 40% of chief security officers. And both enterprises and small and mid-sized businesses have already made significant…
Behind the firewall: The hidden struggles of cyber professionals with a disability – CSO Online
Problem-solving is what cyber professionals do best, but one problem the industry has yet to solve is inclusion. Despite progress in diversity, research shows many professionals with disabilities or neurodivergent…
Anthropic AI-powered cyberattack causes a stir – CSO Online
AI company Anthropic recently announced that companies worldwide have been attacked by an AI-powered cyber espionage campaign. It is purported to be the first publicly documented case of a cyberattack…
More work for admins as Google patches latest zero-day Chrome vulnerability – CSO Online
For the third time in recent months, Google has found itself scrambling to fix a potentially serious zero-day flaw in the Chrome browser’s V8 JavaScript engine. Addressed on Monday as…
Energiesektor im Visier von Hackern – CSO Online
Energieversorger müssen ihre Systeme vor immer raffinierteren Cyberangriffen schützen. vectorfusionart – shutterstock.com Die Energieversorgung ist das Rückgrat moderner Gesellschaften. Stromnetze, Gaspipelines und digitale Steuerungssysteme bilden die Grundlage für Industrie, Transport…