CSO Online
11,593 FOLLOWERS
CSO offers the latest information and best practices on business continuity and data protection, best practices for prevention of social engineering scams, malware and breaches, and tips and advice abut security careers and leadership. CSO serves enterprise security decision-makers and users with the critical information they need to stay ahead of evolving threats and defend against criminal..
CSO Online
42m ago
Security researchers warn that certain commands executed in the AWS and Google Cloud command-line interfaces (CLIs) will return credentials and other secrets stored in environment variables as part of the standard output. If such commands are executed as part of build workflows in CI/CD tools the secrets will be included in the returned build logs.
AWS and Google Cloud consider this expected behavior and it is up to users to take steps to ensure sensitive command outputs are not saved in logs or that sensitive credentials are stored securely and not in environment variables. The Microsoft Az ..read more
CSO Online
5h ago
Targeting SAP vulnerabilities by threat actors is currently at its peak as systems compromised by ransomware incidents have grown fivefold since 2021, according to joint research by Flashpoint and Onapsis.
Based on SAP threat intelligence from Onapsis Research Labs and Flashpoint Threat Intelligence Platform, the research found that multiple, unpatched application-level SAP vulnerabilities are being exploited and used in ransomware campaigns.
“This research leverages the combined experience of Onapsis Research Labs on SAP Threats, Vulnerabilities, and Threat Intelligence, with the Flashpoint ..read more
CSO Online
14h ago
In the wake of a string of high-profile cyber incidents, capped by a crippling ransomware attack on Colonial Pipeline, the US Congress passed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) to create a centralized federal government cyber incident reporting apparatus.
In March, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM), a crucial step in establishing this new data breach reporting mechanism.
CIRCIA mandated that covered entities promptly report to CISA within 72 hours after reasonably believing t ..read more
CSO Online
1d ago
The Open Source Security Foundation (OpenSSF) together with the OpenJS Foundation have identified additional incidents where attackers attempted to social engineer their way into the management of open source projects using similar techniques that recently led to the backdooring of the XZ Utils package.
XZ Utils supply chain compromise
The XZ Utils software supply chain compromise was the result of a sophisticated social engineering effort where an attacker managed to earn the trust of the project’s maintainer through legitimate code contributions over multiple years until they were made co ..read more
CSO Online
1d ago
IntelGroup, a prominent Serbian hacker from the CyberNiggers threat group, has claimed to breach Space-Eyes, a geospatial intelligence firm, catering exclusively to the US government agencies.
The breach, which has allegedly compromised the digital infrastructure of the Miami-based firm, stands to expose the US national security data.
IntelBroker claimed — through a message posted on BreachForums — that it took the threat actor only “10-15 minutes” to access sensitive data from Space-Eyes systems.
The government agencies Space-Eyes does business with include the Department of Justice, the De ..read more
CSO Online
1d ago
Intellectual property (IP) is the lifeblood of every organization. It didn’t used to be. As a result, now more than ever, it’s a target, placed squarely in the cross-hairs by various forms of cyber attack. Witness the long list of hacks on Hollywood and the entertainment industry’s IP including “Pirates of the Caribbean” and more recently HBO’s “Game of Thrones.”
Your company’s IP, whether that’s patents, trade secrets or just employee know-how, may be more valuable than its physical assets. Security pros must understand the dark forces that are trying to get this inform ..read more
CSO Online
2d ago
The United States Supreme Court unanimous ruling on an SEC disclosure case on Friday could have direct consequences on how security executives report cybersecurity incidents.
The decision in the Macquarie Infrastructure versus Moab Partners’ case gave enterprises the green light to not report incidents that are not material, which was already directly implied in the current SEC rules. The court was referring to risks, specifically those that are potential and theoretical but have not necessarily happened. That might include, for example, a series of attacks overseas that could potentia ..read more
CSO Online
2d ago
A threat actor has reportedly claimed responsibility for a March 2024 data breach that affected the Canadian retail chain Giant Tiger, which compromised 2.8 million customer records.
The breach, which Giant Tiger confirms happened on March 4, happened because of a cybersecurity incident with one of the company’s third-party vendors.
“In March 2024, the Canadian discount store chain Giant Tiger Stores Limited, suffered a data breach that exposed over 2.8 million clients,” the threat actor said while dumping the stolen data on a hacker forum. “The breach includes over 2.8 million unique email ..read more
CSO Online
3d ago
Small and medium businesses (SMBs) have increased their digital footprint, embracing remote work, employing more internet-connected devices, and adopting new tools and technologies. They now find themselves a more attractive target to cyber criminals, and behind the headline-making attacks on large organizations, SMBs are being attacked with increasing regularity.
The exact numbers can be hard to gauge, but 69% of SMBs reported experiencing at least one cyberattack in the last year, according to Devolutions’ State of IT Security in SMBs 2023-2024 report, an increase from the previous year.
C ..read more
CSO Online
3d ago
One of the researchers that recently compiled a knowledge base of common misconfigurations and attack techniques impacting Microsoft System Center Configuration Manager (SCCM), has developed an open-source scanner to help administrators more easily identify those weaknesses in their SCCM environments.
“Although we detailed how to carry out, mitigate, and detect each of these attacks in the knowledge base, we soon realized from our discussions with defenders and SCCM administrators that not everyone has the bandwidth, privileges, or permission to demonstrate these attacks to their organizati ..read more