Latest from todaynewsLinux, macOS users infected with malware posing as legitimate Go packagesThreat actors are typosquatting popular Go packages such as Hypert and Layout to drop malware on Linux and macOS systems.By Shweta Sharma07 Mar 20253 minsMalwareSecurity feature 8 obstacles women still face when seeking a leadership role in ITBy Christina Wood07 Mar 20258 minsCareersIT Leadershipfeature What is risk management? Quantifying and mitigating uncertaintyBy Josh Fruhlinger07 Mar 202510 minsIT Governance FrameworksIT LeadershipRisk Management news analysisChinese APT Silk Typhoon exploits IT supply chain weaknesses for initial accessBy Lucian Constantin 06 Mar 20256 minsAdvanced Persistent ThreatsGovernmentHacker Groups newsUS charges 12 Chinese hackers in major government-backed espionage campaignBy Gyana Swain 06 Mar 20255 minsCybercrimeSecurity newsBadbox Android botnet disrupted through coordinated threat huntingBy Shweta Sharma 06 Mar 20254 minsAndroid SecuritySecurity news analysis60% of cybersecurity pros looking to change employersBy John Leyden 06 Mar 20255 minsCareersIT Leadership opinionThe risks of standing down: Why halting US cyber ops against Russia erodes deterrenceBy Christopher Whyte 06 Mar 20258 minsAdvanced Persistent ThreatsCSO and CISOThreat and Vulnerability Management newsRansomware goes postal: US healthcare firms receive fake extortion lettersBy John E. Dunn 05 Mar 20256 minsRansomwareSecurity CSO Executive Sessions videoCSO Executive Sessions: How cybersecurity impacts company ratings – A fey factor for investors and consumersMartin Whitworth – Lead Cyber Risk Expert at S&P Global Ratings – joins Xiou Ann Lim for this CSO Executive Sessions interview. They talk about why the world’s largest credit rating firm is now factoring in cyber preparedness when assessing companies, how cyber risk affects a company’s financial health, and the role CISOs play in it. 12 Feb 2025 27 minsSecurity CSO Executive Sessions: How should software solution providers keep themselves and their enterprise clients safe? 26 Jan 2025 18 minsSecurity CSO Executive Sessions: Open Source Institute’s Eric Nguyen on supply chain risks to critical infrastructure (Part 2) 14 Nov 2024 15 minsCritical InfrastructureIT GovernanceSupply Chain CSO Executive Sessions: Open Source Institute’s Eric Nguyen on supply chain risks to critical infrastructure (Part 1) 04 Nov 2024 19 minsCritical InfrastructureSecuritySupply ChainSee all videos More security newsnewsCritical vulnerabilities expose network security risks in Keysight's infrastructureMultiple security flaws in network packet broker devices could lead to code execution and data compromise.By Gyana Swain 05 Mar 2025 4 minsSecurityVulnerabilitiesnewsChinese cyber espionage growing across all industry sectorsNew and expanding China-backed threat groups are pushing a broader cyber strategy, likely with eventual reunification with Taiwan in mind, CrowdStrike security researchers say.By Lucian Constantin 05 Mar 2025 6 minsAdvanced Persistent ThreatsCyberattacksThreat and Vulnerability ManagementnewsPolyglot files used to spread new backdoorProofpoint reports that a threat actor has used the tactic against critical infrastructure firms in the UAE, warns CISOs to watch for it elsewhere.By Howard Solomon 04 Mar 2025 5 minsMalwarePhishingnewsVMware ESXi gets critical patches for in-the-wild virtual machine escape attackBroadcom has patched three vulnerabilities in the VMware ESXi hypervisor and related products, with Microsoft reporting the flaws are being actively exploited to take control of host systems.By Lucian Constantin 04 Mar 2025 4 minsSecurityZero-Day VulnerabilitiesnewsMisconfigured access management systems expose global enterprises to security risksWidespread AMS vulnerabilities threaten physical and data security across key industries.By Gyana Swain 04 Mar 2025 4 minsAccess ControlIdentity and Access ManagementSecuritynewsManufacturers still poorly prepared for cyberattacks as IT/OT convergeA global survey shows that less than half of manufacturing companies are prepared for the rising onslaught of cyberattacks against them. By Julia Mutzbauer 04 Mar 2025 3 minsManufacturing IndustrySecuritynewsCISOs should address identity management 'as fast as they can’ says CrowdStrike execThreat actors increasingly using stolen credentials to compromise cloud assets, warns the company's annual threat report.By Howard Solomon 03 Mar 2025 5 minsCyberattacksSecuritynewsUS Cybercom, CISA retreat in fight against Russian cyber threats: reportsPress reports suggest that US Cybercom is standing down from tracking Russia’s offensive