news analysisThousands of servers hacked due to insecurely deployed Ray AI frameworkRay deployments are not intended to connect to the internet, but AI developers are doing so anyway and leaving their servers vulnerable.By Lucian Constantin28 Mar 20244 minsVulnerabilities news analysis Exploit available for critical flaw in FortiClient ServerBy Lucian Constantin22 Mar 20243 minsCyberattacksNetwork SecurityVulnerabilitiesnews analysis Siemens, other vendors patch critical ICS product vulnerabilitiesBy Lucian Constantin20 Mar 20244 minsCritical InfrastructureVulnerabilities news analysisNew Kubernetes vulnerability allows privilege escalation in WindowsBy Lucian Constantin 13 Mar 20246 minsDevSecOpsApplication SecurityVulnerabilities news analysisVMware patches critical flaws that could allow attackers to escape VMsBy Lucian Constantin 07 Mar 20243 minsNetwork SecurityVulnerabilities newsTeamCity supply chain bugs receive massive exploitationBy Shweta Sharma 07 Mar 20243 minsBugsVulnerabilities newsApple warns users against critical memory-corrupting attacksBy Shweta Sharma 06 Mar 20242 minsVulnerabilities newsTeamCity hit by critical software supply chain bugsBy Shweta Sharma 05 Mar 20243 minsVulnerabilities news analysisNorth Korea's Lazarus deploys rootkit via AppLocker zero-day flaw By Lucian Constantin 01 Mar 20246 minsAdvanced Persistent ThreatsZero-day vulnerabilityVulnerabilities Articlesnews analysisInternational warning: Attackers could gain persistence on Ivanti VPN appliances Researchers identify methods that could allow attackers to bypass Ivanti integrity checks for recent attacks, perhaps surviving factory resets.By Lucian Constantin 01 Mar 2024 7 minsAdvanced Persistent ThreatsCritical InfrastructureVulnerabilitiesnewsIf you are generating SAML signing certificates externally, STOP!!SAML authentication certificates, generated with tools other than dedicated cloud identity solutions, can be forged by hackers, according to a new proof of concept.By Shweta Sharma 01 Mar 2024 5 minsAuthenticationWindows SecurityVulnerabilitiesnews analysisInsecure Apex code plagues many Salesforce deploymentsVulnerabilities created by insecure code could lead to data leakage or corruption, and the burden is on Salesforce customers to mitigate.By Lucian Constantin 23 Feb 2024 5 minsData and Information SecurityVulnerabilitiesnewsHackers find a ‘Shortcut’ to data stored on iPhones, iPads, and MacsApple’s Shortcuts application has a bug that can allow attackers to remotely access sensitive data on Apple devices without user permission.By Shweta Sharma 23 Feb 2024 3 minsMacOS SecurityVulnerabilitiesBugsnews analysisCritical ConnectWise ScreenConnect flaw exploited in the wild: UpdateThe vulnerability could allow attackers to bypass authentication or create a new admin account.By Lucian Constantin 22 Feb 2024 5 minsAuthenticationCyberattacksVulnerabilitiesnewsRussian hackers target vulnerable webmail servers in Europe for espionageThe threat actor exploits an XSS flaw in Roundcube webmail servers to target critical government infrastructure.By Shweta Sharma 19 Feb 2024 3 minsHacker GroupsVulnerabilitiesfeatureHow to proactively prevent password-spray attacks on legacy email accountsHacker group Midnight Blizzard utilized password spray attacks that successfully compromised legacy Microsoft emails. Here’s how to reinforce your defenses against these intrusions.By Susan Bradley 19 Feb 2024 7 minsEmail SecurityWindows SecurityThreat and Vulnerability Managementnews analysisMicrosoft Outlook flaw opens door to 1-click remote code execution attacksThe vulnerability allows attackers to bypass Microsoft's Office Protected View mode.By Lucian Constantin 16 Feb 2024 5 minsEmail SecurityZero-day vulnerabilityVulnerabilitiesnews analysisAttackers