IT suppliers hacked off with Uncle Sam's demands in aftermath of cyberattacks
Plan says to hand over keys to networks – and report intrusions within eight hours of discovery
Public Sector08 Feb 2024 | 36
CSO
Half of polled infosec pros say their degree was less than useful for real-world work
The other half paid attention in class?
CSO07 Feb 2024 | 18
Chinese Coathanger malware hung out to dry by Dutch defense department
Attack happened in 2023 using a bespoke backdoor, confirming year-old suspicions
CSO06 Feb 2024 | 13
Blackbaud settles with FTC after that IT breach exposed millions of people's info
Cloud software slinger admits no guilt, promises better basic security hygiene
Cyber-crime02 Feb 2024 | 6
Cloudflare sheds more light on Thanksgiving security breach in which tokens, source code accessed by suspected spies
Atlassian systen compromised via October Okta intrusion
CSO02 Feb 2024 | 14
Rise of deepfake threats means biometric security measures won't be enough
Defenses need a rethink in face of increasing sophistication
CSO01 Feb 2024 | 18
SolarWinds slams SEC lawsuit against it as 'unprecedented' victim blaming
18,000 customers, including the Pentagon and Microsoft, may have other thoughts
CSO29 Jan 2024 | 16
Microsoft sheds some light on Russian email heist – and how to learn from Redmond's mistakes
Step one, actually turn on MFA
CSO27 Jan 2024 | 17
Wait, security courses aren't a requirement to graduate with a computer science degree?
Comment And software makers seem to be OK with this, apparently
CSO26 Jan 2024 | 64
What Microsoft's latest email breach says about this IT security heavyweight
Comment Senator Wyden tells The Reg this latest infosec lapse is 'inexcusable'
CSO24 Jan 2024 | 45
JPMorgan exec claims bank repels '45 billion' cyberattack attempts per day
Updated Assets boss also reckons she has more engineers than Amazon
CSO18 Jan 2024 | 20
FBI: Beware of thieves building Androxgh0st botnets using stolen creds
Infecting networks via years-old CVEs that should have been patched by now
CSO17 Jan 2024 |
Number of orgs compromised via Ivanti VPN zero-days grows as Mandiant weighs in
Snoops had no fewer than five custom bits of malware to hand to backdoor networks
CSO13 Jan 2024 | 4
Ransomware payment ban: Wrong idea at the wrong time
Opinion Won't stop the chaos, may lead to attacks with more dire consequences
CSO06 Jan 2024 | 130
After injecting cancer hospital with ransomware, crims threaten to swat patients
Remember the good old days when ransomware crooks vowed not to infect medical centers?
CSO05 Jan 2024 | 70
Sandworm's Kyivstar attack should serve as a reminder of the Kremlin crew's 'global reach'
'Almost everything' wiped in the telecom attack, says Ukraine's top cyber spy
CSO05 Jan 2024 | 13
Three Chinese balloons float near Taiwanese airbase
Also: Remember that balloon over the US last February? It might have used a US internet provider
CSO04 Jan 2024 | 15
A tale of 2 casino ransomware attacks: One paid out, one did not
Feature What can be learned from MGM's and Caesars' infosec moves
CSO28 Dec 2023 | 64
Microsoft's bug bounty turns 10. Are these kinds of rewards making code more secure?
Interview Katie Moussouris, who pioneered Redmond's program, says folks are focusing on the wrong thing
CSO22 Nov 2023 | 9
SonicWall swallows Solutions Granted amid cybersecurity demand surge
CEO Bob VanKirk makes near-20-year partnership official, teases big things coming to EMEA
CSO17 Nov 2023 | 1
How much to clean up a ransomware infection? For Rackspace, about $11M
And that's not counting the incoming lawsuits. Thank goodness for insurance, eh?
CSO16 Nov 2023 | 7
Clorox CISO flushes self after multimillion-dollar cyberattack
Plus: Ransomware crooks file SEC complaint against victim
CSO16 Nov 2023 | 23
NCSC says cyber-readiness of UK’s critical infrastructure isn’t up to scratch
And the world's getting more and more dangerous
CSO14 Nov 2023 | 16
HTTP/2 'Rapid Reset' zero-day exploited in biggest DDoS deluge seen yet
Botnet storm drowned last record with 398 million requests per second
CSO10 Oct 2023 | 13
Red Cross lays down hacktivism law as Ukraine war rages on
Rules apply to cyber vigilantes and their home nations, but experts cast doubt over potential benefits
CSO04 Oct 2023 | 4
Chinese snoops stole 60K State Department emails in that Microsoft email heist
No classified systems involved apparently, but internal diplomatic notes, travel details, staff SSNs, etc
CSO28 Sep 2023 | 4
Good news for Key Group ransomware victims: Free decryptor out now
That's what we call a static shock
CSO31 Aug 2023 | 5
Barracuda gateway attacks: How Chinese snoops keep a grip on victims' networks
Backdoors detailed, plus CISA releases more IOCs for IT depts to check
CSO30 Aug 2023 |
University cuts itself off from internet after mystery security snafu
Updated Halls of learning are stuck offline, but go Wolverines!
