featureCarrier Global takes collaborative approach to cybersecurityThe global HVAC and fire systems manufacturer’s network of internal volunteers works in conjunction with the cyber team’s tooling and threat hunting strategy to foster shared responsibility for securing enterprise operations.By Bob ViolinoSep 27, 20246 minsCSO50Manufacturing Industry opinion Beware the risks of vulnerable VPNs: update, maintain, monitor, and protectBy Susan BradleySep 26, 20247 minsThreat and Vulnerability ManagementIdentity and Access ManagementNetwork Securityfeature When technical debt strikes the security stackBy Ericka ChickowskiSep 25, 202412 minsCSO and CISORisk Management newsAttackers impersonate freight companies in double brokering scamsBy Lucian Constantin Sep 26, 20243 minsEmail SecurityThreat and Vulnerability Management newsChinese hackers allegedly hacked US ISPs for cyber espionageBy Shweta Sharma Sep 26, 20243 minsAdvanced Persistent ThreatsVulnerabilities featureCrowdStrike outage redefines EDR market emphasisBy John Leyden Sep 25, 20245 minsTechnology IndustryEndpoint Protection news analysisThousands of internet-exposed fuel gauges could be hacked and dangerously exploitedBy Lucian Constantin Sep 25, 20247 minsMining, Oil, and GasEnergy IndustryUtilities Industry featureCyber insurance price hikes stabilize as insurers expect more from CISOsBy John Leyden Sep 24, 20249 minsRansomwareData and Information SecurityNetwork Security feature10 things CISOs wished they knew from the startBy Andrada Fiscutean Sep 23, 202410 minsCSO and CISOCareers More security newsfeatureThe CSO guide to top security conferencesTracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.By CSO Staff Sep 30, 2024 6 minsTechnology IndustryIT SkillsEventsnewsTor browser, Tails OS merge to offer users improved security and privacyPlatforms hope by combining, their reach can be expanded, and that the merger ‘will strengthen both organizations' ability to protect people worldwide from surveillance and censorship’.By Howard Solomon Sep 30, 2024 4 minsBrowser SecurityInternet SecurityPrivacynews analysisRemote code execution exploit for CUPS printing service puts Linux desktops at riskSeveral vulnerabilities can be chained together to remotely register rogue printers and execute commands as root on many Linux systems.By Lucian Constantin Sep 27, 2024 8 minsHackingThreat and Vulnerability ManagementVulnerabilitiesfeatureAvangrid partners with state fusion cell to fight cyber threats via data sharingBy Shane O'Neill Sep 27, 2024 6 minsBusiness AnalystAccess ControlEventsnewsMicrosoft privilege escalation issue forces the debate: ‘When is something a security hole?’Fortra has announced what it dubs a Microsoft security hole. There is no dispute that the privilege escalation issue exists, but there is much argument over whether it’s a flaw.By Evan Schuman Sep 27, 2024 5 minsWindows SecurityAccess ControlVulnerabilitiesnewsA critical Nvidia Container Toolkit bug can allow a complete host takeoverThe flaw allows a rogue user to escape their container and access entire file systems of the underlying host to perform code execution, and denial of service. By Shweta Sharma Sep 27, 2024 4 minsVulnerabilitiesopinionZero trust, not no trust: A practical guide to implementing ZTNAZero trust isn’t just a buzzword; it’s a security imperative. Learn how ZTNA can protect your organization from modern threats and ensure seamless remote access. By Frankie Shuai, Former Head of Cyber & Technology Risk, Singapore and ANZ, UBS AG Sep 26, 2024 8 minsZero TrustNetwork SecuritynewsCrowdStrike defends access to Windows kernel at US Congressional hearing into July worldwide update failureExecutive calls the failure a ‘perfect storm,’ says the issue has been fixed and the company is 'deeply sorry'.By Howard Solomon Sep 24, 2024 4 minsRegulationWindows SecurityThreat and Vulnerability ManagementnewsSweden accuses Iran of SMS revenge hackSwedish authorities have named IRGC proxies for attacking a Swedish company, taking over its SMS service, and sending messages calling for revenge against Quran burners.By Viktor Eriksson Sep 24, 2024 3 minsCyberattacksnewsUS to ban connected vehicle tech from China, Russia due to national security risksThe prohibition is designed to safeguard connected vehicles with tech from China and Russia from unauthorized surveillance, espionage, mass vehicle immobilization, and cyberattacks. By Shweta Sharma Sep 24, 2024 3 minsRegulationTechnology IndustrynewsKaspersky’s US customers receive ‘UltraAV’ swap, raising red flagsSome users have turned to online forums to report that UltraAV was installed on their computers without consent.By Prasanth Aby Thomas Sep 24, 2024 3 minsAnti MalwareSecurity SoftwarefeatureINCIBE