CSO Online

AI-enabled ransomware attacks: CISO’s top security concern — with good reason

New surveys from CSO and CrowdStrike reveal growing fears that generative AI is accelerating ransomware attacks while ...
CSO Online

CISOs’ security priorities reveal an augmented cyber agenda

Tasked with increasing responsibilities and oversight, CISOs are seeking ways to expand cyber capabilities with AI, while ...
CSO Online

Security patch or self-inflicted DDoS? Microsoft update knocks out key enterprise functions

The transition from CSP to KSP has triggered failures in smart card authentication, IIS connectivity, and recovery mode ...
CSO Online

Google kills its cookie killer

Google launched the Privacy Sandbox initiative in August 2019 as a way for advertisers to gain information on users without ...
CSO Online

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain ...
CSO Online

Network security devices endanger orgs with ’90s era flaws

Built to defend enterprise networks, network edge security devices are becoming liabilities, with an alarming rise in ...
CSO Online

Threat actors are spreading malicious extensions via VS marketplaces

There isn’t a consistent threat model for extension marketplaces yet, McCarthy said, making it difficult for any platform to ...
CSO Online

Foreign hackers breached a US nuclear weapons plant via SharePoint flaws

A foreign actor infiltrated the National Nuclear Security Administration’s Kansas City National Security Campus through ...
CSO Online

US NSA alleged to have launched a cyber attack on a Chinese agency

WeChat posting says attack was on agency that sets time for critical infrastructure providers; there’s no public evidence of ...
CSO Online

Source code and vulnerability info stolen from F5 Networks

IT and security leaders should install latest patches from the application delivery and security vendor after suspected ...
CSO Online

Critical ASP.NET core vulnerability earns Microsoft’s highest-ever severity score

The Kestrel web server flaw allows request smuggling attacks, but the actual risk depends on the application code and ...
CSO Online

‘Zero Disco’ campaign hits legacy Cisco switches with fileless rootkit payloads

Researchers warn of fileless payloads, memory hooks, and a UDP-based C2 controller that complicate detection and remediation.