featureWant to know how the bad guys attack AI systems? MITRE’S ATLAS can show youMITRE’s ATLAS threat landscape knowledge base for artificial intelligence is a comprehensive guide to the tactics and processes bad actors use to compromise and exploit AI systems.By Chris Hughes20 Sep 202412 minsHackingThreat and Vulnerability ManagementMachine Learning feature What is pretexting? Definition, examples, and attacksBy Josh Fruhlinger20 Sep 202410 minsPhishingSocial EngineeringSecuritynews Reveal of Chinese-controlled botnet is another warning to CISOs to keep up with asset and patch managementBy Howard Solomon19 Sep 20246 minsBotnetsThreat and Vulnerability ManagementVulnerabilities newsMicrosoft warns of ransomware attacks on US healthcareBy Shweta Sharma 19 Sep 20243 minsRansomware news analysisCompanies skip security hardening in rush to adopt AIBy Lucian Constantin 19 Sep 20247 minsCloud SecurityData and Information Security news analysisDeepfakes break through as business threatBy Grant Gross 19 Sep 20245 minsSocial Engineering interviewDo boards understand their new role in cybersecurity?By Martha Heller 18 Sep 20246 minsIT Leadership opinionHow cybersecurity red teams can boost backup protectionsBy W. Curtis Preston 18 Sep 20241 minSecurity newsAustralian cops bust underworld app through compromised software updatesBy Shweta Sharma 18 Sep 20244 minsHackingCybercrime More security newsnewsMicrosoft fixes Authenticator design flaw after eight years overwriting accountsMicrosoft on Tuesday confirmed it has finally fixed a vexing glitch that locked Authenticator users out of their accounts — something just about every other authenticator app has avoided since inception.By Evan Schuman 17 Sep 2024 5 minsAuthenticationnewsWarning to ServiceNow admins: Block publicly available KB articlesAppOmni finds thousands of articles containing sensitive information are open to the internet.By Howard Solomon 17 Sep 2024 6 minsData PrivacyConfiguration ManagementSecurity PracticesnewsMicrosoft re-categorizes fixed Trident bug as zero dayVoid Banshee exploited the Windows MSHTML bug in conjunction with another Microsoft zero day for info-stealing attacks.By Shweta Sharma 17 Sep 2024 3 minsZero-day vulnerabilitynews analysisEuropean digital identity: this is how the EU’s big bet is evolvingThe entry into force of the eIDAS2 Regulation, which promotes European digital identity, has set the clocks ticking for administrations and companies to propose their systems and thus facilitate interoperability for citizens — but there are challenges ahead.By María Ramos Domínguez 17 Sep 2024 7 minsIdentity Management Solutionsnews analysisRansomware whistleblower: Columbus could have avoided its mistakesSurprised by the City of Columbus’ effort to gag him, cybersecurity expert Connor Goodwolf believes city leaders could have avoided embarrassment in the wake of a ransomware attack if they had talked to him. Here, Goodwolf and cyber and legal experts weigh in on the high-profile incident gone awry.By Cynthia Brumfield 17 Sep 2024 14 minsGovernment ITRansomwarenewsMicrosoft summit plots end of kernel access for EDR security clientsAfter years of stalling, the CrowdStrike incident has spurred Microsoft engineers to grasp the nettle. By John E. Dunn 16 Sep 2024 6 minsWindows SecurityEndpoint ProtectionnewsPort of Seattle says August cyberattack was Rhysida ransomwareThe port authority refused ransom demands and is now warning of a possible data leak.By Shweta Sharma 16 Sep 2024 3 minsData BreachRansomwareTransportation and Logistics IndustrynewsNewly patched Ivanti CSA flaw under active exploitationThe Cloud Service Appliance command injection vulnerability — patched as part of the final update for end-of-life CSA version 4.6 — has been attacked in the wild, Ivanti confirms.By Lucian Constantin 13 Sep 2024 4 minsVulnerabilitiesnewsNew cryptomining campaign infects WebLogic servers with Hadooken malwareThe Hadooken backdoor affecting the popular Java app server carries a cryptomining program and links to ransomware.By Lucian Constantin 13 Sep 2024 4 minsAdvanced Persistent ThreatsHackingThreat and Vulnerability ManagementnewsFortinet confirms breach that likely leaked 440GB of customer dataThe cybersecurity company said a threat actor had