CISO2CISO.COM & CYBER SECURITY GROUP

LinkedIn Group

CISO2CISO Last Published Stories

SCYTHE
Better Cybersecurity Metrics – SOC Metrics – Threat Hunting Metrics – Cyber Threat Intelligence (CTI) Metrics – Incident Response (IR) Metrics for CISOs by SCYTHE
Better Cybersecurity Metrics – SOC Metrics – Threat Hunting Metrics – Cyber Threat...
creative commons
OWASP API Security Top 10 – The Ten Most Critical API Security Risks by creative commons
OWASP API Security Top 10 – The Ten Most Critical API Security Risks...
UFMCS ARMY
THE ARMY RED TEAM HANDBOOK – The Guide to Making Better Decisions version 9 by – University of Foreign Military and Cultural Studies (UFMCS).
THE ARMY RED TEAM HANDBOOK – The Guide to Making Better Decisions version...
hackercombat
10 Cyber Security Myths You Need To Stop Believing by HACKER COMBAT COMMUNITY
10 Cyber Security Myths You Need To Stop Believing by HACKER COMBAT COMMUNITY
HADESS
Red Team Guides 2023 by HADESS
Red Team Guides 2023 by HADESS
Practical DevSecOps
API Security Fundamentals – Your Handy Guide to Building an Unhackable System by practical-devsecops.com
API Security Fundamentals – Your Handy Guide to Building an Unhackable System by...
Ninjio´s
Ninjio´s Cyber Hygiene Checklist – Level Up Your Cybersecurity
Ninjio´s Cyber Hygiene Checklist – Level Up Your Cybersecurity
7 CEO CYBERSECURITY ACTIONS – START WORKING ON IT TODAY , DON´T WAIT !!!
7 CEO CYBERSECURITY ACTIONS – START WORKING ON IT TODAY , DON´T WAIT...
Dinesh Shetty - Security Innovation
Hacking iOS Applications – A detailed testing guide by Dinesh Shetty – Security Innovation
Hacking iOS Applications – A detailed testing guide by Dinesh Shetty – Security...
naked security
In Memoriam – Gordon Moore, who put the more in “Moore’s Law”
In Memoriam – Gordon Moore, who put the more in “Moore’s Law”
csonline
Cybersecurity startups to watch for in 2023
Cybersecurity startups to watch for in 2023
csonline
The CSO guide to top security conferences
The CSO guide to top security conferences
The Guardian UK
TechScape: Why Twitter ending free access to its APIs should be a ‘wake-up call’
TechScape: Why Twitter ending free access to its APIs should be a ‘wake-up...
The Guardian UK
Medibank class action launched after massive hack put private information of millions on dark web
Medibank class action launched after massive hack put private information of millions on...
The Guardian UK
Labor plan to beef up government’s cyber powers faces Senate block
Labor plan to beef up government’s cyber powers faces Senate block
The Guardian UK
Latitude Financial cyber-attack worse than first thought with 14m customer records stolen
Latitude Financial cyber-attack worse than first thought with 14m customer records stolen
Data Breach Today
ChatGPT Exposed Payment Card Data of Subscribers
ChatGPT Exposed Payment Card Data of Subscribers
Malware Analysis Techniques – Tricks for the triage of adversarial software by Dylan Barker – Packt
Malware Analysis Techniques – Tricks for the triage of adversarial software by Dylan...
NIST
Artificial Intelligence Risk Management Framework – AI RMF 1.0 By NIST
Artificial Intelligence Risk Management Framework – AI RMF 1.0 By NIST
Packt
Windows Ransomware Detection and Protection – Securing Windows endpoints , the cloud and infrastructure using Microsoft Intune, Sentinel SIEM and Defender by Marius Sandbu – packt.
Windows Ransomware Detection and Protection – Securing Windows endpoints , the cloud and...
Microsoft Security
Data Loss Prevention from on-premises to cloud by Microsoft Security
Data Loss Prevention from on-premises to cloud by Microsoft Security
MANDIANT
MANDIANT APT1 – Exposing One of Chinas Cyber Espionage Units
MANDIANT APT1 – Exposing One of Chinas Cyber Espionage Units
MIT Technology Review
The Cyber Defense Index 2022-23 – A benchmark of the digital security preparedness of enterprises across the threat landscapes of the worlds top economies by MIT Technology Review Insights.
The Cyber Defense Index 2022-23 – A benchmark of the digital security preparedness...
PICUS
The RED REPORT 2023 – The Top 10 Most Prevalent MITRE ATT&ACK Techniques Used by Adversaries by PICUS
The RED REPORT 2023 – The Top 10 Most Prevalent MITRE ATT&ACK Techniques...
Chainalysis
The 2023 Crypto Crime Report by Chainalysis – Everithing you need to know about cryptocurrency-based crime
The 2023 Crypto Crime Report by Chainalysis – Everithing you need to know...
Stanton House
Cybersecurity Salary for US market and Recruiting Trends Guide 2023 by Stanton House
Cybersecurity Salary for US market and Recruiting Trends Guide 2023 by Stanton House
The Guardian UK
Yes, it’s crazy to have TikTok on official phones. But it’s not good for any of us | John Naughton
Yes, it’s crazy to have TikTok on official phones. But it’s not good...
The Hacker News
Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw
Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using...
The Hacker News
From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022
