CSOonline1d
CISA, FBI urge developers to patch path traversal bugs before shipping
The advisory highlights how developers can follow best practices to fix these vulnerabilities during production.
CSOonline2d
Biden delivers updated take on security for critical infrastructure
Building on previous efforts, the Biden administration's new National Security Memorandum reflects a more modern approach to ...
CSOonline2d
Dropbox Sign hack exposed user data, raises security concerns for e-sign industry
The names and email addresses of those customers were also exposed who had never created an account with Dropbox Sign but had ...
CSOonline2d
UnitedHealth hack may impact a third of US citizens: CEO testimony
Despite paying a $22 million ransom in Bitcoin to regain access to encrypted files, the company cannot confirm whether copies ...
CSOonline3d
5 key takeways from Verizon’s 2024 Data Breach Investigations Report
The rapid of exploitation of zero-day vulnerabilities, such as MOVEit, and the effectiveness of ransomware attacks are two of ...
CSOonline4d
UnitedHealth hackers exploited Citrix vulnerabilities, CEO to testify
In the written testimony before the House Energy and Commerce Committee, CEO Andrew Witty said after gaining access, the ...
CSOonline2d
NIST publishes new guides on AI risk for developers and CISOs
Companion publications to NIST’s AI Risk Management Framework explore a long worry list in more detail and are likely to ...
CSOonline4d
Chinese threat actor engaged in multi-year DNS resolver probing effort
The unusual and persistent probing activity over the span of multiple years should be a reminder to organizations to identify ...
CSOonline4d
Marriott admits it falsely claimed for five years it was using encryption during 2018 breach
Marriot revealed in a court case around a massive 2018 data breach that it had been using secure hash algorithm 1 and not the ...
CSOonline2d
Most interesting products to see at RSAC 2024
Themed the Art of Possible, the 2024 RSA Conference takes place between 6 and 9 of May and will offer insights into the ...
CSOonline4d
Securiti adds distributed LLM firewalls to secure genAI applications
The new offering is aimed at protecting against prompt injection, data leakage, and training data poisoning in LLM systems.
CSOonline3d
3 Windows vulnerabilities that may not be worth patching
Some vulnerabilities eat up a security team’s time and resources yet provide little or nothing in the way of true protection.