Microsoft privilege escalation issue forces the debate: ‘When is something a...
Security vendor Fortra announced on Friday what it is describing as a Microsoft security hole that would allow an attacker who had stolen low-level access credentials to escalate them to high-level...
View ArticleAvangrid partners with state fusion cell to fight cyber threats via data sharing
Avangrid’s award-winning cybersecurity initiative uses real-time data sharing to protect the energy grid. Avangrid, a sustainable energy company based in Orange, CT, supplies gas and electricity to...
View ArticleRemote code execution exploit for CUPS printing service puts Linux desktops...
A security researcher has developed an exploit that leverages several vulnerabilities in CUPS (common UNIX printing system), the default printing system on most Linux systems. The exploit chain allows...
View ArticleTor browser, Tails OS merge to offer users improved security and privacy
CISOs of organizations with staff (including cybersecurity threat researchers) who have to meet high privacy standards when connecting to the internet have a new option with the merger of the Tor...
View ArticleThe CSO guide to top security conferences
There is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of a new tool or to have...
View ArticleSecurity spending signals major role change for CISOs and their teams
Enterprises are increasingly spending more on security software and services than they are on staff, a radical shift in security budgeting that will transform the role of the CISO at many...
View ArticleCyber resilience becoming extremely difficult amid Gen AI upgrades
With rapid advancements in Artificial Intelligence (AI) pushing boundaries and the regulatory environment in constant flux, achieving cyber resilience is becoming more difficult for enterprises. A PwC...
View ArticleCISOs to grapple with a thicket of emerging regulations after Newsom vetoes...
Following a tense period of uncertainty, California Governor Gavin Newsom has vetoed a landmark bill, SB-1047, the Safe and Secure Innovation for Frontier Artificial Intelligence Models Act. Passed by...
View ArticleOne year until Windows 10 ends: Here’s the security impact of not upgrading
In about one year, Windows 10 machines will reach the end of their lifespan, at least as far as Microsoft is concerned. That’s a pretty big deal considering the older operating system far eclipses its...
View Article9 types of phishing attacks and how to identify them
Every data breach and online attack seems to involve some kind of phishing attempt to steal password credentials, launch fraudulent transactions, or trick someone into downloading malware. Indeed,...
View ArticleData of 300k digiDirect customers leaked in alleged attack
One of Australia’s leading retailers of consumer electronics, digiDirect, is allegedly facing theft of data belonging to over 300k customers from a cybersecurity breach. On Sunday, a threat actor...
View ArticleDownload the Emerging Cybersecurity Issues Enterprise Spotlight
Download the October 2024 issue of the Enterprise Spotlight from the editors of CIO, Computerworld, CSO, InfoWorld, and Network World.
View ArticleFCC orders T-Mobile to deliver zero trust and better MFA
T-Mobile must complete the move to zero trust and improve authentication, along with implementing better data minimization and improving asset inventory, said a US Federal Communications Commission...
View ArticleRansomware explained: How it works and how to remove it
What is ransomware? Ransomware is a form of malware that encrypts or blocks access to a victim’s files, data, or systems until a ransom is paid. When under such an attack, users are shown instructions...
View Article14 underrated pentesting tools to round out your red team arsenal
The right tool can make or break a pentest or red team exercise. While many of the tools in Kali are tried and true, they are not always the best fit for every scenario. It is crucial to know where to...
View ArticleLockbit dismantling progresses
Police authorities from 12 countries have carried out another concerted action as part of “Operation Cronos.” Mission-critical servers for the Lockbit infrastructure were shut down and four suspects...
View ArticleLLMs hallucinating non-existent developer packages could fuel supply chain...
Large Language Models (LLMs) have a serious “package hallucination” problem that could lead to a wave of maliciously-coded packages in the supply chain, researchers have discovered in one of the...
View ArticleCloudflare reports thwarting largest-ever DDoS attack
Content distribution network Cloudflare has reported mitigating the largest distributed denial-of-service (DDoS) attack seen to date. The attack by unknown perpetrators, observed in September, was...
View ArticleAI could provide the cyber-risk crystal ball every CISO needs
As much as cybersecurity professionals might prefer otherwise, ours is a field defined by reaction — just ask the average cyber analyst or threat hunter about their day to get a sense of how true this...
View ArticleMeta partners with banks in the UK to combat online scams
Meta is working with banks in the UK to curb the menace of online frauds that originate or are executed on social media platforms such as Facebook or Instagram. The Facebook parent company has...
View Article