From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022
The Hacker News
The Best Defense Against Cyber Threats for Lean Security Teams
The Best Defense Against Cyber Threats for Lean Security Teams
The Hacker News
New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers
New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers
The Hacker News
New ‘Bad Magic’ Cyber Threat Disrupts Ukraine’s Key Sectors Amid War
New ‘Bad Magic’ Cyber Threat Disrupts Ukraine’s Key Sectors Amid War
The Hacker News
BreachForums Administrator Baphomet Shuts Down Infamous Hacking Forum
BreachForums Administrator Baphomet Shuts Down Infamous Hacking Forum
The Hacker News
NAPLISTENER: New Malware in REF2924 Group’s Arsenal for Bypassing Detection
NAPLISTENER: New Malware in REF2924 Group’s Arsenal for Bypassing Detection
Stanton House
CYBERSECURITY The Ultimate Hiring Guide by Stanton house
CYBERSECURITY The Ultimate Hiring Guide by Stanton house
FBI - Federal Bureau of Investigation
Internet Crime Report 2022 by FBI Internet Crime Compliance Center
Internet Crime Report 2022 by FBI Internet Crime Compliance Center
NIST
Digital Forensics and Incident Response (DFIR) Framework for Operational Technology (OT) by NIST – Eran Salfati and Michael Pease
Digital Forensics and Incident Response (DFIR) Framework for Operational Technology (OT) by NIST...
World Economic Forum
Global Cybersecurity Outlook 2023 Insight Report by WEF – World Economic Forum in collaboration with Accenture
Global Cybersecurity Outlook 2023 Insight Report by WEF – World Economic Forum in...
State service of Ukraine
Russia´s Cyber Tactics – Lessons Learnead 2022 by Information Protection of Ukraine
Russia´s Cyber Tactics – Lessons Learnead 2022 by Information Protection of Ukraine
SANSInstituteSecurity
SANS Institute – Incident Handler´s Handbook by Patrick Kral
SANS Institute – Incident Handler´s Handbook by Patrick Kral
RiskLens
Cybersecurity Risk Report 2023 by RiskLens
Cybersecurity Risk Report 2023 by RiskLens
ENISA-EUROPA
A Governance Framework for National Cybersecurity Strategies by European Union Agency for Cybersecurity – enisa
A Governance Framework for National Cybersecurity Strategies by European Union Agency for Cybersecurity...
MS Security & Mohamed Mokhtar
Microsoft Entra – The Comprensive Guide to Secure Azure AD & User Identities by Mohamed Mokhtar & Microsoft Security
Microsoft Entra – The Comprensive Guide to Secure Azure AD & User Identities...
The Hacker News
Rogue NuGet Packages Infect .NET Developers with Crypto-Stealing Malware
Rogue NuGet Packages Infect .NET Developers with Crypto-Stealing Malware
The Hacker News
Preventing Insider Threats in Your Active Directory
Preventing Insider Threats in Your Active Directory
The Hacker News
ScarCruft’s Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques
ScarCruft’s Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques
The Hacker News
CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems
CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems
The Hacker News
German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics
German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics
The Hacker News
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
The Hacker News
2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks
2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks
The Hacker News
Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps
Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps
SANS
SANS DFIR – CHEAT SHEETS & NOTEBOOKS – The most complete reference !!!
SANS DFIR – CHEAT SHEETS & NOTEBOOKS – The most complete reference !!!
Bruce Schneier
The Coming AI Hackers – Council for the responsible use of AI by Bruce Schneier
The Coming AI Hackers – Council for the responsible use of AI by...
Joas Antonio
ChatGPT for Cybersecurity by Joas Antonio dos Santos – malwareanalysis #reverseengineering
ChatGPT for Cybersecurity by Joas Antonio dos Santos – malwareanalysis #reverseengineering
United Nations - ONU
Digest of Cyber Organized Crime by UNODC – United Nations Office on Drugs and Crime
Digest of Cyber Organized Crime by UNODC – United Nations Office on Drugs...
McKinsey
Cybersecurity in a Digital Era by McKinsey. Digital McKinsey and Global Risk Practice.
Cybersecurity in a Digital Era by McKinsey. Digital McKinsey and Global Risk Practice.
Microsoft Security
Threat Hunting Survival Guide by Microsoft Security Experts
Threat Hunting Survival Guide by Microsoft Security Experts
CROWDSTRIKE
CROWDSTRIKE 2023 GLOBAL THREAT REPORT
CROWDSTRIKE 2023 GLOBAL THREAT REPORT
OEA - CIC - CISCO
Reporte sobre el desarrollo de la FUERZA LABORAL DE CIBERSEGURIDAD 2023 by OEA, CIC y CISCO en una era de escasez de talento y habilidades.
Reporte sobre el desarrollo de la FUERZA LABORAL DE CIBERSEGURIDAD 2023 by OEA,...
Bipartisan Policy Center
Top Risk in Cybersecurity 2023 by Bipartisan Policy Center
Top Risk in Cybersecurity 2023 by Bipartisan Policy Center

