The growing dichotomy of AI-powered code in cloud-native security
AI-generated code promises to reshape cloud-native application development practices, offering unparalleled efficiency gains and fostering innovation at unprecedented levels. However, amidst the...
View ArticleLive Nation SEC filing confirms “unauthorized activity” in wake of alleged...
Following a cybercrime group’s claims that it stole data from 560 million Ticketmaster customers, the ticket sales and distribution firm’s parent company told the US Securities and Exchange Commission...
View ArticleUS Senate finance chair slams Change Healthcare for ‘negligence’ in...
A US Senate committee chair is urging the administration of President Joe Biden to hold UnitedHealth Group (UHG) accountable for negligent cybersecurity practices in a ransomware attack against...
View ArticleCISM certification: Requirements, training, exam, and cost
What is CISM? Certified Information Security Manager (CISM) is an advanced certification for IT and cybersecurity professionals that demonstrates they ability to develop and manage an infosec program...
View ArticleBreach and attack simulation tools: Top vendors, key features, how to choose
Breach and attack simulation (BAS) products help organizations understand their security posture by automating the tests of specific threat vectors. BAS typically uses MITRE ATT&CK and Cyber...
View ArticleAtlassian’s Confluence hit with critical remote code execution bugs
Atlassian Confluence Data Center and Server has been hit with a critical remote code execution bug, allowing authenticated threat actors to exploit account privileges and execute arbitrary codes. The...
View ArticleMajor service tag security problems reported in Microsoft Azure
Tenable Research has reported a vulnerability in Microsoft Azure service tags that “allows an attacker to bypass firewall rules … by forging requests from trusted services.” “The vulnerability was...
View ArticleNIST is finally getting help with the National Vulnerability Database backlog
Maryland-based security firm Analygence has landed the job of helping the National Institute of Standards and Technology (NIST) reduce mounting backlog of entries in the US National Vulnerability...
View ArticleUnauthorized AI is eating your company data, thanks to your employees
Employees at many organizations are engaging in widespread use of unauthorized AI models behind the backs of their CIOs and CISOs, according to a recent study. Employees are sharing company legal...
View ArticleArctic Wolf sniffs out new ransomware variant
Arctic Wolf’s incident response team has identified a new ransomware variant, referred to as Fog — targeting the education and recreation sectors in the US — presumably for easy infection and quicker...
View ArticleCloud security challenges are growing. Here’s why traditional SOC tools are...
The cloud will become a cornerstone of enterprise operations as IDC estimates that by 2025, there will be over 750 million cloud-native applications globally. Additionally, over 90% of organizations...
View ArticleLondon hospitals face days of disruption after ransomware attack on supply...
Several large hospitals in Britain’s capital London face days and possibly weeks of disruption after a partner organization was compromised by a potent ransomware attack. The attack on June 3 targeted...
View ArticleNavigating AI disruption in cybersecurity: Practical steps for leaders
Security leaders live under the constant pressure of evolving and scaling threats, technology trends, and business requirements. Many of us have had to play the rough catch-up game when we failed to...
View ArticleClik here to view.
Nominations for CSO30 Australia 2024 open
Nominations for the 2024 CSO30 Australia Awards have opened. The 2024 CSO30 Awards will be held together with the CIO50 Awards at the Shangri-La Hotel in Sydney on October 17th. The CSO30 Australia is...
View ArticleLong-running Chinese cyberespionage operation targeted Southeast Asian...
Researchers have uncovered a long-running cyberespionage operation by a possibly state-run Chinese threat actor against an unidentified high-profile government organization from Southeast Asia. The...
View ArticleWhat CISOs need to know about Microsoft’s Copilot+
Microsoft recently announced a technology that contains a feature that is leading some in security to scratch their heads and wonder: “What were they thinking?” Called Copilot+, it brings artificial...
View ArticleComplaints in EU challenge Meta’s plans to utilize personal data for AI
Meta is facing renewed scrutiny over privacy concerns as the privacy advocacy group NOYB has lodged complaints in 11 countries against the company’s plans to use personal data for training its AI...
View ArticleDownload our password managers enterprise buyer’s guide
From the editors of CSO, this enterprise buyer’s guide helps security IT staff understand what password managers can do for their organizations and how to choose the right solution.
View ArticleFBI offers to share 7,000 LockBit ransomware decryption keys with CISOs
The FBI has acquired more than 7,000 decryption keys from the massive ransomware group LockBit — and is encouraging corporate victims to come forward to see if the keys can unlock any of their data....
View ArticleHow Amazon CISO Amy Herzog responds to cybersecurity challenges
There is no such thing as a typical career path for many CISOs, and Amy Herzog’s journey is no exception. Herzog is one of several CISOs for Amazon, she is responsible for two large pieces of the...
View Article