CSO Online

The security leaders who turned their frustrations into companies

Former CISOs share their experience after successfully founding security companies. CSO spoke to Paul Hadjy, Joe Silva, Chris ...
CSO Online

Senate moves to restore lapsed cybersecurity laws after shutdown

The continuing resolution would extend CISA 2015 and the Federal Cybersecurity Enhancement Act, reinstating liability shields ...
CSO Online

Beyond silos: How DDI-AI integration is redefining cyber resilience

Blending DDI with AI lets your network see, think and fight back faster — closing gaps before attackers even get in.
CSO Online

North Korean hackers exploit Google’s safety tools for remote wipe

The campaign hijacked Google accounts to abuse Android’s Find Hub feature, remotely wiping victims’ phones while spreading ...
CSO Online

AI startups leak sensitive credentials on GitHub, exposing models and training data

Experts say the leaks highlight how fast-growing AI firms may be prioritizing innovation over basic DevSecOps hygiene, ...
CSO Online

November Patch Tuesday: Zero day Windows kernel flaw in servers, controllers, and PCs

Also of importance are a Kerberos vulnerability in Active Directory, a Visual Studio Copilot extension, and a Microsoft ...
CSO Online

Your passwordless future may never fully arrive

As a concept, passwordless authentication has all but been universally embraced. In practice, though, CISOs find it difficult ...
CSO Online

CISOs must prove the business value of cyber — the right metrics can help

CISOs still struggle to prove the value of their security programs using metrics that their business leaders so desperately ...
CSO Online

Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations

Encryption alone is no longer sufficient to protect privacy in LLM interactions, as metadata patterns can be exploited to ...
CSO Online

Researchers trick ChatGPT into prompt injecting itself

Tenable security researchers have discovered seven new ways to extract private data from chat histories, largely through ...
CSO Online

How GlassWorm wormed its way back into developers’ code — and what it says about open source security

Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode ...
CSO Online

Layered security: How SMBs can protect against sophisticated cyberthreats during the holiday season.

With one in three SMBs having been attacked in 2024, this holiday season is the ideal time to leverage the Windows 10 upgrade ...