CISO2CISO Most Viewed & Popular Stories

MITRE
11 STRATEGIES OF A WORLD-CLASS CYBERSECURITY OPERATIONS CENTERS HIGHLIGHTS BY MITRE
11 STRATEGIES OF A WORLD-CLASS CYBERSECURITY OPERATIONS CENTERS HIGHLIGHTS BY MITRE
National Cyber Security
Cyber Security Toolkit for Boards – Helping board members to get to grips with cyber security by NCSC
Cyber Security Toolkit for Boards – Helping board members to get to grips...
Codrut Andrei
Secure Software Development Lifecycle Fundamentals by Codrut Andrei
Secure Software Development Lifecycle Fundamentals by Codrut Andrei
Marcos Jaimovich
Presentación “ModoSOC in Real Life” por Marcos Jaimovich en SEGURINFO Chile 2022.
Presentación “ModoSOC in Real Life” por Marcos Jaimovich en SEGURINFO Chile 2022.
Jon Radoff
The Metaverse Value Chain – The Seven Layers of the Metaverse by Jon Radoff
The Metaverse Value Chain – The Seven Layers of the Metaverse by Jon Radoff
Americn Public Power A.
Public Power Cyber Incident Response Playbook by American Public Power Association
Public Power Cyber Incident Response Playbook by American Public Power Association
Splunk
81 Siem Very important Use Cases for your SOC by SPLUNK
81 Siem Very important Use Cases for your SOC by SPLUNK
ALLIANZ
Allianz 2022 Risk Barometer – The most important business risks for the next 12 months and beyond, based on the insight of 2,650 risk management experts from 89 countries and territories.
Allianz 2022 Risk Barometer – The most important business risks for the next...
CHECKPOINT RESEARCH
Checkpoint Cyber Attack Trend 2022 Mid Year Report by Check Point Research
Checkpoint Cyber Attack Trend 2022 Mid Year Report by Check Point Research
Joas Antonio
Guide for Multi-Cloud Read Team AWS – GCP – AZURE by Joas Antonio
Guide for Multi-Cloud Read Team AWS – GCP – AZURE by Joas Antonio
Codrut Andrei
Cybersecurity Talent Crisis Today and Tomorrow by Codrut Andrei
Cybersecurity Talent Crisis Today and Tomorrow by Codrut Andrei
Cyber Rescue Alliance
The Best Cyber Insights of 2022 by The Cyber Rescue Alliance
The Best Cyber Insights of 2022 by The Cyber Rescue Alliance
Chris Davis
Blue Team Cheat Sheets by Chris Davis
Blue Team Cheat Sheets by Chris Davis
NCSC
NCSC Cyber Security for Small Business “SMEs” Guide.
NCSC Cyber Security for Small Business “SMEs” Guide.
OCCUPYTHEWEB
Linux Basics for Hackers by Occupytheweb
Linux Basics for Hackers by Occupytheweb
Apress
Jump-start Your SOC Analyst Career – A Roadmap to Cybersecurity Success by Apress
Jump-start Your SOC Analyst Career – A Roadmap to Cybersecurity Success by Apress
Microsoft
Microsoft 365 and the NIST Cybersecurity Framework
Microsoft 365 and the NIST Cybersecurity Framework
Microsoft
Microsoft Zero Trust Maturity Model
Microsoft Zero Trust Maturity Model
Nathalie Cole
How Much 10 Companies Paid Their Virtual CISO Service in 2022 Benchmark by Nathaniel Cole
How Much 10 Companies Paid Their Virtual CISO Service in 2022 Benchmark by...
WILEY
Cybercrime Investigators Handbook by WILEY
Cybercrime Investigators Handbook by WILEY
NSA
NSA Network Infrastructure Security Guidance V1.0 March 2022
NSA Network Infrastructure Security Guidance V1.0 March 2022
ENISA
TELECOM SECURITY INCIDENTS REPORT 2021 BY ENISA
TELECOM SECURITY INCIDENTS REPORT 2021 BY ENISA
RedHat
State of Kubernetes Security Report 2022 by RedHat
State of Kubernetes Security Report 2022 by RedHat
BUTTERWORTH-HEINEMANN
Security Operations Center Guidebook – A Practical Guide for a Successful SOC
Security Operations Center Guidebook – A Practical Guide for a Successful SOC
IBM Security
How much does a data breach cost in 2022? IBM Cost of a Data Breach 2022 Report by IBM Security
How much does a data breach cost in 2022? IBM Cost of a...
FIRE EYE
The Cyber Risk Playbook – What boards of directors and executives should know about Cyber Risk by FireEye.
The Cyber Risk Playbook – What boards of directors and executives should know...
Unbound Security
The Cybersecurity Acronym Book
The Cybersecurity Acronym Book
Ciso Council
CISO Security Officer Handbook
CISO Security Officer Handbook
Splunk
Top 50 Security Threats by Splunk
Top 50 Security Threats by Splunk
Joas Antonio
100 Security Operation Tools for SOCs by Joas Antonio
100 Security Operation Tools for SOCs by Joas Antonio
iSMG
RSA Conference 2022 Compendium: 150+ Interviews and More by SMG
RSA Conference 2022 Compendium: 150+ Interviews and More by SMG
Verizon
Verizon 2022 DBIR Data Breach Investigations Report
Verizon 2022 DBIR Data Breach Investigations Report
Gartner
Gartner Unveils the Top Eight Cybersecurity Predictions for 2022-23
Gartner Unveils the Top Eight Cybersecurity Predictions for 2022-23
SentinelOne
90 DAYS A CISO´s Journey to Impact define your role !!
90 DAYS A CISO´s Journey to Impact define your role !!
help net security
Compliance does not equal security !!
Compliance does not equal security !!
Think Big Blog
Top 10 TED Talks to Learn about Cyber Security
Top 10 TED Talks to Learn about Cyber Security

