Category: CSO Online
-
LogoFAIL attack can inject malware in the firmware of many computers
Researchers have devised an attack that exploits serious vulnerabilities in UEFI firmware used by many computer manufacturers to deploy stealthy rootkits that execute in the early stages of the boot-up process beyond the visibility of endpoint security products. The attack involves planting maliciously crafted images in a special partition on the drive or in non-protected…
-
Google expands minimum security guidelines for third-party vendors
Google has upgraded its recommended minimum requirements for securing third-party applications, offering more guidance on managing external bug researchers and lowering the costs for accessing basic security features by baking them into applications by design. Google launched its Minimum Viable Secure Product (MVSP) program in 2021 to identify fundamental application security controls that should be…
-
Attackers breach US government agencies through ColdFusion flaw
In a new advisory that shows why it’s critical to keep Adobe ColdFusion deployments up to date, the US Cybersecurity and Infrastructure Security Agency (CISA) warns that two federal agencies were breached by attackers in June through an unpatched vulnerability in the application server software. The attackers used their access to deploy web shells and…
-
BSIMM 14 finds rapid growth in automated security technology
Corporations are rapidly adopting automated security technology, which is further enabling the “shift everywhere” security philosophy, according to the latest Building Security in Maturity Model (BSIMM) report released Tuesday by Synopsis. BSIMM, now in its fourteenth year, is managed by Synopsis and based on interviews during a BSIMM assessment of 130 member companies, including Bank…
-
Almost 50% organizations plan to reduce cybersecurity headcounts: Survey
Even as the number of security incidents continues to grow in all sectors, 47% of the respondents plan to reduce their security headcounts, a new report by Observe has revealed. Remarkably, 62% of these organizations also reported a higher number of security incidents per month. The organizations planning to reduce cybersecurity headcount are also planning…
-
20 years of Patch Tuesday: it’s time to look outside the Windows when fixing vulnerabilities
For two decades we have been patching our Windows machines every second Tuesday of the month, devoting time and resources to testing and reviewing updates that are not generally rolled out until they have been validated and it is confirmed that they will do no damage. This may be a reasonable approach for key equipment…
-
What should be in a company-wide policy on low-code/no-code development
In the hands of professional coders, low-code development platforms can speed up development cycles. Meantime, business users can leverage no-code tools to empower themselves as citizen developers who can quickly create applications to automate tasks, connect existing applications together, or customize software to perform exactly as they need. All of this flexibility can come with…
-
Cisco unveils AI-powered assistants to level up security defenses
Cisco is making a bid to drive artificial intelligence (AI) deeper into its cloud security platform, launching a new feature, AI Assistant for Security, a cross-domain AI-driven assistant designed to help organizations of all sizes level up their defenses against the rising tide of threats. “With attacks getting more sophisticated and the attack surface getting…
-
How Microsoft and Amazon are expanding the fight against international tech support fraud
On October 19th of this year, India’s federal enforcement agency, the Central Bureau of Investigation (CBI), announced it had conducted multiple criminal raids against fraudulent call centers in various cities across India. This operation was supported by a joint referral from Microsoft and Amazon, which enabled the exchange of actionable intelligence between CBI and other…
-
Russia’s Fancy Bear launches mass credential collection campaigns
A threat group associated with the Russian military intelligence service was behind several mass attack campaigns that exploited known flaws in Outlook and WinRAR to collect Windows NTLM credential hashes from organizations in Europe and North America. The high volume of emails is unusual for cyberespionage groups, which are typically highly targeted in their victim…
-
Addressing vulnerabilities in OT environments requires a Zero Trust approach
Cyberattacks on operational technology (OT) systems are rapidly rising. In fact, manufacturing was one of the sectors most impacted by extortion attacks last year, according to Palo Alto Networks Unit 42, as reported in the 2023 Unit 42 Extortion and Ransomware Report. Attacks against OT systems can have a significant impact, including physical consequences such…
-
Deepfakes emerge as a top security threat ahead of the 2024 US election
The United States is heading into a crucial election year, with a high-stakes presidential election that could determine the republic’s fate for decades. In addition, all 435 seats in the United States House of Representatives, 34 Senate seats, and 13 governorships are up for grabs, along with thousands of local government elections. While official sources…