CSO US First Look
The day's top cybersecurity news and in-depth coverage
January 15, 2024
Researchers demo new CI/CD attack techniques in PyTorch supply-chain
The proof of concept shows it's possible to upload malicious PyTorch releases to GitHub by exploiting insecure misconfigurations in GitHub Actions. Read more
CISA adds patched MS SharePoint server vulnerability to KEV catalog
The privilege escalation vulnerability in Microsoft SharePoint can allow privilege escalation on affected systems and effect possible RCE attacks. Read more
Attackers deploy rootkits on misconfigured Apache Hadoop and Flink servers
Misconfigurations allow threat actors to bypass authentication and install cryptominers once rootkits are deployed. Read more
Mirai-based NoaBot botnet deploys cryptominer on Linux servers
The attack campaign targets weakly defended servers by brute-forcing SSH logins. Read more
Months long AsyncRAT campaign targeted key US infrastructure employees
Attackers used more than 300 samples of the malicious tool and more than 100 domains to evade detection. Read more
12 best cybersecurity podcasts as recommended by the professionals
In the ever-evolving world of cybersecurity, it's important for CISOs and other security leaders to stay up to date â cybersecurity podcasts are a great way to stay informed. Read more
Submit now: CSO Hall of Fame nominations open for first time
The CSO Hall of Fame is accepting nominations for the first time to honor exceptional security leaders with at least 10 years of executive experience. Read more