CSO Online

UK cybersecurity bill brings tougher rules for critical infrastructure

Healthcare, energy, transport, and digital services face stricter compliance rules as ministers gain powers to intervene ...
CSO Online

The security leaders who turned their frustrations into companies

Former CISOs share their experience after successfully founding security companies. CSO spoke to Paul Hadjy, Joe Silva, Chris ...
CSO Online

Malicious npm package sneaks into GitHub Actions builds

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...
CSO Online

Beyond the checklist: Shifting from compliance frameworks to real-time risk assessments

Combine structured frameworks with a customizable assessment model to turn strategic fog into prioritized remediation plans ...
CSO Online

Enterprise network security blighted by legacy and unpatched systems

End-of-life devices remain a pervasive security concern in the enterprise, as do poorly segmented networks, unpatched systems ...
CSO Online

Google asks US court to shut down Lighthouse phishing-as-a-service operation

Google is asking to a US court for help in dismantling the infrastructure behind the Lighthouse phishing-as-a-service ...
CSO Online

November Patch Tuesday: Zero day Windows kernel flaw in servers, controllers, and PCs

Also of importance are a Kerberos vulnerability in Active Directory, a Visual Studio Copilot extension, and a Microsoft ...
CSO Online

Senate moves to restore lapsed cybersecurity laws after shutdown

The continuing resolution would extend CISA 2015 and the Federal Cybersecurity Enhancement Act, reinstating liability shields ...
CSO Online

Researchers trick ChatGPT into prompt injecting itself

Tenable security researchers have discovered seven new ways to extract private data from chat histories, largely through ...
CSO Online

CISOs must prove the business value of cyber — the right metrics can help

CISOs still struggle to prove the value of their security programs using metrics that their business leaders so desperately ...
CSO Online

North Korean hackers exploit Google’s safety tools for remote wipe

The campaign hijacked Google accounts to abuse Android’s Find Hub feature, remotely wiping victims’ phones while spreading ...
CSO Online

Beyond silos: How DDI-AI integration is redefining cyber resilience

Blending DDI with AI lets your network see, think and fight back faster — closing gaps before attackers even get in.