Latest articles for CSO magazine

Ashley Madison still a top lure for scammers and crooks

Ashley Madison still a top lure for scammers and crooks

The Ashley Madison breach has been a Christmas-in-August present for spammers and scammers of all kinds, and your company could be the next target.Here are…

Court: FTC can take action on corporate data breaches

Court: FTC can take action on corporate data breaches

The US Court of Appeals has ruled that the FTC mandate to protect consumers against fraudulent, deceptive and unfair business practices extends to oversight of…

Study: 81% of large health care organizations breached

Study: 81% of large health care organizations breached

In the past two years, 81 percent of hospitals and health insurance companies have had a data breach, according to a report released by KPMG.”These…

Intel: Criminals getting better at data exfiltration

Intel: Criminals getting better at data exfiltration

Enterprises tend to be highly focused on keeping attackers out of their systems, but most of the actual damage happens not when the bad guys…

The Web’s ten most dangerous neighborhoods

The Web’s ten most dangerous neighborhoods

Wouldn’t it be convenient if all the spam and malware sites were all grouped together under one top-level domain — .evil, say — so that…

CSO burnout biggest factor in infosec talent shortage

CSO burnout biggest factor in infosec talent shortage

The real cause of the talent shortage in the information security field isn’t a lack of new people entering the profession, but retention and churn…

Amazon dumps Flash, and the Web is better off

Amazon dumps Flash, and the Web is better off

Amazon will stop accepting Flash ads on its advertising network on Tuesday, and it will help make the entire Web more secure, security experts say.According…

Phishing is a $3.7-million annual cost for average large company

Phishing is a $3.7-million annual cost for average large company

The average 10,000-employee company spends $3.7 million a year dealing with phishing attacks, according to a new report from the Ponemon Institute.The report, which surveyed…

Most corporate risk due to just 1% of employees

Most corporate risk due to just 1% of employees

Just 1 percent of employees are responsible for 75 percent of cloud-related enterprise security risk, and companies can dramatically reduce their exposure at very little…

LG phones most exposed to new Certifi-gate vulnerability

LG phones most exposed to new Certifi-gate vulnerability

More than 70 percent of Android phones from LG have a plugin installed that exposes them to the Certifi-gate remote support app vulnerability, where a…

Fraud rate doubles as cybercriminals create new accounts in users’ name

Fraud rate doubles as cybercriminals create new accounts in users’ name

To get more value out of stolen personal information, cybercriminals doubled their rate of account creation fraud this summer, according to a report report from…

Virtualization doubles the cost of security breach

Virtualization doubles the cost of security breach

When a security incident involves virtual machines in either a public or private cloud environment, the recovery costs double compared to that of a traditional…

Tips for protecting your business against cyber extortion

Tips for protecting your business against cyber extortion

CrytoLocker is malware cyber criminals use to encrypt the contents of a computer until users pay up.But that’s only one type of cyber extortion, according…

DRM could be making a comeback in the enterprise

DRM could be making a comeback in the enterprise

Digital rights management might be coming back to the enterprise, experts say, as long as usability issues don’t get in the way.You might remember the…

Report: ISIS-related cyber war reaches Alabama

Report: ISIS-related cyber war reaches Alabama

The war against Islamic State has resulted in a cyber attack on US soil, and other such attacks are likely, according to a new report…

DDoS attacks double as criminals leverage home routers, WordPress plugins

DDoS attacks double as criminals leverage home routers, WordPress plugins

The number of distributed denial-of-service attacks in the second quarter of this year was more than double that of last year, according to a new…

CISOs facing boards need better business, communication skills

CISOs facing boards need better business, communication skills

As information security becomes a more important topic of interest for corporate boards, CISOs are increasingly asked to step up and brief boards on cyber…

dummy-img

New IP address blacklist based on Web chatter

Traditionally, blacklists of malicious IP addresses are assembled using honeypots and intrusion detection systems but a new approach, analyzing chatter on the dark and open…

Darkhotel expands targets, ups sophistication, leverages Hacking Team exploit

Darkhotel expands targets, ups sophistication, leverages Hacking Team exploit

Darkhotel — the elite spying group discovered luxury hotels’ Wi-Fi networks last year — is back with new targets, new defensive capabilities, and a new…

Darkhotel expands targets, ups sophistication, leverages Hacking Team exploit

Darkhotel expands targets, ups sophistication, leverages Hacking Team exploit

Darkhotel — the elite spying group discovered luxury hotels’ Wi-Fi networks last year — is back with new targets, new defensive capabilities, and a new…

Report: IoT is the next frontier for ransomware

Report: IoT is the next frontier for ransomware

LAS VEGAS — The growth of the Internet of Things will offer new ransomware opportunities for cybercriminals, according to a report released Thursday by Symantec.Researchers…

GameOver ZeuS criminals spied on Turkey, Georgia, Ukraine and OPEC

GameOver ZeuS criminals spied on Turkey, Georgia, Ukraine and OPEC

The criminals behind the GameOver ZeuS Botnet didn’t just steal $100 million from banks — they also spied on several countries on behalf of Russia,…

Terracotta VPN hijacks servers for commercial gain

Terracotta VPN hijacks servers for commercial gain

LAS VEGAS  –  The Terracotta commercial VPN, marketed in China under a number of different brand names, uses hacked servers to power its network and…

T-Mobile caught in crossfire of injected ad war with Flash Networks

T-Mobile caught in crossfire of injected ad war with Flash Networks

LAS VEGAS –  An ongoing conflict between website owners and ad injectors who place unwanted ads on those websites has just flared up into full-blown…

T-Mobile caught in crossfire of war over injected ads

T-Mobile caught in crossfire of war over injected ads

UPDATE: Flash Networks comments have been added to the original story.LAS VEGAS –  An ongoing conflict between website owners and ad injectors who place unwanted…

Neiman Marcus case a reminder to check your cyber coverage

Neiman Marcus case a reminder to check your cyber coverage

In a decision that should send major corporations to double-check their cyberinsurance, a federal appeals court ruled Monday that retail customers could go ahead and…

Banks balance security and workflow when encrypting in the cloud

Banks balance security and workflow when encrypting in the cloud

When financial institutions store data in the cloud, they use different kinds of encryption depending on security and workflow requirements, according to a new report…

Accuvant researchers to release open source RFID access tool

Accuvant researchers to release open source RFID access tool

Security researchers have long known about the vulnerabilities of the RFID readers that many buildings use instead of door locks, but facilities managers have been…

Google Drive phishing is back — with obfuscation

Google Drive phishing is back — with obfuscation

If you have a Google account and a stranger sends you a link to a document on Google Drive, think twice before clicking — it…

Stagefright vulnerability allows criminals to send malware by text

Stagefright vulnerability allows criminals to send malware by text

Vulnerabilities in Android’s “Stagefright” code allows criminals to send malware to any user via text message — and the user gets infected without even having…