Security

Security | News, how-tos, features, reviews, and videos

CSO > Phishing attacks that bypass two-factor authentication

Phishing attacks that bypass 2-factor authentication are now easier to execute

Researchers released two tools--Muraen and NecroBrowser--that automate phishing attacks that can bypass 2FA. Most defenses won't stop them.

f securelogo

Freedome VPN review: A good VPN backed by a well-known security company

F-Secure's Freedome is a good VPN with extra security features that users will appreciate.

CSO > Security mechanisms vs. fiery threats

Public SAP exploits could enable attacks against thousands of companies

A recently released exploit takes advantage of a known configuration vulnerability that persists among many on-premise and cloud SAP instances. Here's what companies using SAP should do.

CSO > Micsoroft Windows logo emblazoned on a security shield in a field of abstract binary data.
Updated

Best new Windows 10 security features: Windows Sandbox, more update options

Here's what you need to know about each security update to Windows 10 as they roll out from Microsoft. Now updated for the 1903 feature release.

CSO > phishing / social engineering / security threat

Cisco security spotlights Microsoft Office 365 e-mail phishing increase

The leading e-mail service— in Microsoft’s Office 365 package – seems to be getting the most attention from those attackers hellbent on stealing enterprise data or your private information via phishing attacks.

European Union, EU

General Data Protection Regulation (GDPR): What you need to know to stay compliant

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that...

recruiting thinkstock

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

crypto currency circuit nodes digital wallet bitcoin blockchain

AT&T becomes first big mobile carrier to accept Bitcoin payments

AT&T joins a small list of e-commerce businesses who now accept cryptocurrency, a form of payment growing in popularity – especially among younger customers.

russian hacking us election  putin voting fraud hacked

2016 election hacking in Florida: Russian emails, hidden tracks

The Mueller Report says the Russians planted malware on at least one Florida county system, and Florida's governor announces that two counties were hacked in 2016. Experts believe the problem could be bigger.

A lightbulb on the horizon of a circuit-board landscape with abstract digital connective technology.
Updated

Security software reviews, 2019: Lab tests of today's top tools

We go hands-on with some of the most innovative, useful and, arguably, best security software on the market.

network security / network traffic scanning

Study: Most enterprise IoT transactions are unencrypted

A Zscaler report finds 91.5% of IoT communications within enterprises are in plaintext and so susceptible to interference.

hidemelogo

Hide.me review: Serviceable speeds and simple to use

Hide.me is easy to use and has the right privacy promises, but we didn't find the speeds were as good as experienced on Windows.

g suite app logos

Google exposes G Suite issue that stored plain-text passwords on its servers for 14 years

Google has fixed a G Suite issue that left some passwords stored in plain text on its servers.

surfsharklogo

Surfshark review: A solid VPN newcomer with some nice features

Surfshark only started life in 2018, but it's already showing promise with good speeds, nice features, and a no-logs policy.

windows sandbox splash

Windows Sandbox: How to use Microsoft's simple virtual Windows PC to secure your digital life

Microsoft's Windows Sandbox creates a safe space where you can try suspicious software or sites without risking your 'real' PC. Here's how to use it.

passwords exposed authentication hacked vulnerable security breach

IT services giant HCL left employee passwords, other sensitive data exposed online

HCL left employee passwords, customer project details, and other sensitive information exposed online with no authentication.

drafting military for cyber security cybersecurity govenment

Will the U.S. government draft cybersecurity professionals?

A Congressional commission might soon recommend conscription of cybersecurity professionals to serve in both the military and civil service. Will the government force security pros to work for Uncle Sam?

cyberghost mac icon

CyberGhost 7 review: A great choice for streaming overseas

CyberGhost has great speeds, and some nice extra features, but its support for numerous streaming services is what really sets this service apart.

CSO  >  danger / security threat / malware / binary skull overlaying binary code

What is malware? How to prevent, detect and recover from it

Malware is a blanket term for viruses, worms, trojans, and other harmful computer programs hackers use to wreak destruction and gain access to sensitive information. Learn what malware does and how you can remove it—or prevent it.

laptop displaying binary code with bandages on its screen

Microsoft sets post-retirement patching record with Windows XP fix – 5 years after support ended

The update – aimed at stopping the spread of WannaCry-like malware on PCs running the outdated OS – must be manually downloaded from the Microsoft Update Catalog.

Load More