CSO

CSO US First Look

The day's top cybersecurity news and in-depth coverage

January 15, 2024

Researchers demo new CI/CD attack techniques in PyTorch supply-chain

The proof of concept shows it's possible to upload malicious PyTorch releases to GitHub by exploiting insecure misconfigurations in GitHub Actions.
Read more

CISA adds patched MS SharePoint server vulnerability to KEV catalog

The privilege escalation vulnerability in Microsoft SharePoint can allow privilege escalation on affected systems and effect possible RCE attacks.
Read more

Attackers deploy rootkits on misconfigured Apache Hadoop and Flink servers

Misconfigurations allow threat actors to bypass authentication and install cryptominers once rootkits are deployed.
Read more

Mirai-based NoaBot botnet deploys cryptominer on Linux servers

The attack campaign targets weakly defended servers by brute-forcing SSH logins.
Read more

Months long AsyncRAT campaign targeted key US infrastructure employees

Attackers used more than 300 samples of the malicious tool and more than 100 domains to evade detection.
Read more

12 best cybersecurity podcasts as recommended by the professionals

In the ever-evolving world of cybersecurity, it's important for CISOs and other security leaders to stay up to date – cybersecurity podcasts are a great way to stay informed.
Read more

Submit now: CSO Hall of Fame nominations open for first time

The CSO Hall of Fame is accepting nominations for the first time to honor exceptional security leaders with at least 10 years of executive experience.
Read more

CSO
FB TW LI
© 2024 CSO
IDG Communications, Inc.
140 Kendrick Street, Building B
Needham, MA 02494
United States