CSO Online

Ollama vulnerability highlights danger of AI frameworks with unrestricted access

Dubbed Bleeding Llama, the flaw gives attackers direct access to sensitive data stored in the most popular framework for ...
CSO Online

Critical Palo Alto Networks software bug hits exposed firewalls

A critical PAN-OS vulnerability affecting the User-ID Authentication Portal is being actively exploited to achieve ...
CSO Online

The Human Side of Cybersecurity: Stress, Deepfakes & the Hidden Cost of Breaches

CSO US First Look EVERY Monday, Tuesday, Wednesday, Thursday, Friday, Saturday ...
CSO Online

CISOs: Align cyber risk communication with boardroom psychology

Your board doesn't care about your technical status updates; if you can't translate cyber threats into cold, hard business ...
CSO Online

Bots in translation: Can AI really fix SIEM rule sprawl across vendors?

Researchers say agentic AI can translate detection rules across SIEM platforms, but concerns over trust and reliability ...
CSO Online

Ten years later, has the GDPR fulfilled its purpose?

A decade after its adoption, experts and analysts weigh in on how this regulation has impacted the business landscape and ...
CSO Online

Iranian state-backed spies pose as ransomware slingers in false flag attacks

MuddyWater is muddying the waters of incident response with a ruse to cover data exfiltration and cyber-sabotage, according ...
CSO Online

New malware turns Linux systems into P2P attack networks

Researchers found a Linux malware called QLNX that combines P2P networking, rootkits, PAM backdoors, and fileless execution ...
CSO Online

Oracle will patch more often to counter AI cybersecurity threat

Oracle will follow SAP, Microsoft and other software vendors in issuing security patches monthly — but a week later than ...
CSO Online

US government agency to safety test frontier AI models before release

CAISI’s agreements with Google, Microsoft, and xAI preceded a report that the White House may be planning to create its own ...
CSO Online

CISA mulls new three-day remediation deadline for critical flaws

Spooked by Claude Mythos, the agency is reportedly discussing slashing the current 14-day timeline for patching government ...
Opinion
CSO OnlineOpinion

Train like you fight: Why cyber operations teams need no-notice drills

Tabletop exercises are just paperwork; you need surprise drills to train your brain to stay calm and effective when a real incident actually hits the fan.