CSO29 Aug 2023 | 21
Malware loader lowdown: The big 3 responsible for 80% of attacks so far this year
Top of the list to trip sensors
CSO28 Aug 2023 | 6
Russia's Cozy Bear is back and hitting Microsoft Teams to phish top targets
Plus: Tenable CEO blasts Redmond's bug disclosure habits
CSO03 Aug 2023 | 8
What would sustainable security even look like?
Opinion Clue: Nothing like what’s on offer today
CSO31 Jul 2023 | 40
Florida man accused of hoarding America's secrets faces fresh charges
Mar-a-Lago IT director told 'the boss wanted the server deleted'
CSO29 Jul 2023 | 147
Millions of people's data stolen because web devs forget to check access perms
IDORs of the storm
CSO29 Jul 2023 | 40
Crooks pwned your servers? You've got four days to tell us, SEC tells public companies
Cripes, they actually sound serious
CSO26 Jul 2023 | 29
AMD Zenbleed chip bug leaks secrets fast and easy
Zen 2 flaw more simple than Spectre, exploit code already out there – get patching when you can
CSO24 Jul 2023 | 64
Stolen Microsoft key may have opened up a lot more than US govt email inboxes
How does the Azure giant come back from this?
CSO21 Jul 2023 | 56
VirusTotal: We're sorry someone fat-fingered and exposed 5,600 users
File under PEBCAK
CSO21 Jul 2023 | 19
Chinese balloon that US shot down was 'crammed' with American hardware
Blasted from the sky in February, device never transmitted photos, videos, or radar data it collected, officials say
CSO29 Jun 2023 | 75
Ex-FBI employee jailed for taking classified material home
Infosec in brief Also: a PII harvest at Dole's server farm, military members mailed mystery smartwatches, and this week's critical vulns
CSO26 Jun 2023 | 55
JP Morgan accidentally deletes evidence in multi-million record retention screwup
Fined $4m for Who-Me-esque mess, for which it blames unnamed archiving vendor's retention settings
CSO26 Jun 2023 | 56
UK cyberspies warn ransomware crews targeting law firms
Nation states will use you to get to your friends, says NCSC
CSO23 Jun 2023 | 8
To kill BlackLotus malware, patching is a good start, but...
...that alone 'could provide a false sense of security,' NSA warns in this handy free guide for orgs
CSO22 Jun 2023 | 4
FTC accuses DNA testing company of lying about dumping samples
1Health must strengthen protections for genetic information as part of settlement
CSO21 Jun 2023 | 4
US government hit by Russia's Clop in MOVEit mass attack
CISA chief tells us exploitation 'largely opportunistic', not on same level of SolarWinds
CSO15 Jun 2023 | 7
Chinese spies blamed for data-harvesting raids on Barracuda email gateways
Snoops 'aggressively targeted' specific govt, academic accounts
CSO15 Jun 2023 | 2
LockBit victims in the US alone paid over $90m in ransoms since 2020
As America, UK, Canada, Australia and friends share essential bible to detect and thwart infections
CSO14 Jun 2023 | 2
Clop ransomware crew sets June extortion deadline for MOVEit victims
Plus: The Feds weigh in with advice, details
CSO07 Jun 2023 | 2
US govt now bans TikTok from contractors' work gear
BYODALAINGTI (as long as it's not got TikTok installed)
CSO06 Jun 2023 | 11
SEC drops 42 cases after staff bungle data protection
Corporate watchdog fouled its info-separation regime, let the wrong people read sensitive docs
CSO06 Jun 2023 | 2
Microsoft stashes nearly half a billion in case LinkedIn data drama hits
Irish regulators sniffing around Facebook-for-suits subsidiary have threatened fine
CSO02 Jun 2023 | 12
90+ orgs tell Slack to stop slacking when it comes to full encryption
Protests planned for Wednesday in San Francisco and Denver
CSO30 May 2023 | 8
Microsoft decides it will be the one to choose which secure login method you use
Certificate-based authentication comes first and phones last
CSO18 May 2023 | 55
'Strictly limit' remote desktop – unless you like catching BianLian ransomware
Do it or don't. We're not cops. But the FBI are, and they have this to say
CSO17 May 2023 | 33
Don't panic. Google offering scary .zip and .mov domains is not the end of the world
Comment Did we forget about .pl, .sh and oh yeah, .com ?
CSO17 May 2023 | 80
No more macros? No problem, say miscreants, we'll adapt
Microsoft blocking 'net scripts sparked 'monumental shift' in attacks
CSO15 May 2023 | 10
Sonatype axes 14 percent of staff, reminds them not to talk to the press
Exclusive Workers slam 'horrendous' handling of layoffs that left even 'engineering managers in the dark'
CSO10 May 2023 | 41
Modern Auth comes to on-prem Exchange Server gear
Guess this'll have to do while we wait for *checks notes* ES 2025
CSO08 May 2023 | 2
Dump these insecure phone adapters because we're not fixing them, says Cisco
Security hole ranks 9.8 out of 10 in severity, 0 out of 10 in patch availability
CSO05 May 2023 | 90
Insurers can't use 'act of war' excuse to avoid Merck's $1.4B NotPetya payout
'The get-out-of-jail-free card option has been removed' as one expert put it
CSO03 May 2023 | 37
Biting the hand that feeds IT