demonstrates value of ransomware simulationThe Spanish cyber institute presented to the press an example of its red-team exercises, which it uses not only to prepare its teams for real threats but also to educate Spanish companies the importance of preparing theirs.By Víctor Manuel Fernández Sep 24, 2024 4 minsRansomwareIncident Response Show more Show less Explore a topic Generative AI Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security View all topics All topics Close Generative AI Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Popular topicsGenerative AI newsMeet MathPrompt, a way threat actors can break AI safety controlsBy Howard Solomon Sep 23, 2024 5 minsGenerative AIVulnerabilities opinionWill potential security gaps derail Microsoft’s Copilot?By Preston Gralla Sep 17, 2024 1 minGenerative AIData and Information Security newsLLMs fueling a “genAI criminal revolution” according to Netcraft reportBy Lynn Greiner Aug 30, 2024 5 minsPhishingHackingGenerative AI View topic Cybercrime newsGerman police dismantles illegal crypto exchangesBy Florian Maier Sep 20, 2024 2 minsCryptocurrencyCybercrime newsAustralian cops bust underworld app through compromised software updatesBy Shweta Sharma Sep 18, 2024 4 minsHackingCybercrime featureTop 10 ransomware groups to watchBy Lucian Constantin Sep 16, 2024 12 minsRansomwareEncryptionCybercrime View topic Careers featureWhat’s next after the CISO role?By Rosalyn Page Sep 09, 2024 10 minsCSO and CISOCareersIT Leadership feature12 hottest IT security certs for higher pay todayBy Eric Frank Sep 04, 2024 14 minsCertificationsIT SkillsCareers featureWomen in Cyber Day finds those it celebrates ‘leaving in droves’By Howard Solomon Aug 30, 2024 8 minsCareersIT Leadership View topic IT Leadership opinionClear as mud: global rules around AI are starting to take shape but remain a little fuzzyBy Christopher Burgess Sep 23, 2024 7 minsCSO and CISORegulationIT Leadership interviewDo boards understand their new role in cybersecurity?By Martha Heller Sep 18, 2024 1 minIT Leadership featureCybersecurity vet Madison Horn makes her bid for US CongressBy Christine Wong Sep 18, 2024 8 minsCSO and CISOGovernmentIT Leadership View topic Upcoming Events08/Oct in-person event FutureIT DallasOct 08, 2024AT&T Stadium Events 21/Oct-23/Oct awards CSO50 Conference + AwardsOct 21, 2024Phoenix, AZ CSO and CISOCybercrimeSecurity 21/Oct-23/Oct awards CSO Conference + AwardsOct 21, 2024Phoenix, AZ CSO and CISOCybercrimeSecurity View all events In depth featureWho owns your data? SaaS contract security, privacy red flagsCompanies looking to use SaaS solutions should involve the security team in the procurement process and pay attention to contract language.By Andrada FiscuteanMar 27, 202410 mins Data and Information Security Read the Article Podcasts podcastsSponsored by Microsoft SecurityStrengthen and Streamline Your SecurityThis podcast series brought to you by Microsoft and IDG, will explore the core components of a modern security strategy, with insights and tips from leading security experts. We’ll discuss how ongoing and ever-changing threats, a growing security stack, and a shift to remote work make it difficult for CISOs and their security teams to balance enterprise-grade security with end-user productivity.4 episodesData and Information Security Ep. 03 Episode 3: The Zero Trust Model Mar 25, 202115 mins Multi-factor AuthenticationCSO and CISORemote Work Ep. 04 Episode 4: Reduce SOC burnout Mar 29, 202115 mins CSO and CISOPhishingRemote Work Show me moreLatestArticlesPodcastsVideos brandpost Sponsored by Fortinet Here are the top 3 causes of breaches – and how to mitigate them By Rob Rashotte Sep 26, 20245 mins Security events promotion SAP SE revamps application security scanning using simulation and automation By Shane O'Neill Sep 26, 20245 mins Application Security events promotion Accenture forges own path to improve attack surface management By Shane O'Neill Sep 25, 20246 mins Security podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe Aug 07, 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) Jul 17, 202417 mins CSO and CISO podcast CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands Jul 08, 202418 mins CSO and CISO video CSO Executive Sessions: DocDoc’s Rubaiyyaat Aakbar on security technology Sep 12, 202419 mins Healthcare IndustryArtificial IntelligenceSecurity video CSO Executive Sessions: Hong Kong Baptist University’s Allan Wong on security leadership Sep 05, 202410 mins Education IndustryIT Leadership video CSO Executive Sessions: EDOTCO’s Mohammad Firdaus Juhari on safeguarding critical infrastructure in the telecommunications industry Sep 05, 202411 mins Telecommunications IndustryCritical InfrastructureSecurity