Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients
Attackers cover their tracks after credential theft After capturing them, the fake client displays an error message indicating installation has failed, the advisory said. It…
Category: CISOOnline
Hybrid resilience: Designing incident response across on-prem, cloud and SaaS without losing your mind
I used to think hybrid incidents would get easier once we standardized on “one tool”: one monitoring platform, one ticketing system, one on-call process. After…
Veeam warns admins to patch now as critical RCE flaws hit Backup & Replication
Backup systems have become increasingly valuable targets for attackers, particularly ransomware operators, because compromising them can undermine recovery capabilities and enable data destruction or exfiltration…
Cyber criminals too are working from home… your home
The FBI is so concerned about the threat of residential proxy attacks and the dangers posed by cyber criminals using the technique that it has…
Google warns of two actively exploited Chrome zero days
These new flaws underscore the reason why browser engines remain among the most attractive targets for attackers, noted Jack Bicer, director of vulnerability research at…
Announcing the 2026 CSO Hall of Fame honorees
Now entering its eighth year, the CSO Hall of Fame spotlights outstanding leaders who have significantly contributed to the practice of information risk management and…
CSO Awards 2026 celebrates world-class security strategies
For more than a decade, the CSO Awards have recognized security projects that demonstrate outstanding thought leadership and business value. The award is an acknowledged mark…
A 5-step approach to taming shadow AI
AI is being leveraged across organizations to boost productivity, accelerate innovation and optimize business processes. The problem is that adoption has outpaced discipline. Only a…
Did cybersecurity recently have its Gatling gun moment?
On the James River, Petersburg, VA, June of 1864, during the American Civil War, General Benjamin Butler, of the US Army, deployed a new weapon…
AWS expands Security Hub for multicloud security operations
AWS Security Hub reimagined As security teams struggle to manage multiple tools, the expanded Security Hub introduces a common data layer designed to unify security…
Why zero trust breaks down in IoT and OT environments
First, visibility is incomplete by design. Devices are frequently deployed by facilities teams, engineering groups, or third-party integrators rather than security organizations. Asset inventories lag…
Overly permissive ‘guest’ settings put Salesforce customers at risk
According to the advisory, the campaign specifically targets environments where three conditions exist. These include instances with guest profiles having excessive object or field permissions,…