This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
Jay” Abdullah , Mastercards Deputy CSO who gave a keynote address at The CSA Summit from Cloud Security Alliance at RSAC 2025. He explained how attackers are already using LLMs to write custom malware, simulate attacks, and bypass traditional defenses at speed and scale. Abdullah Lets start with Dr. Alissa “Dr.
AI Malware will become smarter, and capable of learning from detection attempts and adapting in real time to evade security barriers. CISO Perceptions A critical blind spot for CISOs and cyber risk owners is the divergence in perceptions of their security stack’s effectiveness between leadership and technical teams.
Without proper inspection, encrypted data can be a significant security threat as the volume of malware in encrypted traffic grows. That’s the takeaway from two sets of new research into the threat malware hidden in encrypted traffic poses to organizations. To read this article in full, please click here (Insider Story)
Late last year, a group believed to be Russia’s Cozy Bear (APT29) successfully compromised SolarWinds’ Orion update software , turning it into a delivery vehicle for malware. Nearly 100 customers of the popular network monitoring tool were affected, including government entities and cybersecurity company FireEye.
Verizon Business’ annual Data Breach Investigations Report (DBIR) is out and confirms what many CISOs already know: ransomware continues to plague business. Here’s roundup of noteworthy ransomware stories you might have missed. DBIR finds ransomware increased by double digits. To read this article in full, please click here
Seasoned CISOs/CSOs understand the importance of effectively communicating cyber risk and the need for investment in cybersecurity defense to the board of directors. To ensure cybersecurity becomes a strategic part of the corporate culture, it is crucial for CISOs to present the topic in a clear, concise, and compelling manner.
Despite years of modernization initiatives, CISOs are still contending with an old-school problem: shadow IT, technology that operates within an enterprise but is not officially sanctioned — or on the radar of — the IT department. In fact, it is as big a problem as ever and may even worsen.
This panel also brings together several experts from HP's security advisory board, including Justine Bone, CEO of MedSec, and Robert Masse, Partner at Deloitte.
Plus, a PwC study says increased collaboration between CISOs and fellow CxOs boosts cyber resilience. Less than 50% of respondents say their organizations’ CISOs are involved “to a large extent” with strategic planning, reporting to the board and overseeing tech deployments.
For CISOs, the sad truth is that it’s no longer a matter of if an organization will be breached, but when. According to AV-Test, more than 1 million new malware programs have been discovered in 2023 alone.
This breach, like every major ransomware attack, was likely because of spear phishing, where someone either received the malware via an emailed attachment or clicked on a link that took them to a website that hosted it. The malware was place inside the code. This requires a high level of coding sophistication.
Those issues continue to exist in ChatGPT, and both can be tricked into creating ransomware , obfuscating malware , and other exploits, they said. For example, this could be to spread misinformation and develop malware. I’m more concerned about what these issues suggest for the future.
It was apropos that Ray Yepes, newly appointed CISO for the State of Colorado, opened the 2022 SecureWorld Denver conference on October 6th. Ray Yepes, CISO for the State of Colorado, presents the opening keynote. Down the hall, Brenden Smith, CISO at FirstBank, presented "Revisiting Deception Systems: Enterprise Use Cases."
Meanwhile, cybercriminals have amplified their use of malware for fake software-update attacks. That’s the main takeaway from the Center for Internet Security’s list of the 10 most prevalent malware used during the third quarter. Collectively, they accounted for 77% of the quarter’s malware infections.
I started Hubble because it addressed one of the biggest challenges I found as an advisor to CISOs, and as a CISO myself: lack of visibility. If you think about the way that you operationalize threat intelligence to drive decision-making — I have a threat actor, these are the malware samples associated with that threat actor.
The IT landscape’s complexity requires the deployment of Privileged Identity Management technologies, given the increasing sophistication of modern attacks via malware and ungated entries. You will create cyber awareness among your staff, as well as users, partners, customers.
VSA ‘working folders’ typically operate within a ‘trust wall,’ which means malware scanners and other security tools are instructed to ignore whatever they’re doing. The hackers were thus able to deposit the malware and run a series of commands to hide the malicious activity from the malware-scanning tools.
Since the agent had not been vetted, it inflicted the same damage as malware would have. Dimitri Chichlo , CSO, BforeAI Chichlo Our networks remain fragile because of interdependence and the assumption that technology always works. Don’t fall victim to downloading phony solutions.
We organize all of the trending information in your field so you don't have to. Join 28,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content