CSO Online

CISOs: Align cyber risk communication with boardroom psychology

Your board doesn't care about your technical status updates; if you can't translate cyber threats into cold, hard business ...
CSO Online

Ten years later, has the GDPR fulfilled its purpose?

A decade after its adoption, experts and analysts weigh in on how this regulation has impacted the business landscape and ...
CSO Online

New malware turns Linux systems into P2P attack networks

Researchers found a Linux malware called QLNX that combines P2P networking, rootkits, PAM backdoors, and fileless execution ...
CSO Online

Iranian state-backed spies pose as ransomware slingers in false flag attacks

MuddyWater is muddying the waters of incident response with a ruse to cover data exfiltration and cyber-sabotage, according ...
CSO Online

US government agency to safety test frontier AI models before release

CAISI’s agreements with Google, Microsoft, and xAI preceded a report that the White House may be planning to create its own ...
CSO Online

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...
Opinion
CSO OnlineOpinion

Train like you fight: Why cyber operations teams need no-notice drills

Tabletop exercises are just paperwork; you need surprise drills to train your brain to stay calm and effective when a real incident actually hits the fan.
CSO Online

Poisoned truth: The quiet security threat inside enterprise AI

Enterprise AI systems can be corrupted through data poisoned by accident, adversaries, or bad hygiene. Most organizations ...
CSO Online

Edge browser leaves passwords exposed in plain text, says researcher

A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for ...
CSO Online

CISA pushes critical infrastructure operators to prepare to work in isolation

The new CI-Fortify initiative urges critical infrastructure operators to prepare for cyberattacks by ensuring they can ...
CSO Online

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A previously undocumented .NET trojan and its companion Pheno plugin allow attackers to capture mobile authentication codes ...
CSO Online

CISA mulls new three-day remediation deadline for critical flaws

Spooked by Claude Mythos, the agency is reportedly discussing slashing the current 14-day timeline for patching government ...