News

CSO Online38m
Microsoft Entra’s billing roles pose privilege escalation risks in Azure
Guest users with certain billing roles can create and own subscriptions, potentially gaining persistence and privilege ...
CSO Online6h
6 rising malware trends every security pro should know
From infostealers commoditizing initial access to a more targeted approach to ransomware attacks, cybercriminals’ malware ...
CSO Online16h
Separating hype from reality: How cybercriminals are actually using AI
Countering more advanced AI-driven threats requires that we collectively evolve our defenses, and the good news is that many ...
CSO Online22h
If you use OneDrive to upload files to ChatGPT or Zoom, don’t
Users could potentially allow access to the entire drive because of the way Microsoft implements OAuth in OneDrive File ...
CSO Online10h
Risk assessment vital when choosing an AI model, say experts
CISOs are advised to apply the same evaluation discipline to AI as they do to any other app in the enterprise.
CSO Online1dOpinion
‘Secure email’: A losing battle CISOs must give up
Security wise, email has long been an outdated mode of communication in our increasingly cyber-threatened world. It’s time we ...
CSO Online1d
New Russian APT group Void Blizzard targets NATO-based orgs after infiltrating Dutch police
The cyberespionage group uses compromised credentials to steal emails and data from public and private sector organizations ...
CSO Online2d
How CISOs can defend against Scattered Spider ransomware attacks
CISOs should fortify help desk and employee defenses, enhance intrusion detection and tracking capabilities, and recognize ...
CSO Online1d
Code security in the AI era: Balancing speed and safety under new EU regulations
Organizations face the challenge of securing AI-generated code while maintaining a rapid development pace to meet market ...
CSO Online1d
Breaking RSA encryption just got 20x easier for quantum computers
New research shows that RSA-2048 encryption could be cracked using a one-million-qubit system by 2030, 20x faster than ...
CSO Online3d
CISA flags Commvault zero-day as part of wider SaaS attack campaign
Threat actors exploited the Commvault flaw to access M365 secrets, allowing further breaches of SaaS applications.
CSO Online3d
The 7 unwritten rules of leading through crisis
Your crisis management playbook may look fail-proof on paper, but leadership and culture offer intangibles that can make or ...