CSO Online

10 promising cybersecurity startups CISOs should know about

From NHI security to deepfake detection and securing the agentic enterprise, these startups have the products, pedigree, ...
CSO Online

Office sandbox file security to disappear from enterprise Windows by late 2027, Microsoft confirms

Microsoft Defender Application Guard’s Hyper-V malicious detection is being abandoned in favor of a faster rules-based design ...
CSO Online

Russian APT abuses Windows Hyper-V for persistence and malware execution

Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive ...
CSO Online

WordPress plugin hole enables account takeover

What makes this now-patched plugin hole especially dangerous is the lack of authentication needed for an attack, which can ...
CSO Online

Google researchers detect first operational use of LLMs in active malware campaigns

Google’s Threat Intelligence Group reports that new malware strains use LLMs mid-execution to generate, rewrite, and ...
CSO Online

Crowdstrike cybersecurity report highlights a spike in physical attacks on privileged users

Will CISOs now have to plan defenses for attackers with guns and knives? Said one consultant: “It is giving new meaning to ...
CSO Online

Modern supply-chain attacks and their real-world impact

Supply-chain attacks have evolved considerably in the las two years going from dependency confusion or stolen SSL among ...
CSO Online

Louvre delayed Windows security updates ahead of burglary

Thieves broke in through a second-floor window, but the museum has had other problems with unsecured Windows too, according ...
CSO Online

Cybersecurity experts charged with running BlackCat ransomware operation

Two professionals tasked with defending against ransomware attacks allegedly deployed ALPHV malware against US companies, ...
CSO Online

New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations

Microsoft uncovers a months-long campaign where threat actors used OpenAI’s legitimate API as a covert command-and-control ...
CSO Online

Gen AI success requires an AI champions network

To ensure generative AI competency and use becomes pervasive across the enterprise, CISOs and their colleagues must establish ...
CSO Online

How crooks use IT to enable cargo theft

In the old days, crooks followed transport trucks and hijacked them. Today they use phishing, vishing and identity theft to find and divert valuable cargo via logistics systems. It’s a challenge for ...