MCP is fueling agentic AI — and introducing new security risks – CSO Online
Model Context Protocol (MCP) was created in late 2024 by OpenAI’s top competitor Anthropic. It was so good as a means for providing a standardized way to connect AI models…
CSO Online
Warning to ServiceNow admins: Fix your access control lists now – CSO Online
A vulnerability in the way ServiceNow manages user access control lists can easily allow a threat actor to steal sensitive data, says a security vendor, who urges admins to review…
US Treasury Department sanctions individuals and entities over illegal IT worker scheme – CSO Online
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) Tuesday imposed sanctions on two individuals and four companies involved in schemes to provide US companies with illegal…
Exploit details released for Citrix Bleed 2 flaw affecting NetScaler – CSO Online
Security researchers have released a technical analysis and proof-of-concept exploit code for a critical vulnerability fixed last month in Citrix NetScaler appliances that is suspected to have been exploited in…
Heim & Haus: Cyberangriff auf großen Hersteller von Bauelementen – CSO Online
Der Produzent für Bauelemente Heim & Haus ist Opfer einer Cyberattacke. www.heimhaus.de Heim & Haus zählt zu den größten deutschen Produzenten für Bauelemente wie Fenster, Dächer, Markisen und Rollläden. Das…
Verified, featured, and malicious: RedDirection campaign reveals browser marketplace failures – CSO Online
A widespread browser hijacking campaign has infected over 2.3 million users through 18 malicious extensions available on Google Chrome and Microsoft Edge. Dubbed “RedDirection” by researchers at Koi Security, the…
Trend Micro flags BERT: A rapidly growing ransomware threat – CSO Online
A new threat actor, BERT, has emerged as a fast-moving ransomware group that has rapidly expanded its activity across Asia, Europe, and the US. Discovered in April, BERT is targeting…
IBM Power11 challenges x86 and GPU giants with security-first server strategy – CSO Online
With the launch of Power11 servers, IBM is shifting the discussion from raw performance numbers to security and reliability, highlighting its claim of zero planned downtime and quick ransomware detection.…
Trump seeks unprecedented $1.23 billion cut to federal cyber budget – CSO Online
Donald Trump’s sprawling tax bill, which he signed on July 4, contained a few noteworthy cyber funding items, including $250 million for US Cyber Command to spend on “artificial intelligence…
How CISOs are training the next generation of cyber leaders – CSO Online
It’s easy for cybersecurity leaders to get caught up on the day-to-day of making sure teams are delivering and risks are being managed that the opportunity to prepare those same…
Was ist ein Botnet? – CSO Online
Ein Botnetz besteht aus vielen “Zombie”-Rechnern und lässt sich beispielsweise einsetzen, um DDoS-Attacken zu fahren. Das sollten Sie zum Thema wissen. FOTOKINA | shutterstock.com Kriminelle Hacker suchen stets nach Möglichkeiten,…
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity – CSO Online
Microsoft’s July Patch Tuesday fixes are a mix of good news and bad news for CSOs: Fourteen of the vulnerabilities are rated as critical, but on the other hand, there…
ClickFix-Attacken bedrohen Unternehmenssicherheit – CSO Online
Cyberkriminelle greifen immer häufiger auf ClickFix-Angriffe zurück. NAJA x -shutterstock.com Weniger bekannt als Phishing ist die Social-Engineering-Methode ClickFix. Ziel solcher Attacken ist es, die Opfer dazu zu bewegen, bösartige Befehle…
How a 12-year-old bug in Sudo is still haunting Linux users – CSO Online
Two new vulnerabilities have been found in Sudo, a privileged command-line tool installed on Linux systems, that can allow privilege escalation and unintended command execution on affected Ubuntu and Debian…
The trust crisis in the cloud…and why blockchain deserves a seat at the table – CSO Online
As a cybersecurity consultant guiding organizations across the globe through digital transformation, I’ve observed one recurring pattern: We place immense trust in cloud services without fully questioning the fragility of…