cyber operations, and CISA may no longer consider Russia a priority. Officials say Cybercom’s action is a gambit to get Russia to negotiate, and CISA says the press reports are wrong.By Cynthia Brumfield 03 Mar 2025 6 minsCyberattacksGovernment ITRansomwarenews analysisRansomware access playbook: What Black Basta’s leaked logs revealAnalyzing leaked internal communication logs, security researchers are piecing together how one of the most notorious ransomware groups infiltrates its victims.By Lucian Constantin 03 Mar 2025 6 minsRansomwarenewsMicrosoft files lawsuit against LLMjacking gang that bypassed AI safeguardsThe civil suit against four members of Storm-2139 underscores an emerging trend that blends stolen LLM credentials and AI jailbreaking to reap financial gains for cybercriminals and losses for companies they exploit.By Lucian Constantin 28 Feb 2025 4 minsCybercrimeGenerative AIThreat and Vulnerability ManagementnewsCritical Microsoft Partner Center vulnerability under attack, CISA warnsUnpatched flaw CVE-2024-49035 allows unauthenticated privilege escalation, posing supply chain risksBy Gyana Swain 27 Feb 2025 4 minsVulnerabilitiesnews analysisGeopolitical tensions fuel surge in OT and ICS cyberattacksOperational technology networks and industrial control systems are seeing increased malicious activity, as industrial organizations also deal with a sharp rise in ransomware attacks.By Lucian Constantin 25 Feb 2025 6 minsCyberattacksEnergy IndustryManufacturing Industry Show more Show less Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy View all topics Spotlight: Managing Modern Risks Articles Buyer’s Guide Staying secure is of course critical, but there are many risks beyond security that enterprise IT must consider. We explore emerging risks that warrant your attention. View all Popular topicsCybercrime newsFake captcha attacks are increasing, say expertsBy Howard Solomon 20 Feb 2025 6 minsCyberattacksCybercrimeMalware newsAuthorities seize Phobos and 8Base ransomware servers, arrest 4 suspectsBy Lucian Constantin 11 Feb 2025 3 minsCybercrimeRansomware newsPolice arrest teenager suspected of hacking NATO and numerous Spanish institutionsBy Computerworld España 06 Feb 2025 2 minsCybercrimeSecurity View topic Careers featureThe CSO guide to top security conferencesBy CSO Staff 28 Feb 2025 10 minsApplication SecurityEventsTechnology Industry featureBeyond the paycheck: What cybersecurity professionals really wantBy Aimee Chanthadavong 12 Feb 2025 9 minsCSO and CISOCareersIT Training featureCISOs embrace rise in prominence — with broader business authorityBy Esther Shein 13 Jan 2025 11 minsBusiness IT AlignmentCSO and CISOIT Strategy View topic IT Leadership opinionWhat CISOs need from the board: Mutual respect on expectationsBy David Gee 26 Feb 2025 6 minsBusiness IT AlignmentCSO and CISOCompliance featureHow to create an effective incident response planBy Bob Violino 25 Feb 2025 11 minsIT LeadershipIncident ResponseSecurity featureStrategic? Functional? Tactical? Which type of CISO are you?By Mary K. Pratt 24 Feb 2025 9 minsCSO and CISOHuman ResourcesSecurity Practices View topic In depth FeatureWho owns your data? SaaS contract security, privacy red flagsCompanies looking to use SaaS solutions should involve the security team in the procurement process and pay attention to contract language.By Andrada Fiscutean27 Mar 202410 mins Data and Information Security Show me moreLatestArticlesPodcastsVideos feature The dirty dozen: 12 worst ransomware groups active today By John Leyden 05 Mar 202511 mins Ransomware opinion Microsoft pushes a lot of products on users, but here’s one cybersecurity can embrace By Susan Bradley 05 Mar 20256 mins Access ControlData and Information SecurityWindows Security brandpost Sponsored by CyberNewsWire Hunters Announces New AI Capabilities with Pathfinder AI for Smarter SOC Automation By Cyber NewsWire – Paid Press Release 05 Mar 20255 mins CyberattacksSecurity podcast CSO Executive Sessions: How cybersecurity impacts company ratings – A fey factor for investors and consumers 12 Feb 202527 mins Security podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO video CSO Executive Sessions: Standard Chartered’s Alvaro Garrido on cybersecurity in the financial services industry 23 Oct 202410 mins Financial Services IndustrySecurity video CSO Executive Sessions: New World Development’s Dicky Wong on securing critical infrastructure 16 Oct 202412 mins Critical InfrastructureSecurity video CSO Executive Sessions: DocDoc’s Rubaiyyaat Aakbar on security technology 12 Sep 202419 mins Artificial IntelligenceHealthcare IndustrySecurity