featureTop 5 security mistakes software developers makeAs attacks continue to plague cybersecurity leaders, CSO has compiled a list of common mistakes by software developers that can be prevented.By David Strom07 Nov 202410 minsDevSecOpsApplication Security feature Security associations CISOs should know aboutBy Rosalyn Page06 Nov 20249 minsCSO and CISOCareersIT Leadershipnews Cisco IoT wireless access points hit by severe command injection flawBy John E. Dunn07 Nov 20241 minWireless SecurityNetwork SecurityVulnerabilities newsMicrosoft Authenticator passkey support to be native in JanuaryBy Evan Schuman 05 Nov 20248 minsAuthenticationIdentity Management Solutions feature10 ways hackers will use machine learning to launch attacksBy Maria Korolov 05 Nov 202411 minsHackingMachine LearningCybercrime news analysisEnterprises look to AI to bridge cyber skills gap — but will still fall shortBy John Leyden 04 Nov 20248 minsBudgetIT SkillsIT Strategy featureCostly and struggling: the challenges of legacy SIEM solutionsBy Linda Rosencrance 04 Nov 20248 minsSecurity HardwareSecurity Information and Event Management SoftwareEndpoint Protection news24% of CISOs actively looking to leave their jobsBy Evan Schuman 05 Nov 20243 minsCSO and CISOCareers newsMan arrested in Canada allegedly linked to Snowflake data theftsBy Howard Solomon 05 Nov 20244 minsData BreachHacking More security newsnewsAndroxgh0st botnet integrates Mozi payloads to target IoT devicesThe malware has added exploits for more web applications and devices to its arsenal and some of them seem to be inherited from an older botnet called Mozi.By Lucian Constantin 08 Nov 2024 5 minsBotnetsThreat and Vulnerability ManagementVulnerabilitiesnewsUS consumer protection agency bans employee mobile calls amid Chinese hack fearsEmployees have been instructed to switch to secure platforms after a telecom infrastructure breach linked to China.By Gyana Swain 08 Nov 2024 4 minsHackingnewsThe US Department of Defense has finalized cyber rules for its suppliers Stringent requirements on DoD contractors to comply with existing protections are expected to take effect by the end of the yearBy John P. Mello Jr. 08 Nov 2024 5 minsRegulationAerospace and Defense IndustryGovernmentnewsBeware malicious NPM packages, Checkmarx warns‘Package confusion’ attack against NPM used to trick developers into downloading malwareBy John E. Dunn 07 Nov 2024 1 minApplication SecuritynewsInfostealers are using BYOVD to steal critical system dataKaspersky Labs claims to have blocked over 11k info-stealing attempts that used the BYOVD technique.By Shweta Sharma 07 Nov 2024 3 minsVulnerabilitiesSecuritynewsFive-country attack on cybercrooks welcomed by security expertArrest of 41 suspects more important than takedown of 22,000 malicious IP addresses, he argues.By Howard Solomon 06 Nov 2024 6 minsCybercrimeLegalnewsSchneider Electric suffers data breach, exposing critical project and user dataHackers have demanded $125,000 ransom in “baguettes” following Schneider’s third data breach in two years, spotlighting security concerns on the day the company appoints a new CEO.By Gyana Swain 06 Nov 2024 4 minsData BreachnewsWas your last DocuSign-ed bill legitimate? Check againA novel phishing campaign abuses DocuSign APIs to send fake invoices at scale.By Shweta Sharma 06 Nov 2024 2 minsPhishingAPIsnewsSource code alleged to be Nokia’s is for sale onlineIntelBroker says they obtained Nokia source code and other data from a third-party contractor; Nokia says it has found no signs of a breach.By Shweta Sharma 05 Nov 2024 3 minsData BreachSecuritynewsVMware’s AI query tool could be best for junior threat team members, say analystsIntelligent Assist will be released in Q1 next year to help SOC teams understand what's behind alerts, Broadcom announces.By Howard Solomon 05 Nov 2024 5 minsCloud SecurityData and Information SecuritynewsOkta’s ‘secure by design’ pledge suffers a buggy setbackOkta’s AD/LDAP authentication flaw allows an attacker to login without a password.By Shweta Sharma 05 Nov 2024 4 minsAuthenticationVulnerabilitiesSecuritynewsA new SharePoint vulnerability is already being