CSO Online

Threat actors are spreading malicious extensions via VS marketplaces

There isn’t a consistent threat model for extension marketplaces yet, McCarthy said, making it difficult for any platform to ...
CSO Online

Network security devices endanger orgs with ’90s era flaws

Built to defend enterprise networks, network edge security devices are becoming liabilities, with an alarming rise in ...
CSO Online

Foreign hackers breached a US nuclear weapons plant via SharePoint flaws

A foreign actor infiltrated the National Nuclear Security Administration’s Kansas City National Security Campus through ...
CSO Online

US NSA alleged to have launched a cyber attack on a Chinese agency

WeChat posting says attack was on agency that sets time for critical infrastructure providers; there’s no public evidence of ...
CSO Online

Government considered destroying its data hub after decade-long intrusion

A Chinese-sponsored cyber attack was so damaging that it was briefly proposed that an entire data hub be destroyed, according ...
CSO Online

North Korean threat actors turn blockchains into malware delivery servers

EtherHiding’: Nation-state and cybercriminal groups are leveraging smart contracts as command-and-control servers for ...
CSO Online

Critical ASP.NET core vulnerability earns Microsoft’s highest-ever severity score

The Kestrel web server flaw allows request smuggling attacks, but the actual risk depends on the application code and ...
CSO Online

‘Zero Disco’ campaign hits legacy Cisco switches with fileless rootkit payloads

Researchers warn of fileless payloads, memory hooks, and a UDP-based C2 controller that complicate detection and remediation.
CSO Online

CISOs face quantum leap in prioritizing quantum resilience

Industry progress toward post-quantum cryptography (PQC) remains slow due to uneven prioritization and budget constraints in ...
CSO Online

CISOs brace for an “AI vs. AI” fight

AI-enabled attacks are among the top concerns for security leaders. In response they are arming their teams with AI-enabled ...
CSO Online

The expanding CISO role: From security operator to enterprise risk strategist

Security leaders are taking on bigger roles, adding new responsibilities, and gaining influence across the business, new ...