News

CSO Online6h
Alert to Kali Linux admins: Get the new signing key or no distro updates for you
Organization admits it ‘lost’ access to its signing key; an expert says this shows the need for object management by CISOs.
CSO Online10h
Brocade Fabric OS flaw could allow code injection attacks
The improper input validation flaw allows attackers with admin access to modify firmware and run arbitrary code on affected ...
CSO Online14h
The state of intrusions: Stolen credentials and perimeter exploits on the rise, as phishing wanes
Cybercriminals also likely to leverage tools present within the targeted environment rather than to construct new malware or ...
CSO Online11h
Cybersecurity leaders decry ‘political persecution’ of Chris Krebs in a letter to the President
The cybersecurity professionals highlighted their “professional obligation to report truthful findings, even — and especially ...
CSO Online8h
Enterprise-specific zero-day exploits on the rise, Google warns
Vulnerabilities in enterprise network and security appliances accounted for nearly half of the zero-day flaws exploited by ...
CSO Online22h
AI looms large on the RSA Conference agenda
Expect artificial intelligence to be the topic of the week at the RSA Conference, with a slew of product announcements, panel ...
CSO Online1d
Secure by Design is likely dead at CISA. Will the private sector make good on its pledge?
CISA’s high-profile proselytizing of its Secure by Design program will likely end, but some experts think the idea still has ...
CSO Online1d
Reporting lines: Could separating from IT help CISOs?
CISOs who report to the CFO find that the shift away from IT can improve their ability to translate risk into business terms, ...
CSO Online1d
Huntress expands ITDR capabilities to combat credential theft and BEC
The identity-based improvements target rogue applications, credential theft, and BEC attacks while fully managed SIEM adds to ...
CSO Online3d
SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability
The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant ...
CSO Online1d
RSA Conference 2025 — News and analysis
Whether you're attending RSA this year or watching from a distance, follow this page for the latest news on keynotes, product ...
CSO Online4d
Darcula phishing toolkit gets AI boost, democratizing cybercrime
Darcula’s new AI-integrated phishing toolkit allows criminals to create customized, multi-language phishing kits in minutes — ...