exploitedMicrosoft SharePoint makes it simpler for enterprises to help employees discover documents on their internal network — but a recently exploited vulnerability is making easier for attackers to get inside the corporate network too.By Daniel Olszewski 04 Nov 2024 3 minsWindows SecurityVulnerabilitiesSecurity Show more Show less Explore a topic Application Security Artificial Intelligence Business Continuity Careers Cloud Security Compliance Critical Infrastructure Cybercrime Enterprise Buyer’s Guides Generative AI Identity and Access Management IT Leadership Network Security Physical Security View all topics All topics Close Application Security Artificial Intelligence Business Continuity Careers Cloud Security Compliance Critical Infrastructure Cybercrime Enterprise Buyer’s Guides Generative AI Identity and Access Management IT Leadership Network Security Physical Security Privacy Risk Management Popular topicsIT Leadership how-toDownload the AI in the Enterprise (for Real) SpotlightBy CIO.com and InfoWorld contributors 01 Nov 2024 1 minMachine LearningIT GovernanceIT Leadership opinionThe rise of the vCISO: From niche to necessity?By Dr. Mark Shmulevich 31 Oct 2024 6 minsCareersIT LeadershipSecurity featureSecurity priorities emphasize CISO role on the riseBy Esther Shein 23 Oct 2024 9 minsCSO and CISOIT StrategyIT Leadership View topic Generative AI newsSecuriti to help businesses build secure, compliant Gen AI with a new toolBy Shweta Sharma 29 Oct 2024 3 minsGenerative AISecurity SoftwareSecurity newsCISOs have to get on top of AI technologies, warns MicrosoftBy Howard Solomon 24 Oct 2024 9 minsCSO and CISOGenerative AI opinionBeyond ChatGPT: The rise of agentic AI and its implications for securityBy Stephen Kaufman 22 Oct 2024 16 minsGenerative AISecurity View topic Careers featureThe CSO guide to top security conferencesBy CSO Staff 31 Oct 2024 4 minsTechnology IndustryIT SkillsEvents news analysis77% of CISOs fear next big breach will get them firedBy Evan Schuman 28 Oct 2024 3 minsCSO and CISOData BreachIncident Response news analysisLow turnover leaves job-seeking CISOs with nowhere to goBy John Leyden 22 Oct 2024 5 minsCSO and CISOSalariesCareers View topic Upcoming Events14/Nov awardsCSO30 Awards ASEAN14 Nov 2024Singapore CSO and CISO 19/Nov in-person eventIDG Technology Symposium & Awards19 Nov 2024Marina Bay Sands Expo & Convention, Singapore CSO and CISO 21/Nov in-person event FutureIT New York: Building the Digital Business with Cloud, AI and Security21 Nov 2024New York, NY Digital TransformationIT Management View all events Hear from the Experts featureChief risk storyteller: How CISOs are developing yet another skillCybersecurity risks are critical to communicate, but CISOs are finding crafting a narrative that resonates requires more than technical expertise.By Rosalyn Page07 Oct 20249 mins CSO and CISORisk ManagementIT Leadership Show me moreLatestArticlesPodcastsVideos opinion Choosing AI: the 7 categories cybersecurity decision-makers need to understand By Christopher Whyte 08 Nov 202410 mins CSO and CISOSecurity PracticesSecurity Software brandpost Sponsored by Microsoft Security Why AI is the final missing piece of the CNAPP puzzle By Ron Matchoro, Head of Product, Microsoft Defender for Cloud – Data & AI Security 07 Nov 20245 mins Cloud Security feature DDoS attacks: Definition, examples, techniques, and how to defend them By Josh Fruhlinger and Lucian Constantin 07 Nov 202411 mins DDoSCyberattacks podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO podcast CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands 08 Jul 202418 mins CSO and CISO video CSO Executive Sessions: Open Source Institute’s Eric Nguyen on supply chain risks to critical infrastructure (Part 1) 04 Nov 202419 mins Supply ChainCritical InfrastructureSecurity video CSO Executive Sessions: Standard Chartered’s Alvaro Garrido on cybersecurity in the financial services industry 23 Oct 202410 mins Financial Services IndustrySecurity video CSO Executive Sessions: New World Development’s Dicky Wong on securing critical infrastructure 16 Oct 202412 mins Critical InfrastructureSecurity