What countries are more or less at risk for cybercrime?
Views expressed in this cybersecurity-cybercrime update are those of the reporters and correspondents.
Accessed on 16 November 2021, 1302 UTC.
Content supplied by email subscription to “CSO Online.”
Please click link or scroll down to read your selections.
Some of the 14 vulnerabilities could result in remote code execution or denial of service attacks.
CMMC 2.0 simplifies the process for SMBs, but critics say the verification process relies too much on self-attestation.
The DOJ promises a whole of government approach to fighting ransomware groups no matter which country they operate from.
Passage of the infrastructure bill includes $1.9 billion for cybersecurity, and more could be on the way with the Build Back Better and other bills working their way through Congress.
Recently discovered vulnerabilities in Nagios servers could give attackers broad access to systems and data if exploited.
Graylog is consolidating SIEM and UEBA (anomaly detection and user entity behavior analytics) in its new security package for streamlined detection and elimination of enterprise security threats .
While the move is applauded, a short timeframe to address vulnerabilities will be a challenge for security resource-strapped agencies.
The criminals behind the Trojan have placed fully functional utilities that carry malicious code on the Google Play store in a way that evades detection.
Global enterprises with numerous subsidiaries are more exposed to cybersecurity threats and have more difficulty managing risk than companies with no or fewer subsidiaries, according to an Osterman Research report.
Of the 46 tasks President Biden mandated to protect digital government assets, 19 are now completed, though not all agencies have reported their progress.
Keep up with news of CSO, CISO, and other senior security executive appointments.
A new Microsoft advisory claims Russia’s Nobelium group is trying to gain long-term access to the technology supply chain and offers mitigation advice.
New research indicates that ransomware attack and payment claims are in decline as resiliency takes priority for organizations.
Researchers at Splunk outline a technique, pioneered by Salesforce, that could detect malicious activity in the software supply chain, but with some limitations.
New certification aims to validate knowledge of foundational cybersecurity concepts and best practices to address skills gap. Is another cybersecurity qualification the answer?
Researchers explain how they identified—or failed to identify—the threat actors behind three high-profile incidents and why attribution is so difficult.
The attackers used the exploit to deploy a new remote shell Trojan called MysterySnail.
Google’s initiative will offer security and compliance services to guide governments, critical infrastructure, enterprises, and small businesses through digital transformation.
SPONSORED BY AKAMAI
SPONSORED BY SOPHOS
SPONSORED BY FORTINET