Announcing the 2026 CSO Hall of Fame honorees
Now entering its eighth year, the CSO Hall of Fame spotlights outstanding leaders who have significantly contributed to the practice of information risk management and…
Category: CISOOnline
CSO Awards 2026 celebrates world-class security strategies
For more than a decade, the CSO Awards have recognized security projects that demonstrate outstanding thought leadership and business value. The award is an acknowledged mark…
A 5-step approach to taming shadow AI
AI is being leveraged across organizations to boost productivity, accelerate innovation and optimize business processes. The problem is that adoption has outpaced discipline. Only a…
Did cybersecurity recently have its Gatling gun moment?
On the James River, Petersburg, VA, June of 1864, during the American Civil War, General Benjamin Butler, of the US Army, deployed a new weapon…
AWS expands Security Hub for multicloud security operations
AWS Security Hub reimagined As security teams struggle to manage multiple tools, the expanded Security Hub introduces a common data layer designed to unify security…
Why zero trust breaks down in IoT and OT environments
First, visibility is incomplete by design. Devices are frequently deployed by facilities teams, engineering groups, or third-party integrators rather than security organizations. Asset inventories lag…
Overly permissive ‘guest’ settings put Salesforce customers at risk
According to the advisory, the campaign specifically targets environments where three conditions exist. These include instances with guest profiles having excessive object or field permissions,…
Critical flaw in HPE Aruba CX switches lets attackers seize admin control without credentials
CVE-2026-23814, scored 8.8, requires only low-level authenticated access. A remote attacker with minimal privileges could inject malicious commands through parameters in a CLI command, resulting…
12 ways attackers abuse cloud services to hack your enterprise
“Instead of abusing local binaries like PowerShell or WMI [Windows Management Instrumentation] to evade detection, adversaries now leverage native cloud administrative tools, APIs, identity systems,…
Jack & Jill went up the hill — and an AI tried to hack them
Further, and bizarrely, once in the system, the agent autonomously gave itself a voice so it could conduct a real-time conversation with the AI voice…
6 Mittel gegen Security-Tool-Wildwuchs
loading=”lazy” width=”400px”>Viel hilft nicht immer viel. Roman Samborskyi | shutterstock.com Auf der Suche nach Möglichkeiten, sich vor ständig wachsenden Cyberbedrohungen zu schützen, erliegen nicht wenige…
March Patch Tuesday: Three high severity holes in Microsoft Office
Satnam Narang, senior staff research engineer at Tenable, commented on the fix for Azure Model Context Protocol (MCP) tools. “This bug is a server-side request…