Quantcast
Channel: Greg Kushto | CSO Online
Browsing all 863 articles
Browse latest View live

What “next-gen” identity security actually means – and why it’s increasingly...

Matt Mills, President, SailPoint From smartphones to video game consoles, people love to throw around the term “next generation.” But what does it actually mean? Well, when the term is applied to a...

View Article


Image may be NSFW.
Clik here to view.

OWASP Top 10 OSS Risks: A guide to better open source security

Calls for a critical look at how open-source software (OSS) is secured and used have been increasing after a number of recent scares exposed vulnerabilities and risks, in particular the XZ Utils...

View Article

Customers of Sisense data analytics service urged to change credentials

The US Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations to change any credentials they might have shared or stored with Sisense, a data analytics software and services...

View Article

ISC2 study pegs average US cybersecurity salary at $147K, up from $119K in 2021

Salaries for cybersecurity professionals have jumped more than 23% since 2021, according to the 2024 annual workforce study from ISC2, the organization that maintains and administers the CISSP...

View Article

Top cybersecurity product news of the week

Palo Alto Networks introduces cloud capabilities to Cortex XSIAM April 11: Palo Alto Networks has introduced cloud capabilities to Cortex XSIAM that combine enterprise security and cloud detection...

View Article


Top cybersecurity M&A deals for 2024

Cybersecurity continues to remain one of the biggest concerns in global information technology in 2024 following a year that saw security incidents continue to grow at an alarming rate. After...

View Article

CISA opens its malware analysis and threat hunting tool for public use

The US Cybersecurity and Infrastructure Security Agency (CISA) is opening a government tool for analyzing malware to all. Malware Next-Gen is already used by US government agencies to submit malware...

View Article

CISA orders US government agencies to check email systems for signs of...

Russian nation-state hackers have exploited a recent Microsoft email compromise to steal the emails of government agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) has...

View Article


Attackers exploit critical zero-day flaw in Palo Alto Networks firewalls

Network security vendor Palo Alto Networks released mitigation instructions for an actively exploited vulnerability in PAN-OS, the software that powers its next-generation firewall (NGFW) products....

View Article


Open-source scanner can identify risky Microsoft SCCM configurations

One of the researchers that recently compiled a knowledge base of common misconfigurations and attack techniques impacting Microsoft System Center Configuration Manager (SCCM), has developed an...

View Article

6 bad cybersecurity habits that put SMBs at risk

Small and medium businesses (SMBs) have increased their digital footprint, embracing remote work, employing more internet-connected devices, and adopting new tools and technologies. They now find...

View Article

Hacker dumps data of 2.8 million Giant Tiger customers

A threat actor has reportedly claimed responsibility for a March 2024 data breach that affected the Canadian retail chain Giant Tiger, which compromised 2.8 million customer records. The breach, which...

View Article

US supreme court ruling suggests change in cybersecurity disclosure process

The United States Supreme Court unanimous ruling on an SEC disclosure case on Friday could have direct consequences on how security executives report cybersecurity incidents.  The decision in the...

View Article


10 tips to keep IP safe

Intellectual property (IP) is the lifeblood of every organization. It didn’t used to be. As a result, now more than ever, it’s a target, placed squarely in the cross-hairs by various forms of cyber...

View Article

Sensitive US government data exposed after Space-Eyes data breach

IntelGroup, a prominent Serbian hacker from the CyberNiggers threat group, has claimed to breach Space-Eyes, a geospatial intelligence firm, catering exclusively to the US government agencies. The...

View Article


More open-source project takeover attempts found after XZ Utils attack

The Open Source Security Foundation (OpenSSF) together with the OpenJS Foundation have identified additional incidents where attackers attempted to social engineer their way into the management of...

View Article

Understanding CISA’s proposed cyber incident reporting rules

In the wake of a string of high-profile cyber incidents, capped by a crippling ransomware attack on Colonial Pipeline, the US Congress passed the Cyber Incident Reporting for Critical Infrastructure...

View Article


Where in the world is your AI? Identify and secure AI across a hybrid...

Artificial intelligence is quickly becoming an integral component of daily business operations — by 2026, more than 80% of enterprises will have used generative AI APIs or deployed AI-enabled...

View Article

SAP users are at high risk as hackers exploit application vulnerabilities

Targeting SAP vulnerabilities by threat actors is currently at its peak as systems compromised by ransomware incidents have grown fivefold since 2021, according to joint research by Flashpoint and...

View Article

AWS and Google Cloud command-line tools can expose secrets in CI/CD logs

Security researchers warn that certain commands executed in the AWS and Google Cloud command-line interfaces (CLIs) will return credentials and other secrets stored in environment variables as part of...

View Article
Browsing all 863 articles
Browse latest View live