News

CSO Online1h
BadSuccessor: Unpatched Microsoft Active Directory attack enables domain takeover
Unprivileged users with permission to create objects inside an Active Directory organizational unit can abuse the new ...
CSO Online5h
Critical flaw in OpenPGP.js raises alarms for encrypted email services
The flaw, identified as CVE-2025-47934 and assigned a critical severity rating, was discovered by Edoardo Geraci and Thomas ...
CSO Online6h
Trust becomes an attack vector in the new campaign using trojanized KeePass
The attack’s success hinged on exploiting the assumed safety of open-source tools and the ease of impersonating legitimate ...
CSO Online12h
Threat intelligence platform buyer’s guide: Top vendors, selection advice
Threat intelligence platforms have evolved and became essential security defensive tools. Here is what you need to know ...
CSO Online8h
GitHub package limit put law firm in security bind
A cautionary tale of how a developer tool limit case could derail cybersecurity protections if not for quick thinking, public ...
CSO Online16h
CSO30 Australia Awards 2025: Nominations now open
Nominations are officially open for the 2025 CSO30 Australia Awards, celebrating the country’s most effective and inspiring ...
CSO Online16h
Poor DNS hygiene is leading to domain hijacking: Report
Threat actors continue to find ways of hijacking domains thanks to poor DNS record-keeping and misconfigurations by ...
CSO Online1d
You’ve already been targeted: Why patch management is mission-critical
Every day you delay a patch is a day attackers gain the upper hand. Proactive defense starts with closing the doors they ...
CSO Online1d
4 ways to safeguard CISO communications from legal liabilities
The SEC’s lawsuit against SolarWinds’ CISO highlights the legal liabilities CISOs can face when communicating. Here are four ...
CSO Online1d
Skitnet malware: The new ransomware favorite
The modular malware is tailor-made for ransomware as it features dedicated plugins for theft, encryption, and persistence.
CSO Online1d
Ethical hackers exploited zero-day vulnerabilities against popular OS, browsers, VMs and AI frameworks
During Pwn2Own hacking contest, participants were asked to compromise Microsoft Windows 11, Mozilla Firefox, VMware ...
CSO Online2d
A spoof antivirus makes Windows Defender disable security scans
In a proof-of-concept, a security researcher demonstrated how the Windows Security Center API can be used to block the scans ...