Last Cyber Security News

The Hacker News
Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts
Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts
The Hacker News
Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites
Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites
The Hacker News
Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies
Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies
The Hacker News
GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
The Hacker News
THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
The Hacker News
Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
The Hacker News
OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident
OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident
The Hacker News
Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
The Hacker News
U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
naked security
Windows 11 also vulnerable to “aCropalypse” image data leakage
Windows 11 also vulnerable to “aCropalypse” image data leakage
naked security
Google Pixel phones had a serious data leakage bug – here’s what to do!
Google Pixel phones had a serious data leakage bug – here’s what to...
naked security
WooCommerce Payments plugin for WordPress has an admin-level hole – patch now!
WooCommerce Payments plugin for WordPress has an admin-level hole – patch now!
naked security
S3 Ep127: When you chop someone out of a photo, but there they are anyway…
S3 Ep127: When you chop someone out of a photo, but there they...
Data Breach Today
Clop GoAnywhere Attacks Have Now Hit 130 Organizations
Clop GoAnywhere Attacks Have Now Hit 130 Organizations
Data Breach Today
3-Year JS Injection Campaign Targets 51,000 Websites
3-Year JS Injection Campaign Targets 51,000 Websites
The Guardian UK
TikTok unveils European data security plan amid calls for US ban
TikTok unveils European data security plan amid calls for US ban
The Guardian UK
UK bans TikTok from government mobile phones
UK bans TikTok from government mobile phones
The Guardian UK
UK expected to ban TikTok from government mobile phones
UK expected to ban TikTok from government mobile phones
The Guardian UK
The TikTok wars – why the US and China are feuding over the app
The TikTok wars – why the US and China are feuding over the...
The Guardian UK
MPs and peers ask information commissioner to investigate TikTok
MPs and peers ask information commissioner to investigate TikTok
The Guardian UK
US threatens to ban TikTok unless Chinese owners divest
US threatens to ban TikTok unless Chinese owners divest
The Guardian UK
TikTok to be banned from UK parliamentary devices
TikTok to be banned from UK parliamentary devices
The Guardian UK
BBC urges staff to delete TikTok from company mobile phones
BBC urges staff to delete TikTok from company mobile phones
The Guardian UK
TikTok banned on London City Hall devices over security concerns
TikTok banned on London City Hall devices over security concerns
csonline
Cyberpion rebrands as Ionix, offering new EASM visibility improvements
Cyberpion rebrands as Ionix, offering new EASM visibility improvements
csonline
Critical flaw in WooCommerce can be used to compromise WordPress websites
Critical flaw in WooCommerce can be used to compromise WordPress websites
The Guardian UK
Is it worth taking out personal cyber insurance in case you are caught up in a data hack?
Is it worth taking out personal cyber insurance in case you are caught...
The Guardian UK
Medibank hackers announce ‘case closed’ and dump huge data file on dark web
Medibank hackers announce ‘case closed’ and dump huge data file on dark web
The Guardian UK
Password app LastPass hit by cybersecurity breach but says data remains safe
Password app LastPass hit by cybersecurity breach but says data remains safe
The Guardian UK
I am a Medibank customer. Am I affected by the cyber-attack? What can I do to protect myself?
I am a Medibank customer. Am I affected by the cyber-attack? What can...
The Guardian UK
TPG reveals emails of 15,000 iiNet and Westnet customers exposed in hack
TPG reveals emails of 15,000 iiNet and Westnet customers exposed in hack
The Guardian UK
Telstra sorry for publishing up to 130,000 customers’ details online
Telstra sorry for publishing up to 130,000 customers’ details online
The Guardian UK
Clare O’Neil on national security amid cyber hacks and threats to democracy
Clare O’Neil on national security amid cyber hacks and threats to democracy
Data Breach Today
Corelight Pursues IR Partnerships, Smaller Enterprise Deals
Corelight Pursues IR Partnerships, Smaller Enterprise Deals
Data Breach Today
Device Maker Zoll Facing 7 Lawsuits in Wake of Breach
Device Maker Zoll Facing 7 Lawsuits in Wake of Breach
Data Breach Today
US Sends Cyber Team to Aid Albania’s Cyber Defenses
US Sends Cyber Team to Aid Albania’s Cyber Defenses
Data Breach Today
How BreachForums’ ‘Pompompurin’ Led the FBI to His Home
How BreachForums’ ‘Pompompurin’ Led the FBI to His Home
csonline
UK parliament follows government by banning TikTok over cybersecurity concerns
UK parliament follows government by banning TikTok over cybersecurity concerns
csonline
Critical flaw in AI testing framework MLflow can lead to server and data compromise
Critical flaw in AI testing framework MLflow can lead to server and data...
csonline
Android-based banking Trojan Nexus now available as malware-as-a-service
Android-based banking Trojan Nexus now available as malware-as-a-service
Data Breach Today
GitHub Replaces Private RSA SSH Key After Public Exposure
GitHub Replaces Private RSA SSH Key After Public Exposure
Data Breach Today
ISMG Editors: What’s Next in Russia’s Cyber War?
ISMG Editors: What’s Next in Russia’s Cyber War?
csonline
Russian hacktivists deploy new AresLoader malware via decoy installers
Russian hacktivists deploy new AresLoader malware via decoy installers
Data Breach Today
Live Webinar | The Good, the Bad and the Truth About Password Managers
Live Webinar | The Good, the Bad and the Truth About Password Managers
Data Breach Today
Breach Roundup: Ferrari, Indian Health Ministry and the NBA
Breach Roundup: Ferrari, Indian Health Ministry and the NBA
Data Breach Today
Lawmakers Weigh New Regulations in U.S. Cyber Strategy
Lawmakers Weigh New Regulations in U.S. Cyber Strategy
Data Breach Today
Cryptohack Roundup: BitPay, Euler Finance Gala Games
Cryptohack Roundup: BitPay, Euler Finance Gala Games
Data Breach Today
SideCopy APT Targets India’s Premier Defense Research Agency
SideCopy APT Targets India’s Premier Defense Research Agency

