CSO US First Look
The day's top cybersecurity news and in-depth coverage
July 24, 2024
Countdown to DORA: How CISOs can prepare for EU's Digital Operational Resilience Act
The EU regulation meant to strengthen financial organizations' resilience to cyberattacks, will apply starting 17 January 2025, and itâs CISOsâ responsibility to make sure their organizations are compliant with the new regulation. Read more
CrowdStrike meltdown highlights ITâs weakest link: Too much administration
CrowdStrike, Windows domain administration, SolarWinds â our implicit trust in admin software is a recipe for repeated disasters. Read more
Port shadow: Yet another VPN weakness ripe for exploit
Sharing connection information could be a problem among users of the same VPN server without proper protection, researchers have found. Corporate VPN servers in particular are vulnerable to the flaw. Read more
ICS malware FrostyGoop disrupted heating in Ukraine, remains threat to OT worldwide
The malware leverages Modbus TCP communications to target operational technology assets â and can easily be repurposed to compromise other industrial controllers, putting widespread critical infrastructure at risk. Read more
Get more from the voice of CSOs and IT leadership
Read more from CSO delivered to your inbox. Subscribe now.
CrowdStrike failure: What you need to know
A flawed update to CrowdStrike Falcon sent Windows servers and PCs across the globe into an endless reboot cycle that IT organizations are still working to remediate. Read more
NHIs may be your biggest â and most neglected â security hole
Because IT has so little visibility into non-human identities, attackers are increasingly seeking them out as ultra-easy onramps to everything of value in your enterprise. The solution? Stop treating NHIs as though they are another human end-user. Read more
Wiz shocks the tech world as it rejects Googleâs $23 billion bid
The Israeli cybersecurity startup is now looking at raising money through an initial public offering. Read more