CSOonline1h
PUMA creeps through Linux with a stealthy rootkit attack
The multi-stage rootkit targets Linux systems, using advanced stealth techniques to escalate privileges and avoid detection.
CSOonline13h
Security researchers find deep flaws in CVSS vulnerability scoring system
Cybersecurity experts from financial giant JPMorganChase say the cybersecurity community is being misled about the severity ...
CSOonline10h
Europol shutters 27 DDoS sites in major crackdown
Furthermore, 27 booter and stresser sites have been shut down, including zdstresser.net, orbitalstress.net, and starkstresser ...
CSOonline19h
KeyTrap DNSSEC: The day the internet (almost) stood still
Black Hat conference attendees heard a post-mortem on the KeyTrap DNSSEC vulnerability, which could have widely impacted ...
CSOonline19h
Microsoft Windows ‘Best Fit’ character conversion ‘ripe for exploitation’
Security researchers warn that the Windows ANSI API contains a hidden trap that could lead to arbitrary code execution — a ...
CSOonline16h
Attackers exploit zero-day RCE flaw in Cleo managed file transfer
The exploit takes advantage of a known file upload vulnerability that was not efficiently patched and can still be exploited ...
CSOonline1d
A security ‘hole’ in Krispy Kreme Doughnuts helped hackers take a bite
In the filing, Krispy Kreme confirmed that the incident has and will continue to have material impact until a full recovery ...
CSOonline1d
AMD data center chips vulnerable to revealing data through ‘BadRAM’ attack
AMD’s Secure Encrypted Virtualization (SEV), meant to protect processor memory from prying eyes in virtual machine (VM) ...
CSOonline1d
The 7 most in-demand cybersecurity skills today
Evolving IT strategies and emerging technologies and threats have organizations shuffling their cyber skills want lists, ...
CSOonline1d
Microsoft secretly stopped actors from snooping on your MFA codes
The issue could allow threat actors to brute force MFA authentication codes for Outlook, Teams, and Azure access with 50% ...
CSOonline1d
Salt Typhoon poses a serious supply chain risk to most organizations
The Salt Typhoon intrusion gives China a chance to exfiltrate massive amounts of data from most organizations, especially ...
CSOonline1d
Bug bounty programs can deliver significant benefits, but only if you’re ready
Bug bounty programs can be a big boon to software security and provide expanded vulnerability visibility, but they're not for ...