CSO Online12h
Critical vulnerability in AMI MegaRAC BMC allows server takeover
AMI MegaRAC baseband management controller vulnerability enables attackers to bypass authentication on the Redfish API and ...
CSO Online13h
SpyCloud’s 2025 Identity Exposure Report Reveals the Scale and Hidden Risks of Digital Identity Threats
The average corporate user now has 146 stolen records linked to their identity, an average 12x increase from previous ...
CSO Online13h
About 22k WAB customers impacted by a zero-day attack on a third-party vendor
In letters to the affected customers, Western Alliance Bank said sensitive information including their financial account and ...
CSO Online19h
That breach cost HOW MUCH? How CISOs can talk effectively about a cyber incident’s toll
The painful duty of informing the C-suite or board how much an incident cost is critical to the CISO role, but a good ...
CSO Online1d
New research reveals security’s biggest AI challenges – and two potential solutions
A new survey of security leaders has revealed a stark contrast between AI expectations and realities – while enthusiasm for ...
CSO Online1d
Alphabet agrees to buy Israel’s Wiz, expanding its cloud security reach
Alphabet has agreed to acquire Israeli cybersecurity firm Wiz for $32 billion, a move that will significantly expand its ...
CSO Online1d
Tomcat PUT to active abuse as Apache deals with critical RCE flaw
Apache Software’s open-source web container for handling Java-based web applications, Tomcat, is under active attacks through ...
CSO Online1d
White House exempts cyber pros from mass layoffs; Judge reinstates CISA firings
Even as the Trump administration continues its campaign to fire government workers, a judge’s ruling and a White House plea ...
CSO Online1d
Attack time frames are shrinking rapidly. Here’s how cyber teams can cope.
With attackers spending far less time hidden in systems, organizations must break down security silos and increase cross-tool ...
CSO Online1d
Not all cuts are equal: Security budget choices disproportionately impact risk
Security leaders must fight proposed cuts by justifying return on investments and zeroing in on the risk narrative. A recent ...
CSO Online2d
GitHub accounts targeted with fake security alerts
In a new phishing campaign, GitHub developers are being targeted with fake “Security Alerts” where they are prompted to ...
CSO Online2d
FCC creates national security council to counter cyber threats from China
The new cross-agency initiative emerges months after the disbanding of previous cybersecurity advisory bodies.