Dan Swinhoe
Dan Swinhoe is a journalist at CSO Online. Previously he was Senior Staff Writer at IDG Connect.
New TajMahal APT discovered by Kaspersky has one known victim, likely others
Active since August 2014 with 80 modules able to capture a variety of information but with only one known victim, the TajMahal APT seems too advanced not to be used just once.
Security technologies that provide the most savings
A new report from Accenture and the Ponemon Institute quantifies which cybersecurity technologies provide the most value to an organization.
APT group Elfin switches from data destruction to data stealing via WinRAR vulnerability
Iran-linked hacker group switches techniques from Shamoon wiper attacks to WinRAR exploits.
Ransomware attack drives city to seek greater network visibility
After being hit with the Cryptolocker ransomware, the City of Westland realized it needed more insight into network traffic, not just at the perimeter.
What is a man-in-the-middle attack? How MitM attacks work and how to prevent them
A man-in-the-middle (MitM) attack is when an attacker intercepts communications between two parties either to secretly eavesdrop or modify traffic traveling between the two. Detecting MitM attacks is difficult, but they are...
What is spear phishing? Why targeted email attacks are so difficult to stop
A highly targeted form of phishing, spear phishing involves bespoke emails being sent to well-researched victims. It is hard to spot without close inspection and difficult to stop with technical controls alone.
What is digital trust? How CSOs can help drive business
Chief security officers should play a key role in building trust with customers, and that translates to better customer acquisition, greater customer loyalty, and more revenue.
The state of ICS and IIoT security in 2019
Industrial control systems continue to be soft targets due to poor cyber hygiene. New study identifies what's wrong and best practices for fixing it.
Biggest data breach penalties for 2018
Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes, have cost these eight companies a total of nearly $280 million and counting.
7 places to find threat intel beyond vulnerability databases
National Vulnerability Databases (NVDs) can be slow and miss things. Use these sources to supplement your threat and vulnerability intelligence efforts.
