CSO US First Look
The day's top cybersecurity news and in-depth coverage
December 14, 2024
How to turn around a toxic cybersecurity culture
A poor security culture leaves team members confused, angry, and searching for solutions (or the door), while exposing critical systems to attack. Hereâs how to recognize the symptoms and cure this unhealthy environment.
SAP systems increasingly targeted by cyber attackers
Long viewed as an opaque black box, attackers are increasingly focused upon hacking into enterprise systems from SAP, according to research presented at Black Hat Europe 2024.
PUMA creeps through Linux with a stealthy rootkit attack
The multi-stage rootkit targets Linux systems, using advanced stealth techniques to escalate privileges and avoid detection.
Security researchers find deep flaws in CVSS vulnerability scoring system
Cybersecurity experts from financial giant JPMorganChase say the cybersecurity community is being misled about the severity of vulnerabilities by the CVSS, which threatens to seriously hinder remediation efforts.
Europol shutters 27 DDoS sites in major crackdown
New attacks were planned for the Christmas holiday.
Microsoft Windows âBest Fitâ character conversion âripe for exploitationâ
Security researchers warn that the Windows ANSI API contains a hidden trap that could lead to arbitrary code execution â a new attack surface dubbed âWorstFit.â
A security âholeâ in Krispy Kreme Doughnuts helped hackers take a bite
The attack that yet remains unclaimed disrupted parts of Krispy Kremeâs online sales in the US.
