newsA new fear for CSOs: The sky is fallingResearchers look to space to give CSOs and CIOs a preview of possible cyber threats to come here on earth: Four million of them, all bad.By Lynn Greiner17 Jun 20245 minsThreat and Vulnerability ManagementRisk ManagementVulnerabilities news Pure Storage says it was breached as Snowflake victim count continues to grow By John E. Dunn12 Jun 20245 minsMulti-factor AuthenticationData BreachVulnerabilitiesnews Microsoft fixes dangerous zero-click Outlook remote code execution exploitBy Lucian Constantin12 Jun 20243 minsWindows SecurityVulnerabilities newsCritical PyTorch flaw puts sensitive AI data at riskBy Lucian Constantin 10 Jun 20243 minsPyTorchVulnerabilities interviewHow Amazon CISO Amy Herzog responds to cybersecurity challengesBy David Strom 07 Jun 20245 minsSecurity PracticesVulnerabilitiesSecurity featureBacklogs at National Vulnerability Database prompt action from NIST and CISABy John P. Mello Jr. 15 May 202410 minsThreat and Vulnerability ManagementSecurity PracticesVulnerabilities newsGoogle Chrome gets a patch for actively exploited zero-day vulnerabilityBy Lucian Constantin 10 May 20243 minsThreat and Vulnerability ManagementZero-day vulnerabilityVulnerabilities newsF5 patches BIG-IP Next Central Manager flaws that could lead to device takeoverBy Lucian Constantin 08 May 20245 minsThreat and Vulnerability ManagementCloud SecurityVulnerabilities news analysisMassive security hole in VPNs shows their shortcomings as a defensive measureBy Evan Schuman 08 May 20248 minsThreat and Vulnerability ManagementData and Information SecurityNetwork Security ArticlesnewsCitrix quietly fixes a new critical vulnerability similar to Citrix BleedMuch similar to Citrix-Bleed, the information disclosure bug was identified within NetScaler devices configured as gateway or virtual servers.By Shweta Sharma 07 May 2024 3 minsVulnerabilitiesnewsCISA, FBI urge developers to patch path traversal bugs before shippingThe advisory highlights how developers can follow best practices to fix these vulnerabilities during production.By Shweta Sharma 03 May 2024 3 minsVulnerabilitiesfeature3 Windows vulnerabilities that may not be worth patchingSome vulnerabilities eat up a security team’s time and resources yet provide little or nothing in the way of true protection. Some may even introduce more risk to a network.By Susan Bradley 01 May 2024 7 minsWindows SecurityPatch Management SoftwareSecurity PracticesnewsUnitedHealth hackers exploited Citrix vulnerabilities, CEO to testifyIn the written testimony before the House Energy and Commerce Committee, CEO Andrew Witty said after gaining access, the threat actor moved laterally within the systems using sophisticated methods and exfiltrated data.By Prasanth Aby Thomas 30 Apr 2024 3 minsHacker GroupsCyberattacksVulnerabilitiesnewsMost attacks affecting SMBs target five older vulnerabilitiesAttackers target flaws for a reason: Even years after they are discovered, they still work. By John E. Dunn 30 Apr 2024 4 minsThreat and Vulnerability ManagementNetwork SecurityVulnerabilitiesnewsCisco urges immediate software upgrade after state-sponsored attackHackers exploited previously undetected vulnerabilities in Cisco’s Adaptive Security Appliances — a product that combines multiple cybersecurity functions.By Prasanth Aby Thomas 25 Apr 2024 3 minsVulnerabilitiesnews analysisHow the ToddyCat threat group sets up backup traffic tunnels into victim networksThe Chinese APT group is using a variety of tools to infiltrate networks and steal large amounts of data.By Lucian Constantin 24 Apr 2024 6 minsAdvanced Persistent ThreatsThreat and Vulnerability ManagementNetwork SecurityopinionMicrosoft’s mea culpa moment: how it should face up to the CSRB’s critical reportWhat should happen in the wake of the CSRB’s Microsoft report? This former security industry analyst has some suggestions.By Jon Oltsik 23 Apr 2024 4 minsWindows SecuritySecurity PracticesVulnerabilitiesnews analysisMore attacks target recently patched critical flaw in Palo Alto Networks