The Hacker News

Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw
From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022
The Best Defense Against Cyber Threats for Lean Security Teams
New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers
New ‘Bad Magic’ Cyber Threat Disrupts Ukraine’s Key Sectors Amid War
BreachForums Administrator Baphomet Shuts Down Infamous Hacking Forum

Threatpost

Google Patches Chrome’s Fifth Zero-Day of the Year
iPhone Users Urged to Update to Patch 2 Zero-Days
Fake Reservation Links Prey on Weary Travelers
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Ransomware Attacks are on the Rise

Naked Security

In Memoriam – Gordon Moore, who put the more in “Moore’s Law”
Google Pixel phones had a serious data leakage bug – here’s what to do!
Windows 11 also vulnerable to “aCropalypse” image data leakage
WooCommerce Payments plugin for WordPress has an admin-level hole – patch now!
S3 Ep127: When you chop someone out of a photo, but there they are anyway…
Bitcoin ATM customers hacked by video upload that was actually an app

Cyber Security Hub

What is phishing?
What are DDoS attacks?
Top seven hacks and cyber security threats in APAC
Why do hackers target cryptocurrencies?
Have your say: the global state of cyber security
The dangerous vulnerabilities caused by weak email security

CISO2CISO Last Published Stories

ACSC Australia
Cyber Incident Response Plan Template by ACSC & Australian Goverment
Cyber Incident Response Plan Template by ACSC & Australian Goverment
CISA
Insider Threat Mitigation Guide by Cybersecurity Insfrastructure Security Agency
Insider Threat Mitigation Guide by Cybersecurity Insfrastructure Security Agency
ACFE
ANTI-FRAUD PLAYBOOK – THE BEST DEFENSES IS A GOOD OFFENSE BY ACFE – FRAUD RISK GOVERNANCE – Playbooks are not only for Cyber, they are also to combat business fraud.
ANTI-FRAUD PLAYBOOK – THE BEST DEFENSES IS A GOOD OFFENSE BY ACFE –...
OECD Publishing
ROUTING SECURITY – BGP INCIDENTS, MITIGATION, TECHNIQUES AND POLICY ACTIONS BY OECD
ROUTING SECURITY – BGP INCIDENTS, MITIGATION, TECHNIQUES AND POLICY ACTIONS BY OECD
NSA
NSA CYBERSECURITY – YEAR IN REVIEW REPORT 2022. You must read IT !
NSA CYBERSECURITY – YEAR IN REVIEW REPORT 2022. You must read IT !
US Deparment of Defense
DevSecOps Fundamentals Guidebook – Tools & Activities by American Deparment of Defense
DevSecOps Fundamentals Guidebook – Tools & Activities by American Deparment of Defense
Tushar Subhra Dutta
Top 10 Cyber Attack Maps to See Digital Threats 2022 by Tushar Subhra Dutta – Cyber Security News.
Top 10 Cyber Attack Maps to See Digital Threats 2022 by Tushar Subhra...
National Cyber Crime Agencie
Manual on Social Media Intelligence (SOCMINT) for Law Enforcement Agencies by National Cyber Crume Research & Innovation Centre – Government of India
Manual on Social Media Intelligence (SOCMINT) for Law Enforcement Agencies by National Cyber...
Wallarm
DevOps Tools and Insfrastructure Under Attack by Wallarm
DevOps Tools and Insfrastructure Under Attack by Wallarm
IST
MAPPING THE RANSOMWARE PAYMENT ECOSYSTEM BY ZOE BRAMMER – IST Institute of Security and Technology
MAPPING THE RANSOMWARE PAYMENT ECOSYSTEM BY ZOE BRAMMER – IST Institute of Security...
MANDIANT
THE DEFENDER´S ADVANTAGE – A GUIDE TO ACTIVATING CYBER DEFENSE BY MANDIANT
THE DEFENDER´S ADVANTAGE – A GUIDE TO ACTIVATING CYBER DEFENSE BY MANDIANT
esset
ESSET THREAT REPORT T2 2022
ESSET THREAT REPORT T2 2022
OECD Publishing
SECURITY OF THE DOMAIN NAME SYSTEM (DNS) – AN INTRODUCTION FOR POLICY MAKERS
SECURITY OF THE DOMAIN NAME SYSTEM (DNS) – AN INTRODUCTION FOR POLICY MAKERS
SecurityGen
Telecom Cybersecurity – 5G Protection Use Cases by SecurityGen
Telecom Cybersecurity – 5G Protection Use Cases by SecurityGen
HornetSecurity
THE 2022 HORNETSECURITY RANSOMWARE ATTACKS ANALYSIS
THE 2022 HORNETSECURITY RANSOMWARE ATTACKS ANALYSIS
MITRE
11 STRATEGIES OF A WORLD-CLASS CYBERSECURITY OPERATIONS CENTERS HIGHLIGHTS BY MITRE
11 STRATEGIES OF A WORLD-CLASS CYBERSECURITY OPERATIONS CENTERS HIGHLIGHTS BY MITRE
National Cyber Security
Cyber Security Toolkit for Boards – Helping board members to get to grips with cyber security by NCSC
Cyber Security Toolkit for Boards – Helping board members to get to grips...
Ankit Pangasa
Security Protocols – SSL vs TLS – ALL YOU NEED TO KNOW.
Security Protocols – SSL vs TLS – ALL YOU NEED TO KNOW.
EKOPARTY SECURITY CONFERENCE
#EKOPARTY2022 – Ekoparty is a technical security conference born in 2001. +3000 guests, single track, workshops, trainings + ❤ – World-class experts, new breakthroughs, and professional training taught by the most recognized infosec professionals.
#EKOPARTY2022 – Ekoparty is a technical security conference born in 2001. +3000 guests, single...
CISO2CISO ToolBox Series
CISO2CISO Toolbox Series – Cyber Security Blogs / Cyber Security RSS Feeds List –
CISO2CISO Toolbox Series – Cyber Security Blogs / Cyber Security RSS Feeds List...
Canadian Centre for CyberSecurity
BASELINE CYBER SECURITY CONTROLS FOR SMALL AND MEDIUM ORGANIZATIONS V1.2 by Canadian Centre for CYBERSECURITY
BASELINE CYBER SECURITY CONTROLS FOR SMALL AND MEDIUM ORGANIZATIONS V1.2 by Canadian Centre...
CRC Press
DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS – Classification, Attacks, Challenges and Countermeasures – CRC Press Book
DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS – Classification, Attacks, Challenges and Countermeasures –...
Hague Centre Strategic Stud
Cyber Arms Watch An Analysis of Stated & Perceived Offensive Cyber Capabilities by The Hague Centre for Strategic Studies
Cyber Arms Watch An Analysis of Stated & Perceived Offensive Cyber Capabilities by...
ACSC Australia
13 Questions for boards to ask about cyber security by Australian Cyber Security Centre – ACSC
13 Questions for boards to ask about cyber security by Australian Cyber Security...
CISO Forum
CISO’s – First 100 Days Roadmap – Your success as a security leader is determined largely by your first 100 days in the role.
CISO’s – First 100 Days Roadmap – Your success as a security leader...
ANSSI & CCA France
Organising a Cyber Crisis Management Exercise – Positioning Cyber Resilience at the Highest Level by French National Cyber Security Agency (ANSSI) – CCA France
Organising a Cyber Crisis Management Exercise – Positioning Cyber Resilience at the Highest...
PICUS
ILLUMINATING DARKSIDE – TTPs, Tools, and the Trend Towards Defense Evasion by PICUS
ILLUMINATING DARKSIDE – TTPs, Tools, and the Trend Towards Defense Evasion by PICUS
BONI YEAMIN
OPEN SOURCE SOC TOOLS BY BONI YEAMIN
OPEN SOURCE SOC TOOLS BY BONI YEAMIN
ARCTIC WOLF
Definitive Guide to SOC as a Service – The Essential Elements of Advanced Threat Detection and Response by Crystal Bedell and Mark Bouchard – ARCTIC WOLF
Definitive Guide to SOC as a Service – The Essential Elements of Advanced...
varonis
Pentesting Active Directory Environments by VARONIS
Pentesting Active Directory Environments by VARONIS
WILEY
CYBERSECURITY – BLUE TEAM TOOLKIT – A practical cybersecurity handbook for both tech and non-tech professionals by Nadean Tanner
CYBERSECURITY – BLUE TEAM TOOLKIT – A practical cybersecurity handbook for both tech...
iapp
2022 PRIVACY TECH VENDOR REPORT by IAPP
2022 PRIVACY TECH VENDOR REPORT by IAPP
UK Government
Detecting the Unknown – A Guide to Threat Hunting by UK Government
Detecting the Unknown – A Guide to Threat Hunting by UK Government
Microsoft Security
Microsoft Implements Brute Force Attack Protection for All Windows Versions – As of October 11th, All Versions of Windows Can Automatically Block Admin Brute Force Attacks.
Microsoft Implements Brute Force Attack Protection for All Windows Versions – As of...
Microsoft Security
Building a Holistic Insider Risk Management Program – 5 elements that help companies have stronger data protection and security while protecting user trust by Microsoft Security
Building a Holistic Insider Risk Management Program – 5 elements that help companies...
ENDGAME
KERNEL MODE THREATS AND PRACTICAL DEFENSES BY Joe Desimone and Ganriel Landau – ENDGAME
KERNEL MODE THREATS AND PRACTICAL DEFENSES BY Joe Desimone and Ganriel Landau –...

