CSOonline1d
PUMA creeps through Linux with a stealthy rootkit attack
The multi-stage rootkit targets Linux systems, using advanced stealth techniques to escalate privileges and avoid detection.
CSOonline1d
Researchers expose a surge in hacker interest in SAP systems
Long viewed as an opaque black box, attackers are increasingly focused upon hacking into enterprise systems from SAP, ...
CSOonline2d
A security ‘hole’ in Krispy Kreme Doughnuts helped hackers take a bite
In the filing, Krispy Kreme confirmed that the incident has and will continue to have material impact until a full recovery ...
CSOonline2d
Security researchers find deep flaws in CVSS vulnerability scoring system
Cybersecurity experts from financial giant JPMorganChase say the cybersecurity community is being misled about the severity ...
CSOonline2d
KeyTrap DNSSEC: The day the internet (almost) stood still
Black Hat conference attendees heard a post-mortem on the KeyTrap DNSSEC vulnerability, which could have widely impacted ...
CSOonline2d
Attackers exploit zero-day RCE flaw in Cleo managed file transfer
The exploit takes advantage of a known file upload vulnerability that was not efficiently patched and can still be exploited ...
CSOonline2d
AMD data center chips vulnerable to revealing data through ‘BadRAM’ attack
AMD’s Secure Encrypted Virtualization (SEV), meant to protect processor memory from prying eyes in virtual machine (VM) ...
CSOonline2d
Europol shutters 27 DDoS sites in major crackdown
Furthermore, 27 booter and stresser sites have been shut down, including zdstresser.net, orbitalstress.net, and starkstresser ...
CSOonline2d
The 7 most in-demand cybersecurity skills today
Evolving IT strategies and emerging technologies and threats have organizations shuffling their cyber skills want lists, ...
CSOonline5d
Bug bounty programs: Why companies need them now more than ever
While not all organizations are able to post million-dollar bounties, the financial incentive is just one aspect and ethical ...
CSOonline2d
Microsoft Windows ‘Best Fit’ character conversion ‘ripe for exploitation’
Security researchers warn that the Windows ANSI API contains a hidden trap that could lead to arbitrary code execution — a ...
CSOonline2d
Microsoft secretly stopped actors from snooping on your MFA codes
The issue could allow threat actors to brute force MFA authentication codes for Outlook, Teams, and Azure access with 50% ...