firewallsThe vulnerability found in GlobalProtect could be exploited to gain access to corporate networks and has seen a rise in compromise attempts despite being patched.By Lucian Constantin 22 Apr 2024 5 minsThreat and Vulnerability ManagementZero-day vulnerabilityVulnerabilitiesnews analysisWindows path conversion weirdness enables unprivileged rootkit behaviorMagicDot technique allows attackers to capitalize on an already-patched vulnerability simply by changing the dots in a path.By Lucian Constantin 19 Apr 2024 5 minsWindows SecurityThreat and Vulnerability ManagementVulnerabilitiesnews analysisCisco fixes vulnerabilities in Integrated Management ControllerCisco fixes high-risk flaws in the out-of-band management controller of multiple productsBy Lucian Constantin 18 Apr 2024 4 minsThreat and Vulnerability ManagementVulnerabilitiesnewsSAP users are at high risk as hackers exploit application vulnerabilitiesResearch highlights heightened threat actor interests in SAP systems, targeting poorly patched organizations.By Shweta Sharma 17 Apr 2024 4 minsApplication SecurityVulnerabilities Show more Show less View all Resources whitepaper The IT Leader’s Guide to Partnerships That Deliver on Employee Experience Transformation Employee experience (EX) reimagines how people, data, and technology work together to constantly adapt, evolve, and grow the organization equitably into the best version of itself. The post The IT Leader’s Guide to Partnerships That Deliver on Employee Experience Transformation appeared first on Whitepaper Repository –. By Workday Inc. 24 Jun 2024Business OperationsEmployee ExperienceHuman Resources whitepaper How intelligent business systems help retailers drive profitability and growth By Workday Inc. 24 Jun 2024Business OperationsERP SystemsRetail Industry whitepaper SMBs at the leading edge: 4 key considerations for growth and success By Workday Inc. 24 Jun 2024Business OperationsFinance and Accounting SystemsSmall and Medium Business View all Video on demand videoPrinters: The overlooked security threat in your enterprise | TECHtalkPrinters, often a forgotten target in the enterprise, are vulnerable to all the usual cyberattacks. Watch as IDG TECH(talk) hosts Ken Mingis and Juliet Beauchamp and CSO Online’s J.M. Porup discuss the threats to these devices, plus how to secure them and protect your network. 07 Nov 2019 20 minsHackingPrintersVulnerabilities Don’t ignore application security | Salted Hash Ep 35 23 Jul 2018 18 minsApplication SecurityVulnerabilitiesSecurity The Dyn cyberattack, one year later | Salted Hash Ep 11 11 Dec 2017 22 minsCybercrimeInternet of ThingsVulnerabilities See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Generative AI Show me morePopularArticlesPodcastsVideos brandpost Sponsored by CyberArk Understanding APIs and how attackers abuse them to steal data By John Walsh, senior product marketing manager at CyberArk 24 Jun 20245 mins Cybercrime brandpost Sponsored by CyberArk Why identity security Is essential to cybersecurity strategy By Claudio Neiva, CyberArk’s Field Technology Director (LATAM), PAM and Identity Security 24 Jun 20246 mins Cybercrime news Car dealerships face continued disruption as CDK works to restore hacked systems By Gyana Swain 24 Jun 20244 mins Hacker GroupsRansomware podcast CSO Executive Sessions India with Hilal Lone, CISO, Razorpay 11 Jun 202429 mins CSO and CISO podcast CSO Executive Sessions: The new realities of the CISO role – whistleblowing and legal liabilities 28 May 202417 mins CSO and CISO podcast CSO Executive Sessions India with Pradipta Kumar Patro, Global CISO and Head IT Platform, KEC International 22 May 202426 mins CSO and CISO video CSO Executive Session India with Hilal Lone, CISO, Razorpay 11 Jun 202429 mins CSO and CISO video CSO Executive Sessions: The new realities of the CISO role – whistleblowing and legal liabilities 28 May 202417 mins CSO and CISO video CSO Executive Sessions India with Pradipta Kumar Patro, Global CISO and Head IT Platform, KEC International 22 May 202426 mins CSO and CISO