How much to clean up a ransomware infection? For Rackspace, about $11M
And that's not counting the incoming lawsuits. Thank goodness for insurance, eh?
CSO16 Nov 2023 | 7
CSO
Clorox CISO flushes self after multimillion-dollar cyberattack
Plus: Ransomware crooks file SEC complaint against victim
CSO16 Nov 2023 | 23
NCSC says cyber-readiness of UK’s critical infrastructure isn’t up to scratch
And the world's getting more and more dangerous
CSO14 Nov 2023 | 16
HTTP/2 'Rapid Reset' zero-day exploited in biggest DDoS deluge seen yet
Botnet storm drowned last record with 398 million requests per second
CSO10 Oct 2023 | 13
Red Cross lays down hacktivism law as Ukraine war rages on
Rules apply to cyber vigilantes and their home nations, but experts cast doubt over potential benefits
CSO04 Oct 2023 | 4
Chinese snoops stole 60K State Department emails in that Microsoft email heist
No classified systems involved apparently, but internal diplomatic notes, travel details, staff SSNs, etc
CSO28 Sep 2023 | 4
Good news for Key Group ransomware victims: Free decryptor out now
That's what we call a static shock
CSO31 Aug 2023 | 5
Barracuda gateway attacks: How Chinese snoops keep a grip on victims' networks
Backdoors detailed, plus CISA releases more IOCs for IT depts to check
CSO30 Aug 2023 |
University cuts itself off from internet after mystery security snafu
Updated Halls of learning are stuck offline, but go Wolverines!
CSO29 Aug 2023 | 21
Malware loader lowdown: The big 3 responsible for 80% of attacks so far this year
Top of the list to trip sensors
CSO28 Aug 2023 | 6
Russia's Cozy Bear is back and hitting Microsoft Teams to phish top targets
Plus: Tenable CEO blasts Redmond's bug disclosure habits
CSO03 Aug 2023 | 8
What would sustainable security even look like?
Opinion Clue: Nothing like what’s on offer today
CSO31 Jul 2023 | 40
Florida man accused of hoarding America's secrets faces fresh charges
Mar-a-Lago IT director told 'the boss wanted the server deleted'
CSO29 Jul 2023 | 147
Millions of people's data stolen because web devs forget to check access perms
IDORs of the storm
CSO29 Jul 2023 | 40
Crooks pwned your servers? You've got four days to tell us, SEC tells public companies
Cripes, they actually sound serious
CSO26 Jul 2023 | 29
AMD Zenbleed chip bug leaks secrets fast and easy
Zen 2 flaw more simple than Spectre, exploit code already out there – get patching when you can
CSO24 Jul 2023 | 64
Stolen Microsoft key may have opened up a lot more than US govt email inboxes
How does the Azure giant come back from this?
CSO21 Jul 2023 | 56
VirusTotal: We're sorry someone fat-fingered and exposed 5,600 users
File under PEBCAK
CSO21 Jul 2023 | 19
Chinese balloon that US shot down was 'crammed' with American hardware
Blasted from the sky in February, device never transmitted photos, videos, or radar data it collected, officials say
CSO29 Jun 2023 | 75
Ex-FBI employee jailed for taking classified material home
Infosec in brief Also: a PII harvest at Dole's server farm, military members mailed mystery smartwatches, and this week's critical vulns
CSO26 Jun 2023 | 55
JP Morgan accidentally deletes evidence in multi-million record retention screwup
Fined $4m for Who-Me-esque mess, for which it blames unnamed archiving vendor's retention settings
CSO26 Jun 2023 | 56
UK cyberspies warn ransomware crews targeting law firms
Nation states will use you to get to your friends, says NCSC
CSO23 Jun 2023 | 8
To kill BlackLotus malware, patching is a good start, but...
...that alone 'could provide a false sense of security,' NSA warns in this handy free guide for orgs
CSO22 Jun 2023 | 4
FTC accuses DNA testing company of lying about dumping samples
1Health must strengthen protections for genetic information as part of settlement
CSO21 Jun 2023 | 4
US government hit by Russia's Clop in MOVEit mass attack
CISA chief tells us exploitation 'largely opportunistic', not on same level of SolarWinds
CSO15 Jun 2023 | 7
Chinese spies blamed for data-harvesting raids on Barracuda email gateways
Snoops 'aggressively targeted' specific govt, academic accounts
CSO15 Jun 2023 | 2
LockBit victims in the US alone paid over $90m in ransoms since 2020
As America, UK, Canada, Australia and friends share essential bible to detect and thwart infections
CSO14 Jun 2023 | 2
Clop ransomware crew sets June extortion deadline for MOVEit victims
Plus: The Feds weigh in with advice, details
CSO07 Jun 2023 | 2
US govt now bans TikTok from contractors' work gear
BYODALAINGTI (as long as it's not got TikTok installed)
CSO06 Jun 2023 | 11
SEC drops 42 cases after staff bungle data protection
Corporate watchdog fouled its info-separation regime, let the wrong people read sensitive docs
CSO06 Jun 2023 | 2
Microsoft stashes nearly half a billion in case LinkedIn data drama hits
Irish regulators sniffing around Facebook-for-suits subsidiary have threatened fine
CSO02 Jun 2023 | 12
90+ orgs tell Slack to stop slacking when it comes to full encryption
Protests planned for Wednesday in San Francisco and Denver
CSO30 May 2023 | 8
Microsoft decides it will be the one to choose which secure login method you use
Certificate-based authentication comes first and phones last
CSO18 May 2023 | 55
'Strictly limit' remote desktop – unless you like catching BianLian ransomware
Do it or don't. We're not cops. But the FBI are, and they have this to say
CSO17 May 2023 | 33
Don't panic. Google offering scary .zip and .mov domains is not the end of the world
Comment Did we forget about .pl, .sh and oh yeah, .com ?