target new Ivanti XXE vulnerability days after patchThe new vulnerabilities were introduced by a fix for the previous Ivanti flaws, and customers are urged to install a new update.By Lucian Constantin 13 Feb 2024 4 minsZero-day vulnerabilityVulnerabilitiesfeatureHow to protect against BitLocker-bypassing vulnerabilities in Windows recovery partitionsPartitioning decisions in Windows were once mundane with little risk attached. Recent vulnerabilities that allow the bypassing of safety protocols highlight the need to pay more attention to them.By Susan Bradley 12 Feb 2024 7 minsWindows SecurityThreat and Vulnerability ManagementVulnerabilitiesnewsCisco patches serious flaws in Expressway and ClamAVThe vulnerabilities could enable cross-site request forgery in Expressway products and denial-of-service attacks in ClamAV. By Lucian Constantin 09 Feb 2024 3 minsNetwork SecurityVulnerabilitiesnewsFortinet urges patching N-day bug amid ongoing nation-state exploitationThe flaw has a critical severity rating with a CVSS score of 9.6 and allows a remote unauthenticated actor to execute arbitrary commands by specially crafted HTTP requests.By Shweta Sharma 09 Feb 2024 3 minsVulnerabilities Show more Show less View all Resources whitepaper Data Protection in a Multicloud World Data protection challenges resulting in disruption are on the rise with public clouds and cyberattacks the leading areas of concern. Organizations that continue to modernize data protection can minimize risk and raise confidence levels The post Data Protection in a Multicloud World appeared first on Whitepaper Repository –. By Dell Technologies 18 May 2023Cloud SecurityData and Information SecurityMulti Cloud whitepaper Top reasons why customers choose Dell VxRail By Dell Technologies 18 May 2023Infrastructure ManagementIT ManagementSystem Management whitepaper The Long Road Ahead to Ransomware Preparedness By Dell Technologies 17 May 2023Cloud SecurityRansomwareSecurity View all Video on demand videoPrinters: The overlooked security threat in your enterprise | TECHtalkPrinters, often a forgotten target in the enterprise, are vulnerable to all the usual cyberattacks. Watch as IDG TECH(talk) hosts Ken Mingis and Juliet Beauchamp and CSO Online’s J.M. Porup discuss the threats to these devices, plus how to secure them and protect your network. 07 Nov 2019 20 minsHackingPrintersVulnerabilities Don’t ignore application security | Salted Hash Ep 35 23 Jul 2018 18 minsApplication SecurityVulnerabilitiesSecurity The Dyn cyberattack, one year later | Salted Hash Ep 11 11 Dec 2017 22 minsCybercrimeInternet of ThingsVulnerabilities See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Generative AI Show me morePopularArticlesPodcastsVideos news AT&T suffers critical breach impacting 73 million customers By Shweta Sharma 01 Apr 20244 mins Data Breach feature Recruit for diversity: Practical ways to remove bias from the hiring process By Aimee Chanthadavong 01 Apr 20248 mins Careers feature The CSO guide to top security conferences By CSO Staff 01 Apr 202417 mins Technology IndustryIT SkillsEvents podcast CSO Executive Sessions: 2024 International Women's Day special 13 Mar 202410 mins CSO and CISO podcast CSO Executive Sessions: Former convicted hacker Hieu Minh Ngo on blindspots in data protection 20 Feb 202421 mins CSO and CISO podcast CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison 20 Nov 202315 mins CSO and CISO video CSO Executive Sessions: Geopolitical tensions in the South China Sea – why the private sector should care 01 Apr 202416 mins CSO and CISO video CSO Executive Sessions: 2024 International Women's Day special 13 Mar 202410 mins CSO and CISO video LockBit feud with law enforcement feels like a TV drama 05 Mar 202456 mins RansomwareArtificial Intelligence