unauthorized access to files on a third-party cloud-shared drive.By Shweta Sharma 13 Sep 2024 3 minsData BreachRansomwarenewsMastercard acquires Recorded Future: How will threat intelligence transform the payments industry?The significance of the acquisition lies in Recorded Future’s ability to provide real-time intelligence and parse vast amounts of data from across the web — including the dark web.By Taryn Plumb 12 Sep 2024 6 minsThreat and Vulnerability ManagementRisk ManagementnewsToo many companies use non-enterprise grade remote access tools in their OT networks, says ClarotySurvey numbers aren’t surprising, according to Gartner expert, who says CISOs should work more closely with the OT side.By Howard Solomon 12 Sep 2024 6 minsNetwork SecuritySecurity Practices Show more Show less Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Popular topicsCybercrime featureTop 10 ransomware groups to watchBy Lucian Constantin 16 Sep 2024 12 minsRansomwareEncryptionCybercrime analysisThe 18 biggest data breaches of the 21st centuryBy Michael Hill, Dan Swinhoe and John Leyden 12 Sep 2024 18 minsData BreachPhishingRSA Conference newsThe US offers a $2.5M bounty for the arrest of Angler Exploit Kit co-distributorBy Shweta Sharma 29 Aug 2024 3 minsHackingCybercrime View topic Careers featureWhat’s next after the CISO role?By Rosalyn Page 09 Sep 2024 10 minsCSO and CISOCareersIT Leadership feature12 hottest IT security certs for higher pay todayBy Eric Frank 04 Sep 2024 14 minsCertificationsIT SkillsCareers featureWomen in Cyber Day finds those it celebrates ‘leaving in droves’By Howard Solomon 30 Aug 2024 8 minsCareersIT Leadership View topic IT Leadership featureCybersecurity vet Madison Horn makes her bid for US CongressBy Christine Wong 18 Sep 2024 8 minsCSO and CISOGovernmentIT Leadership featureImmediate threats or long-term security? Deciding where to focus is the modern CISO’s dilemmaBy Linda Rosencrance 11 Sep 2024 8 minsCSO and CISOSecurity PracticesIT Leadership featureWant to get ahead? Four activities that can enable a more proactive security regimeBy Mary K. 10 Sep 2024 12 minsCSO and CISOSecurity PracticesIT Leadership View topic In depth featureHow cybersecurity roles are changing and what to look for when hiringAI, automation, and the increasing need for cybersecurity professionals with good soft skills are some of the things to look out for when hiring the next incident responder, GRC specialist, and SOC analyst.By Aimee Chanthadavong19 Dec 20239 mins CSO and CISOCareers Read the Article Podcasts podcastsCSO Executive Sessions: IndiaHost Qiraat Attar, content strategist for Foundry India, interviews top chief information security officers throughout India to discuss current security threats, critical IT projects, security skills and careers, and much more.5 episodesApplication SecurityCloud Security Ep. 05 CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO Ep. 04 CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands 08 Jul 202418 mins CSO and CISO Show me moreLatestArticlesPodcastsVideos brandpost Sponsored by Fortinet Need better network performance? Adopt better secure networking strategies By Chris Hinsz 19 Sep 20245 mins Security brandpost Sponsored by Cyber NewsWire SpyCloud Unveils Massive Scale of Identity Exposure Due to Infostealers, Highlighting Need for Advanced Cybersecurity Measures By Cyber NewsWire – Paid Press Release 18 Sep 20246 mins CyberattacksSecurity feature Personhood: Cybersecurity’s next great authentication battle as AI improves By Evan Schuman 18 Sep 20248 mins AuthenticationIdentity Management Solutions podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO podcast CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands 08 Jul 202418 mins CSO and CISO video CSO Executive Sessions: DocDoc’s Rubaiyyaat Aakbar on security technology 12 Sep 202419 mins Healthcare IndustryArtificial IntelligenceSecurity video CSO Executive Sessions: Hong Kong Baptist University’s Allan Wong on security leadership 05 Sep 202410 mins Education IndustryIT Leadership video CSO Executive Sessions: EDOTCO’s Mohammad Firdaus Juhari on safeguarding critical infrastructure in the telecommunications industry 05 Sep 202411 mins Telecommunications IndustryCritical InfrastructureSecurity