The CISO succession crisis: why companies have no plan and how to change that – CSO Online
CISO turnover is showing signs of stability, dropping from 21% in 2022 to 12% in 2023 and to an annualized 11% in the first half of 2024, according to IANS…
CSO Online
7 Anzeichen für akuten MSSP-Bedarf – CSO Online
Managed Security Service Provider können das Sicherheitsniveau nachhaltig steigern. Godlikeart | shutterstock.com Ein Managed Security Service Provider (MSSP) bietet seinen Kunden ein umfassendes Spektrum an Sicherheits-Services. Als Drittanbieter kann ein…
Attackers exploiting NetScaler ADC and Gateway zero day flaw, Citrix warns – CSO Online
Citrix NetScaler ADC and NetScaler Gateway customers have been hit by a new round of zero day vulnerabilities that require urgent patching, including one the company warned is being actively…
Anthropic detects the inevitable: genAI-only attacks, no humans involved – CSO Online
When Anthropic published a report Wednesday detailing genAI attacks that entirely bypassed humans, as opposed to human attackers using AI tools as aids, it was the realization of what many…
Whistleblower: DOGE put Social Security database covering 300 million Americans on insecure cloud – CSO Online
The Elon Musk–founded Department of Government Efficiency (DOGE) uploaded to an insecure Amazon Web Services server a copy of Americans’ Social Security data, risking the security of critical personal information…
Storm-0501 debuts a brutal hybrid ransomware attack chain – CSO Online
Microsoft Threat Intelligence today released a report on the financially motivated group Storm-0501, warning that the threat actor has sharpened its ransomware tactics by exploiting hijacked privileged accounts to move…
Fachkräftemangel bedroht Cybersicherheit – CSO Online
Um die Cybersicherheit in Unternehmen zu stärken, fehlt es derzeit nach wie vor an Fachkräften. Dmitry Kovalchuk – shutterstock.com Ein aktueller Bericht von Accenture besagt, dass lediglich jedes dritte Unternehmen…
Only 49% of companies to increase cyber budget after a breach – CSO Online
The long held conventional wisdom that organizations commit to increased cybersecurity investments only after a breach has taken a hit. IBM’s latest annual Cost of a Data Breach study reports…
5 ways to improve cybersecurity function while spending less – CSO Online
As a veteran CISO for state and local agencies, Orange County CISO Andrew Alipanah knows how to optimize security functions within impossibly tight budgets. In the past, while at the…
Kubernetes Security: Wie Sie Ihre Cluster (besser) absichern – CSO Online
Anatoliy Eremin | shutterstock.com Kubernetes hat sich unter Enterprise-Softwareentwicklern zu einem durchschlagenden Erfolg entwickelt. Das veranlasst kriminelle Hacker zunehmend dazu, entsprechende Installationen mit speziell entwickelten Exploits anzugreifen. Dabei werden die…
LLMs easily exploited using run-on sentences, bad grammar, image scaling – CSO Online
A series of vulnerabilities recently revealed by several research labs indicate that, despite rigorous training, high benchmark scoring, and claims that artificial general intelligence (AGI) is right around the corner,…
Attackers steal data from Salesforce instances via compromised AI live chat tool – CSO Online
A threat actor managed to obtain Salesforce OAuth tokens from a third-party integration called Salesloft Drift and used the tokens to download large volumes of data from impacted Salesforce instances.…
Critical Docker Desktop flaw allows container escape – CSO Online
Users of Docker Desktop on Windows and Mac are urged to upgrade to the latest version to patch a critical vulnerability that could allow an attacker to break the container…
Big-Tech-Zulieferer meldet Ransomware-Attacke – CSO Online
Der Anbieter für Programmiersysteme Data I/O wurde kürzlich von einem Cyberangriff getroffen. Dabei wurden möglicherweise Daten gestohlen. janews – shutterstock.com Data I/O bietet Programmierlösungen für Flash-Speicher und Mikrocontroller an. Zu…
Rache am Arbeitgeber bringt Entwickler vier Jahre in den Knast – CSO Online
Welche Konsequenzen es haben kann, wenn technisch versierte IT-Fachkräfte zum Innentäter werden, hat die Eaton Corporation am eigenen Leib erfahren. JHVEPhoto | shutterstock.com Wenn unzufriedene Mitarbeitende sich digital an ihrem…