CISO2CISO Most Viewed & Popular Stories

NHTSA
Cybersecurity Best Practices for the Safety of Modern Vehicles – Updatd 2022 by NHTSA
Cybersecurity Best Practices for the Safety of Modern Vehicles – Updatd 2022 by...
CLOUDFLARE
Simplifying the way we protect SaaS applications – How to protect users and data with a Zero Trust approach by Cloudflare
Simplifying the way we protect SaaS applications – How to protect users and...
Virusbulletin.com
LAZARUS AND BYOVD – EVIL TO THE WINDOWS CORE By Peter Kalnai – Matej Havranek – ESET – virusbulletin.com
LAZARUS AND BYOVD – EVIL TO THE WINDOWS CORE By Peter Kalnai –...
Alejandro Corletti - Darfe.es
Libro Ciberseguridad – Una estrategia Informatica-Militar by Alejandro Corletti Estrada – darfE.es
Libro Ciberseguridad – Una estrategia Informatica-Militar by Alejandro Corletti Estrada – darfE.es
CYFIRMA
ADVANCED SOCIAL ENGINEERING ATTACKS DECONSTRUCTED BY CFYRMA
ADVANCED SOCIAL ENGINEERING ATTACKS DECONSTRUCTED BY CFYRMA
HADESS
TALE OF PHIHING – Some Phishing Techniques & Awareness by HADESS.IO
TALE OF PHIHING – Some Phishing Techniques & Awareness by HADESS.IO
Cobalt
The Estate of Pentesting 2022 by Cobalt
The Estate of Pentesting 2022 by Cobalt
CheckPoint
KEEPING YOUR EMAIL SECURE – WHO DOES IT BEST ? A Especial analysis by Checkpoint.
KEEPING YOUR EMAIL SECURE – WHO DOES IT BEST ? A Especial analysis...
Cybersecurity Top Youtube Channels
Cybersecurity 85 Top Youtube Channels on Github.com
Cybersecurity 85 Top Youtube Channels on Github.com
Salman Abdulkarim
AWS Cloud Security – The AWS Shared Responsibility Model by Salman Abdulkarim
AWS Cloud Security – The AWS Shared Responsibility Model by Salman Abdulkarim
Cynalytica
5 Targets Hackers Look for When Attacking an OT Network by Cynalytica
5 Targets Hackers Look for When Attacking an OT Network by Cynalytica
rpi
THE IoT LANDSCAPE – The next decade of the Internet of Things by rpi – As it stands, there are 13.3 billion IoT-connected devices in the world.
THE IoT LANDSCAPE – The next decade of the Internet of Things by...
FORTINET
A Solution Guide to Operational Technology (OT) Cybersecurity by Fortinet – The “air gap” between OT and IT has evaporated, and cyber threats pose a real challenge to OT organizations
A Solution Guide to Operational Technology (OT) Cybersecurity by Fortinet – The “air...
Victoria Beckman - Microsoft
Ransomware as a service (RaaS) – An explainer guide to cybercrime´s newest business model
Ransomware as a service (RaaS) – An explainer guide to cybercrime´s newest business...
SCF
Secure & Privacy by Design Principles Framework & Security & Privacy Capability Maturity Model (SP-CMM) by SCF
Secure & Privacy by Design Principles Framework & Security & Privacy Capability Maturity...
APPLIED INCIDENT RESPONSE
Windows Event Security Log Analysis
Windows Event Security Log Analysis
CAREER UP
7 Steps to your Cybersecurity Career – How to begin your career in Cibersecurity By Chris Romano, CISSP
7 Steps to your Cybersecurity Career – How to begin your career in...
Aristeidis Michail
Security Operations Center – A Business Perspective by Aristeidis Michail
Security Operations Center – A Business Perspective by Aristeidis Michail
IGNITE Technologies
RDP Penetration Testing by IGNITE Technologies
RDP Penetration Testing by IGNITE Technologies
Joas Antonio
Windows Persistence Techniques by Joas Antonio
Windows Persistence Techniques by Joas Antonio
ALEX SIDORENKO & ELENA DEMIDENKO
GUIDE TO EFFECTIVE RISK MANAGEMENT 3.0 – ALEX SIDORENKO – ELENA DEMIDENKO
GUIDE TO EFFECTIVE RISK MANAGEMENT 3.0 – ALEX SIDORENKO – ELENA DEMIDENKO
BCG Global Cybersecurity Forum
Turning a Cybersecurity Strategy Into Reality A Holistic Performance Management Framework by BCG & STC
Turning a Cybersecurity Strategy Into Reality A Holistic Performance Management Framework by BCG...
CSA Cloud Security Alliance
SaaS Governance Best Practices Cloud by CSA Cloud Security Alliance
SaaS Governance Best Practices Cloud by CSA Cloud Security Alliance
ICS2
A Resilient Cybersecurity Professionn Chart the Path Forward – ICS2 CYBERSECURITY WORKFORCE STUDY – A Growing, Engaged Workforce
A Resilient Cybersecurity Professionn Chart the Path Forward – ICS2 CYBERSECURITY WORKFORCE STUDY...
Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server
Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server
PWC
2022 Global Digital Trust Insights – The C-suite guide to simplifyng for cyber readiness today and tomorrow by PWC
2022 Global Digital Trust Insights – The C-suite guide to simplifyng for cyber...
CYBERSECURITY INSIDERS
THREAT HUNTING REPORT – Cybersecurity Insiders – DOMAINTOOLS 2021
THREAT HUNTING REPORT – Cybersecurity Insiders – DOMAINTOOLS 2021
HARDVARD Kennedy School
National Cyber Power Index 2022 – HARDVARD Kennedy School – BELFER CENTER for Science and International Affairs by Julia Voo, Irfan Hemani, Daniel Cassidy
National Cyber Power Index 2022 – HARDVARD Kennedy School – BELFER CENTER for...
odaseva
The State of SaaS Ransomware Attack Preparedness – A survey of cloud data decision makers in large enterprises – Large enterprises are not fully prepared for cloud ransomware attacks – August 2022 by Odaseva
The State of SaaS Ransomware Attack Preparedness – A survey of cloud data...
CIS
CIS Critical Security Controls Version 8 – Mapping to PCI Data Security Standar (PCI DSS) v4.0 – Excel template tool ready for use – This document contains mappings of the CIS Controls and Safeguards to Payment Card Industry (PCI) Data Security Standard, v4.0.
CIS Critical Security Controls Version 8 – Mapping to PCI Data Security Standar...
Microsoft
Windows 11 Security Book – Powerful security from chip to cloud – Built with zero-trust principles at the core to safeguard data and access anywhere, keeping you protected and productive.
Windows 11 Security Book – Powerful security from chip to cloud – Built...
Arizona State University
THE FUTURE OF CYBER ENABLED FINANCIAL CRIME – New Crimes, New Criminals, and Economic Warfare by ASU THREATCASTING LAB
THE FUTURE OF CYBER ENABLED FINANCIAL CRIME – New Crimes, New Criminals, and...
PEERLYST
INTRUSION DETECTION GUIDE – The fields leading experts show exactly how to detect, deter, and respond to security threats by PEERLYST
INTRUSION DETECTION GUIDE – The fields leading experts show exactly how to detect,...
CSC 2.0
2022 Annual Report on Implementation – CSC 2.0 by Jiwon Ma – Mark Montgomery
2022 Annual Report on Implementation – CSC 2.0 by Jiwon Ma – Mark...
Splunk
Five Automation Use Cases for Splunk SOAR by Splunk – Alert Enrichment , Phishing Investigation & Response, Endpoint Malware Triage, Command & Control Investigation & Containment, Threat Intelligence.
Five Automation Use Cases for Splunk SOAR by Splunk – Alert Enrichment ,...
ECIIA
2023 RISK IN FOCUS – Hot topics for internal auditors by ECIIA – VUCA context of very complex risks is coming to the world of internal audit by European Confederation of Institutes of Internal Auditing
2023 RISK IN FOCUS – Hot topics for internal auditors by ECIIA –...

