6 hard-earned tips for leading through a cyberattack — from CSOs who’ve been...
An incident response plan is central to ensuring your organization is prepared for a cyberattack. But such documents, which detail steps that should be taken in the wake of various cyber scenarios,...
View ArticleInfostealer malware poses potent threat despite recent takedowns
Despite the takedown of Redline — the most prolific stealer of 2024 — and Meta Stealer in October 2024, the overall market and use of infostealers continue to rise, according to threat intel firm...
View ArticleAfter fake employees, fake enterprises are next hiring threat to corporate data
Chinese companies are trying to cut Taiwan’s lead in semiconductor technology by hiring away its best engineering talent through ‘front’ companies that hide their connections to China, the Taiwanese...
View ArticleLLMs are now available in snack size but digest with care
As large language models (LLMs) gain mainstream, they are pushing the edges on AI-driven applications, adding more power and complexity. Running these massive models, however, comes at a price. The...
View ArticleOracle warns customers of health data breach amid public denial
Oracle’s healthcare subsidiary, Oracle Health, has suffered a data breach, potentially exposing customers’ sensitive data, the company told some of its customers. While Oracle has so far declined to...
View ArticleAltgeräte bedrohen Sicherheit in Unternehmen
width="2500" height="1406" sizes="(max-width: 2500px) 100vw, 2500px">Schwachstellen in alten Netzwerkgeräten stellen ein erhebliches Sicherheitsrisiko für Unternehmen dar.SeventyFour –...
View ArticleDownload the Strategizing Data Analytics for AI Enterprise Spotlight
Download the April 2025 issue of the Enterprise Spotlight from the editors of CIO, Computerworld, CSO, InfoWorld, and Network World.
View ArticleHow CISOs can use identity to advance zero trust
AI is the best thing that’s ever happened to cybercriminals. It allows them to weaponize trust and launch identity-based attacks with staggering scale and sophistication. I’m talking about mutating...
View ArticleThe urgent reality of machine identity security in 2025
The importance of machine identity security has reached a critical juncture in 2025. With machine identities now far outnumbering human ones, securing these digital credentials has become a top...
View ArticleThe UK’s Cyber Security and Resilience Bill will boost standards – and...
If you’re a UK enterprise, this might not be good news: extra investment by infrastructure providers to meet the demands of the government’s forthcoming Cyber Security and Resilience Bill is likely to...
View ArticleGoogle adds end-to-end email encryption to Gmail
Google has introduced a new end-to-end encryption (E2EE) feature in Gmail, enabling organizations to send encrypted emails that even Google cannot read to other Gmail users. Later this year, the...
View ArticleDas gehört in Ihr Security-Toolset
Lesen Sie, welche Werkzeuge essenziell sind, um Unternehmen gegen Cybergefahren abzusichern.Gorodenkoff | shutterstock.com Sicherheitsentscheider sind mit einer sich kontinuierlich verändernden...
View Article10 best practices for vulnerability management according to CISOs
It was 2003, and I was giving my first cybersecurity presentation at an industry conference in Chicago. I talked about the onslaught of worms and viruses at the time (MSBlast, SQLSlammer, etc.), and...
View ArticleMicrosoft takes first step toward passwordless future
Microsoft is looking to permanently abandon password-based user authentication, replacing it with a system that uses access keys and identity confirmation methods based on biometrics. According to a...
View ArticleOracle Health warnt vor Datenleck
width="2432" height="1368" sizes="(max-width: 2432px) 100vw, 2432px">Hacker haben sich Zugriff auf Daten von Oracle Health verschafft.Pincasso – shutterstock.com Während Oracle den Datenverstoß,...
View ArticleMalicious actors increasingly put privileged identity access to work across...
Abuse of legitimate privileged access is on the rise, accounting for the majority of security breaches last year, with stolen user identities being leveraged by malicious actors across various parts...
View ArticleGoogle fixes GCP flaw that could expose sensitive container images
A critical privilege escalation vulnerability, ImageRunner, affecting Google Cloud was promptly fixed before it could allow attackers to access sensitive information from GCP deployments. The issue,...
View ArticleMicrosoft’s AI tool catches critical GRUB2, U-boot bootloader flaws
Microsoft’s Threat Intelligence team has leveraged its AI-driven Security Copilot tool to identify 20 critical vulnerabilities in widely used open-source bootloaders — GRUB2, U-Boot, and Barebox....
View ArticleHacker stiehlt Kundendaten von Samsung Deutschland
Samsung Deutschland ist von einem Datenleck betroffen.Samsung Deutschland Bei Samsung Deutschland hat es offenbar ein massives Datenleck gegeben. Etwa 270.000 Kundendatensätze von Samsung Electronics...
View ArticleThreat-informed defense for operational technology: Moving from information...
As the threat landscape continues to evolve, critical infrastructure sectors face a growing wave of sophisticated cyber threats. Traditional security strategies that focus solely on indicators of...
View Article