CSO17 May 2023 | 80
No more macros? No problem, say miscreants, we'll adapt
Microsoft blocking 'net scripts sparked 'monumental shift' in attacks
CSO15 May 2023 | 10
Sonatype axes 14 percent of staff, reminds them not to talk to the press
Exclusive Workers slam 'horrendous' handling of layoffs that left even 'engineering managers in the dark'
CSO10 May 2023 | 41
Modern Auth comes to on-prem Exchange Server gear
Guess this'll have to do while we wait for *checks notes* ES 2025
CSO08 May 2023 | 2
Dump these insecure phone adapters because we're not fixing them, says Cisco
Security hole ranks 9.8 out of 10 in severity, 0 out of 10 in patch availability
CSO05 May 2023 | 90
Insurers can't use 'act of war' excuse to avoid Merck's $1.4B NotPetya payout
'The get-out-of-jail-free card option has been removed' as one expert put it
CSO03 May 2023 | 37
Microsoft is busy rewriting core Windows code in memory-safe Rust
Now that's a C change we can back
CSO27 Apr 2023 | 115
That 3CX supply chain attack keeps getting worse: Other vendors hit
In Brief Also, Finland sentences CEO of breach company to prison (kind of), and this week's laundry list of critical vulns
CSO24 Apr 2023 | 9
Microsoft pushes for more women in cybersecurity
Redmond tops industry average, still got a way to go
CSO21 Apr 2023 | 14
Russian snoops just love invading unpatched Cisco gear, America and UK warn
Spying on foreign targets? That's our job!
CSO18 Apr 2023 | 7
Compatibility mess breaks not one but two Windows password tools
Windows LAPS and legacy LAPS don't play nicely under certain conditions, Microsoft says
CSO14 Apr 2023 | 6
While Twitter wants to sell its verification, Microsoft will do it for free on LinkedIn
Redmond expands a digital ID process for its platform as Musk seeks cash for blue check marks
CSO14 Apr 2023 | 23
US cyber chiefs warn AI will help crooks, China develop nastier cyberattacks faster
It's not all doom and gloom because ML also amplifies defensive efforts, probably
CSO12 Apr 2023 | 15
Azure admins warned to disable shared key access as backdoor attack detailed
The default is that sharing is caring as Redmond admits: 'These permissions could be abused'
CSO11 Apr 2023 | 10
CISA unleashes Untitled Goose Tool to honk at danger in Microsoft's cloud
Not a headline we expected to write today
CSO24 Mar 2023 | 11
Critical infrastructure gear is full of flaws, but hey, at least it's certified
Security researchers find bugs, big and small, in every industrial box probed
CSO23 Mar 2023 | 20
You just gonna take that AWS? Let Microsoft school your users on cloud security?
And Google Cloud is next
CSO21 Mar 2023 | 3
UK refreshes national security plan to stop more of China's secret-stealing cyber-tricks
A threat that needs two orgs to tackle it: the 'Integrated Security Fund' and the 'National Protective Security Authority'
CSO14 Mar 2023 | 42
What happens if you 'cover up' a ransomware infection? For Blackbaud, a $3m charge
File under cost of doing business
CSO10 Mar 2023 | 9
CI/CD: Necessary for modern software development, yet it carries a lot of risk
SCSW With great speed comes great insecurity
CSO02 Mar 2023 | 10
Feeling VEXed by software supply chain security? You’re not alone
SCSW Chainguard CEO explains how to secure code given crims know to poison it at the source
CSO28 Feb 2023 |
Google destroyed evidence for antitrust battle, Feds complain
rm -rf'ing staff chat logs can't go unpunished, says Uncle Sam
CSO24 Feb 2023 | 33
European Commission bans TikTok from staff gadgets
Cyber Europe cyber worried about cyber threats, doesn't cyber use the other C word (China)
CSO24 Feb 2023 | 23
Trust, not tech, is holding back a safer internet
Opinion Excuse me, citizen, did you packet this data yourself?
CSO06 Feb 2023 | 60
Months after NSA disclosed Microsoft cert bug, datacenters remain unpatched
You know when we all said quit using MD5? We really meant it
CSO26 Jan 2023 | 3
Miscreants sure do love ransacking cloud networks, more so than before
Thanks for putting all your data in one basket
CSO20 Jan 2023 | 9
Biting the hand that feeds IT