Last Cyber Security News

csonline
9 attack surface discovery and management tools
9 attack surface discovery and management tools
csonline
Developed countries lag emerging markets in cybersecurity readiness
Developed countries lag emerging markets in cybersecurity readiness
csonline
BrandPost: Stop the Sprawl: How Vendor Consolidation Can Reduce Security Risks in the Cloud
BrandPost: Stop the Sprawl: How Vendor Consolidation Can Reduce Security Risks in the...
csonline
As critical Microsoft vulnerabilities drop, attackers may adopt new techniques
As critical Microsoft vulnerabilities drop, attackers may adopt new techniques
csonline
Ping Identity debuts decentralized access management system in early access
Ping Identity debuts decentralized access management system in early access
csonline
Sharing sensitive business data with ChatGPT could be risky
Sharing sensitive business data with ChatGPT could be risky
csonline
Backslash AppSec solution targets toxic code flows, threat model automation
Backslash AppSec solution targets toxic code flows, threat model automation
csonline
Average enterprise storage/backup device has 14 vulnerabilities, three high or critical risks
Average enterprise storage/backup device has 14 vulnerabilities, three high or critical risks
csonline
Landmark UK-Israeli agreement to boost mutual cybersecurity development, tackle shared threats
Landmark UK-Israeli agreement to boost mutual cybersecurity development, tackle shared threats
csonline
55 zero-day flaws exploited last year show the importance of security risk management
55 zero-day flaws exploited last year show the importance of security risk management
csonline
Splunk adds new security and observability features
Splunk adds new security and observability features
csonline
How training and recognition can reduce cybersecurity stress and burnout
How training and recognition can reduce cybersecurity stress and burnout
csonline
New vulnerabilities found in industrial control systems of major vendors
New vulnerabilities found in industrial control systems of major vendors
csonline
Security at the core of Intel’s new vPro platform
Security at the core of Intel’s new vPro platform
Data Breach Today
Splashtop Buys Foxpass to Bring Enterprise IAM to the Masses
Splashtop Buys Foxpass to Bring Enterprise IAM to the Masses
Data Breach Today
Russians Can Use Crypto to Evade Sanctions, Researchers Warn
Russians Can Use Crypto to Evade Sanctions, Researchers Warn
Krebs on Security
Google Suspends Chinese E-Commerce App Pinduoduo Over Malware
Google Suspends Chinese E-Commerce App Pinduoduo Over Malware
Data Breach Today
Stung by Free Decryptor, Ransomware Group Embraces Extortion
Stung by Free Decryptor, Ransomware Group Embraces Extortion
Data Breach Today
Hackers Are Actively Exploiting Unpatched Adobe ColdFusion
Hackers Are Actively Exploiting Unpatched Adobe ColdFusion
Data Breach Today
Orca Promotes CPO Gil Geron to CEO to Drive Efficient Growth
Orca Promotes CPO Gil Geron to CEO to Drive Efficient Growth
Data Breach Today
DC Health Link Facing Lawsuits in Hack Affecting Congress
DC Health Link Facing Lawsuits in Hack Affecting Congress
Data Breach Today
US FTC Seeks Information on Cloud Provider Cybersecurity
US FTC Seeks Information on Cloud Provider Cybersecurity
Data Breach Today
Webinar | Why Your SASE Deployment Should Start With ZTNA 2.0
Webinar | Why Your SASE Deployment Should Start With ZTNA 2.0
Data Breach Today
BreachForums Closes Amid Worries Over Law Enforcement Access
BreachForums Closes Amid Worries Over Law Enforcement Access
Data Breach Today
US Charges Bulgarian Woman in $4B OneCoin Fraud Case
US Charges Bulgarian Woman in $4B OneCoin Fraud Case
Data Breach Today
NYC Special Needs Student’s Records Found Exposed on Web
NYC Special Needs Student’s Records Found Exposed on Web
Data Breach Today
Google Suspends Chinese App Following Malware Discovery
Google Suspends Chinese App Following Malware Discovery
Data Breach Today
(Fireside Chat) Policing the Shadows: Uncovering the Darkweb
(Fireside Chat) Policing the Shadows: Uncovering the Darkweb
Data Breach Today
(Panel) Skill Gap in Cybersecurity: Innovative Methods CISOs Are Deploying
(Panel) Skill Gap in Cybersecurity: Innovative Methods CISOs Are Deploying
Data Breach Today
CERT-In Directives – The Status Check
CERT-In Directives – The Status Check
Data Breach Today
Ransomware Will Target Transport Sector OT, Says ENISA – European Cybersecurity Agency Warns That Digital Extortion Is Coming for OT
Ransomware Will Target Transport Sector OT, Says ENISA – European Cybersecurity Agency Warns...
csonline
Security Recruiter Directory
Security Recruiter Directory
csonline
ForgeRock, Secret Double Octopus offer passwordless authentication for enterprises
ForgeRock, Secret Double Octopus offer passwordless authentication for enterprises
Data Breach Today
How Russia’s Ukraine War Disrupted the Cybercrime Ecosystem
How Russia’s Ukraine War Disrupted the Cybercrime Ecosystem
Data Breach Today
Fresh Vishing Campaign Targeting South Korean Users
Fresh Vishing Campaign Targeting South Korean Users
Data Breach Today
Lawsuit Against Clinic Seeks Long List of Cyber Improvements
Lawsuit Against Clinic Seeks Long List of Cyber Improvements
Data Breach Today
Hacker Exploits Months-Old Bug to Steal Crypto From ATMs
Hacker Exploits Months-Old Bug to Steal Crypto From ATMs
The Hacker News
Emotet Rises Again: Evades Macro Security via OneNote Attachments
Emotet Rises Again: Evades Macro Security via OneNote Attachments
The Hacker News
Researchers Shed Light on CatB Ransomware’s Evasion Techniques
Researchers Shed Light on CatB Ransomware’s Evasion Techniques
The Hacker News
New Cyber Platform Lab 1 Decodes Dark Web Data to Uncover Hidden Supply Chain Breaches
New Cyber Platform Lab 1 Decodes Dark Web Data to Uncover Hidden Supply...
The Hacker News
Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen
Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen
The Hacker News
New DotRunpeX Malware Delivers Multiple Malware Families via Malicious Ads
New DotRunpeX Malware Delivers Multiple Malware Families via Malicious Ads

The Register

Putin to staffers: Throw out your iPhones, or ‘give it to the kids’
Ex-Meta security staffer accuses Greece of spying on her phone
You just gonna take that AWS? Let Microsoft school your users on cloud security?
BreachForums shuts down … but the RaidForums cybercrime universe will likely spawn a trilogy
Xi, Putin declare intent to rule the world of AI, infosec
India’s absurd infosec reporting rules get just 15 followers

Graham Cluley

Fake GPT Chrome extension steals Facebook session cookies, breaks into accounts
Europe’s transport sector terrorised by ransomware, data theft, and denial-of-service attacks
Danger USB! Journalists sent exploding flash drives
aCropalypse now! Cropped and redacted images suffer privacy fail on Google Pixel smartphones
The hidden danger to zero trust: Excessive cloud permissions
Smashing Security podcast #314: Photo cropping bombshell, TikTok debates, and real estate scams

Data Breach Today

ChatGPT Exposed Payment Card Data of Subscribers
Clop GoAnywhere Attacks Have Now Hit 130 Organizations
3-Year JS Injection Campaign Targets 51,000 Websites
Corelight Pursues IR Partnerships, Smaller Enterprise Deals
Device Maker Zoll Facing 7 Lawsuits in Wake of Breach
US Sends Cyber Team to Aid Albania’s Cyber Defenses

SOC Prime

Ferrari Data Breach Disclosed: Attackers Gain Access to the Company’s Network While Demanding Ransom to...
SOC Prime Threat Bounty —  February 2023 Results
Detect CVE-2023-23397 Exploits: Critical Elevation of Privilege Vulnerability in Microsoft Outlook Leveraged in the Wild...
BlackLotus UEFI Bootkit Detection: Exploits CVE-2022-21894 to Bypass UEFI Secure Boot and Disables OS Security...
ScrubCrypt Attack Detection: 8220 Gang Applies Novel Malware in Cryptojacking Operations Exploiting Oracle WebLogic Servers
On the Frontline of the Global Cyber War: Overview of Major russia-backed APT Groups Targeting...

