Videos
CSO worldwide managing director Bob Bragdon discusses today’s issues with CSO editors from Australia, Germany, the United Kingdom and the United States. How is security evolving in various parts of the world with continued remote work? What’s the...
Tim Youngblood is Global CISO at McDonald's, one of the world's largest food service companies. Having worked at other large organizations, Tim's developed a unique understanding of the various stages in evolving your career to the CISO level. Join u...
Aravind Swaminathan is a former cybercrime prosecutor and is currently Global Co-Chair of Cyber, Privacy & Data Innovation at Orrick, Herrington & Sutcliffe LLP where he’s directed more than 200 cybersecurity and data breach investigations. He disc...
Greg Wood is SVP of Information Security & Risk Management at The Walt Disney Company, one of the world’s largest media and entertainment companies. With an early life passion for technology, Greg discovered the critical role of security in a chang...
Organizations commonly leave openings for attackers to take control of subdomains set up in Azure. These tips will block them from doing so.
BEC campaigns are finding clever ways to bypass some protections. Use this advice to tighten up controls to keep malicious emails from getting through in Microsoft 365.
Attackers covet credentials, and Windows admins sometimes make it too easy for them. Here’s how to harden Windows networks against credential theft.
Criminals will try to change Windows Active Directory Group Policy security settings to enable attacks. Here’s how to stop them.
These new rules, part of Windows Defender, can help prevent damage from phishing and other attacks.
Ransomware perpetrators count on Windows security admins to make these common mistakes. Here’s how to find and fix them.
Swatting is a form of harassment in which attackers try to trick police forces into sending a heavily armed strike force — often a SWAT team, which gives the technique its name — to a victim's home or business. Learn more about swatting and how t...
Artificial intelligence and machine learning projects require a lot of complex data, which presents a unique cybersecurity risk. Security experts are not always included in the algorithm development process, resulting in effective but potentially vul...
Windows 10 S Mode allows you to whitelist approved applications and block unauthorized applications from running on your network.
The risk from two newly discovered Windows vulnerabilities could be mitigated if you’ve properly segmented your network. Here’s what you need to know.
Doxing is the practice of posting someone's personal information online without their consent. Doxers aim to reveal information that can move their conflict with their targets from the internet to the real world, including home addresses, employers, ...
With some versions of Windows 10 off support or going off support soon, it’s time to review what security features you’re missing if you haven’t updated recently. Follow along here with the full Microsoft Ignite presentation, Windows 10 innovat...
Multi-factor authentication, strong patch management, device control, and adherence to security benchmarks go a long way to protecting your Windows network.
Microsoft has provided new guidance in the form of benchmarks to make sure your Azure environment is secure.
Microsoft will soon discontinue support for Adobe Flash. Here’s how to transition to secure alternatives while blocking unsafe use of Flash.
The Zerologon flaw could give attackers domain admin privileges. Here’s how the two-step patching process to fix it works.
If a security incident occurs on your Windows network, are you prepared to do a thorough investigation? These tips and tools will help.
Microsoft has rolled out new security settings for Office 365, but the default configuration for email might not be right for your organization.
COVID has changed tactics that attackers use to compromise Windows networks. These are the vulnerabilities they now favor.
Default Windows event log settings won’t give you all the information you need to investigate security incidents. Here’s how to get the info you need.
Attackers often gain access to networks through the printers connected to them. Here’s how to address printer vulnerabilities on your network.
Don't let the cute name fool you, smishing (a portmanteau of 'SMS' and 'phishing') is a cyberattack that uses misleading text messages to trick victims into sharing valuable information, installing malware, or giving away money.
As remote work becomes more prevalent and, likely, permanent, you need secure deployment processes in place for devices connecting to Windows networks.
SSL is not just a web protocol. Applications use it, too. Here’s advice to manage SSL certificate protocols on a Windows network.
Recent hacks show that attackers will search for network login credentials in many ways. Make them harder to get.
The transition to managing a remote workforce happened virtually overnight. With it came the challenge of managing employees’ security while they work on their home networks and sometimes on their personal devices. Traditional VPN solutions can be ...
Vishing (short for voice phishing) is a form of attack that attempts to trick victims into giving up sensitive personal information over the phone. While that makes it sound like an old-fashioned scam, vishing attacks have high-tech elements.
Follow these best practices to make sure all your remotely located Windows devices have the latest security updates.
As more employees work from home, it’s important to review your VPN settings and following the best guidance.
Compromising windows administrator accounts is always a key goal for attackers. You can help prevent that from happening with these best practices.
As the recent attack on Honda shows, anyone can be a victim of a ransomware attack. This advice will minimize your risk.
Every company has legacy systems, many of which provide vulnerabilities for attackers to exploit. Use this advice to help shut them out.
Companies that have disabled Windows Firewall might be missing out on some added network protection. Here’s how to set it up effectively.
These are the event logs that will help you identify malicious activity on your network.
Microsoft has rebranded and updated its tool to deploy security patches and new features.
Attackers still commonly use a vulnerability in older versions of Microsoft Office because many organizations left it unpatched. Did yours?
Sysmon and the cloud-based Sentinel log events to help detect when and how attackers compromised your network.
COVID-related attacks make it more important that you follow Microsoft’s advice to protect Microsoft 365 users and systems.
Attackers are using web shells to mimic legitimate files on web servers and infect them with malware. Here’s how to prevent it.
Targeted phishing attempts and updated malware are creating havoc for Windows admins in a hard time. Here are some tips to minimize the damage.
Some organizations are setting up split-tunnel virtual private networks to allow remote workers to connect to a Windows network. Follow these steps to minimize security risks.
More people are relying on videoconferencing software to do their jobs and chat with friends and family. This uptick in use highlighted some security concerns like “Zoombombing” and the lack of end-to-end encryption in popular video conferencing/...
Organizations that have been forced to make rapid changes to their Windows networks should take the time to review settings to make sure no doors were left open for attackers.
Many organizations are using Microsoft’s RDP to set up remote workers. Use these tweaks to better protect those connections.
Microsoft Threat Protection can help admins monitor and secure much of a Windows network, but licensing requirements are confusing.