CSO Security Leadership
The day's top cybersecurity news and in-depth coverage
August 07, 2023
Will CVSS 4.0 be a vulnerability-scoring breakthrough or is it broken?
The soon-to-be-released scoring system update has promise, but challenges remain for it to deliver exactly what CISOs need to get ahead of the latest vulnerabilities. Read more
Researchers warn Amazon's AWS System Manager agent can be used as a RAT
Mitiga researchers found that the AWS SSM agent could be hijacked and turned into a remote access trojan that is difficult to detect. Read more
Russian cyberspies defeat Microsoft number-matching 2FA policy with fake Teams messages
Spear-phishing attacks by the Midnight Blizzard advanced persistent threat group targeted Microsoft 365 tenants of small businesses. Read more
UK calls artificial intelligence a âchronic riskâ to its national security
The National Risk Register officially classes AI as a long-term security threat to the UKâs safety and critical systems. Read more
When your teammate is a machine: 8 questions CISOs should be asking about AI
The inevitability of AI is forcing many cybersecurity leaders to decide if it's friend or foe. Treating it as a teammate may be the ultimate solution, but there are a number of pointed questions CISOs should be asking. Read more
In new ransomware model, cloud provider acts as front for bad actors: report
A new report from anti-ransomware vendor Halcyon said that virtual private server provider Cloudzy is being used to host malicious activity from numerous sources. Read more