News

CSO Online6h
The most dangerous time for enterprise security? One month after an acquisition
The awkward period after an acquisition closes and before the acquired firm is fully integrated into the acquiring enterprise ...
CSO Online9h
CVE program faces swift end after DHS fails to renew contract, leaving security flaw tracking in limbo
MITRE’s 25-year-old Common Vulnerabilities and Exposures (CVE) program will end April 16 after DHS did not renew its funding ...
CSO Online9h
New ResolverRAT malware targets healthcare and pharma orgs worldwide
Distributed via phishing emails, the DLL side-loaded malware’s payload is executed only in memory and uses sophisticated ...
CSO Online20h
Incomplete patching leaves Nvidia, Docker exposed to DOS attacks
An optional feature issued with the fix can cause a bug rollback, making a secondary DOS issue possible on top of root-level ...
CSO Online19h
China alleges US cyber espionage during the Asian Winter Games, names 3 NSA agents
Chinese authorities claim US intelligence targeted Microsoft Windows systems and critical infrastructure in a coordinated ...
CSO Online1d
Agentic AI is both boon and bane for security pros
AI agents are predicted to reduce time to exploit by half in two years, here is what you need to know to figure out if your ...
CSO Online1d
What boards want and don’t want to hear from cybersecurity leaders
To get through to board members, cybersecurity leaders need to not only learn the language of business but how to translate ...
CSO Online1d
AI hallucinations lead to a new cyber threat: Slopsquatting
Attackers can weaponize and distribute a large number of packages recommended by AI models that don’t really exist.
CSO Online5d
You’re always a target, so it pays to review your cybersecurity insurance
Not only does an annual insurance review ensure compliance with policy requirements, it can kick off a more thorough review ...
CSO Online4d
Russian Shuckworm APT is back with updated GammaSteel malware
The attack targeted the military mission of a Western country in Ukraine, with the goal of deploying a PowerShell-based ...
CSO Online5d
Oracle admits breach of ‘obsolete servers,’ denies main cloud platform affected
The fact that a breach of some kind had occurred was first made public in March, when a hacker using the moniker ‘rose87168’ ...
CSO Online4d
OpenAI slammed for putting speed over safety
OpenAI’s approach to safety testing for its GPT models has varied over time. For GPT-4, the company dedicated over six months ...