资讯

CSO Online2 天
Poisoned models in fake Alibaba SDKs show challenges of securing AI supply chains
Fake Alibaba Labs AI SDKs hosted on PyPI included PyTorch models with infostealer code inside. With support for detecting ...
CSO Online2 天
Securing Windows 11 and Server 2025: What CISOs should know about the latest updates
Microsoft’s latest rollouts to Windows 11 24H2 and Windows Server 2025 include the arrival of Recall and hotpatching. Here ...
CSO Online1 天
New botnet hijacks AI-powered security tool on Asus routers
Once inside as an admin, attackers exploit a command injection flaw to trick the AI-powered security feature into executing ...
CSO Online1 天
Novel PumaBot slips into IoT surveillance with stealthy SSH break-ins
The botnet brute-forces SSH credentials against a list of harvested IP addresses, instead of conducting internet-wide scans.
CSO Online3 天
Separating hype from reality: How cybercriminals are actually using AI
Countering more advanced AI-driven threats requires that we collectively evolve our defenses, and the good news is that many ...
CSO Online3 天
6 rising malware trends every security pro should know
From infostealers commoditizing initial access to a more targeted approach to ransomware attacks, cybercriminals’ malware ...
CSO Online2 天
Microsoft Entra’s billing roles pose privilege escalation risks in Azure
Guest users with certain billing roles can create and own subscriptions, potentially gaining persistence and privilege ...
CSO Online3 天
If you use OneDrive to upload files to ChatGPT or Zoom, don’t
Users could potentially allow access to the entire drive because of the way Microsoft implements OAuth in OneDrive File ...
CSO Online6 天
The 7 unwritten rules of leading through crisis
Your crisis management playbook may look fail-proof on paper, but leadership and culture offer intangibles that can make or ...
CSO Online1 天
Hackerangriff auf Arcona Hotels
Die Arcona Hotels & Resorts-Gruppe kämpft seit einer Woche mit den Folgen eines Cyberangriffs.
CSO Online4 天
Will AI agent-fueled attacks force CISOs to fast-track passwordless projects?
AI agents are looming as another security headache for CISOs that could force their hand on shifting to passwordless ...
CSO Online4 天
New Russian APT group Void Blizzard targets NATO-based orgs after infiltrating Dutch police
The cyberespionage group uses compromised credentials to steal emails and data from public and private sector organizations ...