CSOonline1d
SAP systems increasingly targeted by cyber attackers
Long viewed as an opaque black box, attackers are increasingly focused upon hacking into enterprise systems from SAP, ...
CSOonline2d
PUMA creeps through Linux with a stealthy rootkit attack
The multi-stage rootkit targets Linux systems, using advanced stealth techniques to escalate privileges and avoid detection.
CSOonline2d
Attackers exploit zero-day RCE flaw in Cleo managed file transfer
The exploit takes advantage of a known file upload vulnerability that was not efficiently patched and can still be exploited ...
CSOonline3d
A security ‘hole’ in Krispy Kreme Doughnuts helped hackers take a bite
In the filing, Krispy Kreme confirmed that the incident has and will continue to have material impact until a full recovery ...
CSOonline3d
The 7 most in-demand cybersecurity skills today
Evolving IT strategies and emerging technologies and threats have organizations shuffling their cyber skills want lists, ...
CSOonline2d
KeyTrap DNSSEC: The day the internet (almost) stood still
Black Hat conference attendees heard a post-mortem on the KeyTrap DNSSEC vulnerability, which could have widely impacted ...
CSOonline2d
Europol shutters 27 DDoS sites in major crackdown
Furthermore, 27 booter and stresser sites have been shut down, including zdstresser.net, orbitalstress.net, and starkstresser ...
CSOonline5d
Bug bounty programs: Why companies need them now more than ever
While not all organizations are able to post million-dollar bounties, the financial incentive is just one aspect and ethical ...
CSOonline3d
Bug bounty programs can deliver significant benefits, but only if you’re ready
Bug bounty programs can be a big boon to software security and provide expanded vulnerability visibility, but they're not for ...
CSOonline3d
US sanctions Chinese cybersecurity firm over global malware campaign
The US government has imposed sanctions on Chinese cybersecurity firm Sichuan Silence Information Technology and one of its ...
CSOonline3d
AMD data center chips vulnerable to revealing data through ‘BadRAM’ attack
AMD’s Secure Encrypted Virtualization (SEV), meant to protect processor memory from prying eyes in virtual machine (VM) ...
CSOonline2d
Microsoft Windows ‘Best Fit’ character conversion ‘ripe for exploitation’
Security researchers warn that the Windows ANSI API contains a hidden trap that could lead to arbitrary code execution — a ...