CSO Online1d
Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE
Successful exploitation could allow attackers to steal data, install malware, or take full control over affected big data ...
CSO Online2d
AI programming copilots are worsening code security and leaking more secrets
Copilot-enabled repos are 40% more likely to contain API keys, passwords, or tokens — just one of several issues security ...
CSO Online1d
Trump fires NSA and Cybercom chief, jeopardizing cyber intel
Lawmakers fear the firing of Gen. Timothy Haugh will lead to a loss of critical intelligence at a time when cyber threats ...
CSO Online4d
10 best practices for vulnerability management according to CISOs
After years of neglect, organizations are investing in vulnerability management programs to address business risk. A dozen ...
CSO Online3d
Threat-informed defense for operational technology: Moving from information to action
More than ever, cybercriminal networks are now operating like legitimate businesses. In response, organizations must adopt a ...
CSO Online1d
Ivanti warns customers of new critical flaw exploited in the wild
Chinese APT group UNC5221 appears to have studied a recent Ivanti Connect Secure patch to develop a remote code execution ...
CSO Online2d
Royal Mail investigates data leak
Several gigabytes of sensitive customer data have surfaced on the darknet, allegedly from the British postal service Royal ...
CSO Online2d
Oracle quietly admits data breach, days after lawsuit accused it of cover-up
A lawsuit filed Monday accused Oracle of failing to acknowledge a recent data breach — but the company has reportedly since ...
CSO Online3d
AI disinformation didn’t upend 2024 elections, but the threat is very real
The next phase of AI disinformation won’t just target voters but target organizations, supply chains, and critical ...
CSO Online4d
The urgent reality of machine identity security in 2025
Here, we’ll explore the growth of machine identities, the associated risks, and the strategies organizations can adopt to ...
CSO Online2d
Too little budget for OT security despite rising threats
According to a recent study, many organizations still invest too little in protecting their operational technology (OT).
CSO Online1d
Cyber agencies urge organizations to collaborate to stop fast flux DNS attacks
Fast flux allows attackers to obfuscate the locations of malicious command and control (C2) servers by rapidly changing Domain Name System (DNS) records. It’s “a defensive gap in many networks,” the ...