Security

Security | News, how-tos, features, reviews, and videos

Insider threats  >  Employees suspiciously peering over cubicle walls
browser security

Skull-and-crossbones, code and the 'stop' gesture: hand held forward, palm out, fingers pointing up

How EDR stops hackers in their tracks

EDR is a category of security tools that monitor end-user hardware devices across a network for a range of suspicious activities and behavior, reacting automatically to block perceived threats and saving forensic data for further...

CSO  >  Android antivirus conceptual image

Best Android antivirus? The top 9 tools

There are plenty of antivirus tools for Android. Here's how the top nine measure up in protection, usability and features.

Detecting phishing attempts  >  A magnifying lens spots a hook trying to catch a fish.

Defenders can discover phishing sites through web analytics IDs

Many phishing websites are now using unique user IDs (UIDs), and that gives defenders a signal to detect phishing attacks before they do much damage.

cisco

Cisco Meraki ups security with new switch, software

Cisco is bringing some of the bells and whistles of it Catalyst environment to Meraki customers with hardware and software to help customers better support and secure distributed network resources.

youtube thumbnails template
video

Boeing's insecure networks threaten security and safety

Aircraft manufacturer Boeing's insecure networks leave the company--and potentially its aircraft--at risk of exploitation. Security researcher Chris Kubecka uncovered these threats in April, and new reporting by CSO's J.M. Porup...

mobile security / unlocked data connections

Microsoft Intune can now block unauthorized BYOD hardware

Microsoft's decision to integrate third-party mobile threat defense software is a sign of bigger things to come for the company's UEM platform.

keeping the cloud secure cloud security lock padlock private cloud

VMware amps security with in-house, Carbon Black technology

VMware's Carbon Black platform, along with VMware NSX, VMware Workspace ONE, VMware Secure State and future innovations, will deliver built-in security to networks, endpoints, workloads, identity\ies, cloud and analytics.

Fragmented image of a Boeing 787 airplane represented in encrypted data.

Boeing's poor information security posture threatens passenger safety, national security, researcher says

The aircraft maker failed to perform minimum due diligence in securing its networks, then tried to cover it up, security researcher Chris Kubecka tells Aviation Cyber Security conference attendees.

Unified Endpoint Management

Do you really need a Chief Mobility Officer? (Spoiler alert: nope)

While C-level positions were all the rage when mobility was new in the enterprise, the role of CMO – while still somewhat prevalent – is now largely unnecessary and could even hurt your bottom line.

The United States Constitution and Bill of RIghts with lock and encryption overlay.

US Department of Justice push for encryption backdoors might run afoul of First Amendment

Is encryption code speech? Earlier court rulings suggest that it is, legally, and therefore subject to First Amendment protections.

hacker / cryptocurrency attack

What is cryptojacking? How to prevent, detect, and recover from it

Criminals are using ransomware-like tactics and poisoned websites to get your employees’ computers to mine cryptocurrencies. Here’s what you can do to stop it.

Chrome browser logos

Google strengthens Chrome's site isolation to protect browser against its own vulnerabilities

One Google engineer called site isolation 'the single greatest advance in browser security since the creation of the sandbox.'

gavel / abstract binary lines  >  court judgment / fine / penalty / settlement

The biggest data breach fines, penalties and settlements so far

Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $1.45 billion and counting.

A man speaking into the microphone of a headset while sitting at a computer.

Dial 211 for cyberattacks

US consumers and businesses in a few states can now dial 211 for help when victimized by cybercrime. What's needed is a nationwide rollout.

A hook is cast at laptop email with fishing lures amid abstract data.

Attackers phish Office 365 users with fake voicemail messages

Recent phishing campaigns have combined a clever use of fake voicemail, phony Microsoft email, and off-the-shelf phishing kits to target high-value victims.

Many keys, one lock  >  Brute-force credential stuffing.

Credential stuffing explained: How to prevent, detect and defend against it

The automated use of breached usernames and passwords to access accounts is low risk, high reward for cybercriminals. Here's how to make it harder for them to use credential stuffing.

distributed / decentralized network connections across the globe

IoT roundup: VMware, Nokia beef up their IoT

A powerful IoT networking technology used by the major carriers continues to gain ground, Congress makes noise about training for federal workers, and a prominent researcher warns of trouble ahead.

A binary map of china.

China’s MLPS 2.0: Data grab or legitimate attempt to improve domestic cybersecurity?

The new version China’s Multi-Level Protection Scheme (MLPS) expands what companies fall under its purview and lower the threshold for government inspection. Should companies with operations in China be concerned?

Load More