CISO2CISO Last Published Stories

Dr. Erdal Ozkaya
Hiring a CISO – Super Guide for startups by Erdal Ozkaya
Hiring a CISO – Super Guide for startups by Erdal Ozkaya
ISMS Forum & DPI
Guia Practica para la Gestion de Breachas de Datos Personas by ISMS and DPI
Guia Practica para la Gestion de Breachas de Datos Personas by ISMS and...
Argentina
Propuesta de Anteproyecto de Ley de Proteccion de Datos Personales – Ley 25326 – Agencia de Acceso a la Información Publica – Gobierno de Argentina
Propuesta de Anteproyecto de Ley de Proteccion de Datos Personales – Ley 25326...
NSA and NISA
Control System Defense – Know the Opponent by NSA and NISA
Control System Defense – Know the Opponent by NSA and NISA
Cencys
2022 State of the internet report by cencys
2022 State of the internet report by cencys
O´REILLY
10 Steps Every CISO Should Take to Secure Next-Gen Software by Cindy Blake – O´REILLY Books
10 Steps Every CISO Should Take to Secure Next-Gen Software by Cindy Blake...
TRIMARC
10 WAYS TO IMPROVE AD SECURITY QUICKLY – list of widely applicable “easy” wins for securing MS AD by TRIMARC
10 WAYS TO IMPROVE AD SECURITY QUICKLY – list of widely applicable “easy”...
Packt
Guia de Implementacion y Estrategia de Azure cuarta edicion by Packt
Guia de Implementacion y Estrategia de Azure cuarta edicion by Packt
Practical DevSecOps
You are probably doing DevSecOps Wrong by Practical DevSecOps – DevSecOps can seem like a magical solution, but there are some elephants in the room and some practical solutions.
You are probably doing DevSecOps Wrong by Practical DevSecOps – DevSecOps can seem...
TACTICX
Offensive Microsoft Active Directory 101 – Security Holes Everywere by TACTICX – Active Directory Attack.
Offensive Microsoft Active Directory 101 – Security Holes Everywere by TACTICX – Active...
BARRACUDA
The State of Industrial Security in 2022 by Barracuda – Insecure remote access, lack of network segmentation, and insufficient automation are leaving organizations open to attacks.
The State of Industrial Security in 2022 by Barracuda – Insecure remote access,...
Tenable.cs Cloud Security
7 Habits of Highly Effective DEVSECOPS Teams whitepaper by Tenable.cs Cloud Security – DevSecOps is not just a technology shift, but a cultural change as well.
7 Habits of Highly Effective DEVSECOPS Teams whitepaper by Tenable.cs Cloud Security –...
Europol
DeepFakes Attacks – Facing reality Law enforcement and the challenge of deepfakes by EUROPOL
DeepFakes Attacks – Facing reality Law enforcement and the challenge of deepfakes by...
SecurityGen
5G Cybersecurity – Telecom Cybersecurity – Decoding the ecosystem and its vulnerabilities by SecurityGen – Telecom Security
5G Cybersecurity – Telecom Cybersecurity – Decoding the ecosystem and its vulnerabilities by...
BCG Global Cybersecurity Forum
Why Children Are Unsafe in Cyberspace ? Any effort to protect children in cyberspace must engage every participant in the online ecosystem by BCG & Global Cybersecurity Forum.
Why Children Are Unsafe in Cyberspace ? Any effort to protect children in...
European Commission
CYBER RESILIENCE ACT – New EU cybersecurity rules ensure more secure hardware and software products by European Commision
CYBER RESILIENCE ACT – New EU cybersecurity rules ensure more secure hardware and...
Joas Antonio
Game Hacking 1 – Anti Cheat Bypass by Joas Antonio
Game Hacking 1 – Anti Cheat Bypass by Joas Antonio
NIST
National Initiative for Cybersecurity Education (NICE) – Cybersecurity Workforce Framework – NIST Special Publication 800-181
National Initiative for Cybersecurity Education (NICE) – Cybersecurity Workforce Framework – NIST Special...
MSSP ALERT
TOP 250 MSSPs Services Providers 2022 edition by MSSP Alert – A CyberRisk Alliance Resource .
TOP 250 MSSPs Services Providers 2022 edition by MSSP Alert – A CyberRisk...
ENISA-EUROPA
European Cybersecurity Skills Framework by ENISA & European Union Agency for Cybersecurity. Note: If you work in HR looking for cybersecurity resources, you should read this document!
European Cybersecurity Skills Framework by ENISA & European Union Agency for Cybersecurity. Note:...
SIMPLILEARN
Cloud Computing In 6 Minutes | What Is Cloud Computing? | Cloud Computing Explained | Simplilearn
Cloud Computing In 6 Minutes | What Is Cloud Computing? | Cloud Computing...
KROLL
Cyber Risk and CFOs – Over-Confidence is Costly – 2022 Edition by KROLL
Cyber Risk and CFOs – Over-Confidence is Costly – 2022 Edition by KROLL
Ministerio del Interior España
Guía sobre controles de seguridad en sistemas OT – Ministerio del Interior de España
Guía sobre controles de seguridad en sistemas OT – Ministerio del Interior de...
CISA
CISA STRATEGIC PLAN 2023-2025 by Cybersecurity & Insfrastructure Security Agency
CISA STRATEGIC PLAN 2023-2025 by Cybersecurity & Insfrastructure Security Agency
KPMG MEXICO & IPADE
Manual del Comite de Auditoria by KPMG Mexico & IPADE
Manual del Comite de Auditoria by KPMG Mexico & IPADE
snyk
The State of Cloud Security Report 2022 – A report on the cloud risks and security challenges organizations are experiencing in 2022 by Snyk
The State of Cloud Security Report 2022 – A report on the cloud...
MVP - Minimun Viable Protection
The Importance of Risk Appetite in Risk Assessment – by MVP – Minimun Viable Protection
The Importance of Risk Appetite in Risk Assessment – by MVP – Minimun...
CROWDSTRIKE
2022 Falcon OverWatch Threat Hunting Report – NOWHERE TO HIDE by CROWDSTRIKE
2022 Falcon OverWatch Threat Hunting Report – NOWHERE TO HIDE by CROWDSTRIKE
ConversationalGeek Series
ConversationalGeek Series – Cyber Insurance by Joseph Brunsman – Delinea
ConversationalGeek Series – Cyber Insurance by Joseph Brunsman – Delinea
Microsoft
Microsoft_Azure_Active_Directory_Data_Security_Considerations by Microsoft
Microsoft_Azure_Active_Directory_Data_Security_Considerations by Microsoft
CSBS.ORG
Cybersecurity 101 – A Resource Guide for BANK EXECUTIVES – Executive Leadership of Cybersecurity
Cybersecurity 101 – A Resource Guide for BANK EXECUTIVES – Executive Leadership of...
sysdig snyk
Checklist Container Security from Code to Runtime by sysdig snyk
Checklist Container Security from Code to Runtime by sysdig snyk
Google Cybersecurity Action Team
Modern Data Security – A path to autonomic data security by Dr. Anton Chuvakin and John Stone Cybersecurity Action Team Google Cloud
Modern Data Security – A path to autonomic data security by Dr. Anton...
DNSSENSE
DNS LAYER SECURITY from the MITRE ATT&CK Perspective whitepapper by DNSSense
DNS LAYER SECURITY from the MITRE ATT&CK Perspective whitepapper by DNSSense
F-Secure Labs Hardware Security Team
THE FAKE CISCO – Hunting for backdoors in Counterfeit Cisco devices – by Dmitry Janushkevich F-Secure Labs Hardware Security Team
THE FAKE CISCO – Hunting for backdoors in Counterfeit Cisco devices – by...
Verizon Cyber Security
PSR 2022 – Payment Security Report 2022 by Verizon Cyber Security Consulting
PSR 2022 – Payment Security Report 2022 by Verizon Cyber Security Consulting

CISO2CISO Most Viewed & Popular Stories

Mastercard RiskRecon
THIRD-PARTY SECURITY – RISK MANAGEMENT PLAYBOOK – A study of common , emerging, and pioneering capabilities and practices by riskrecon Mastercard
THIRD-PARTY SECURITY – RISK MANAGEMENT PLAYBOOK – A study of common , emerging,...
RELIAQUEST
Threat Hunting 101 – A Framework for Building and Maturing a Proactive Threat Hunting Program by RELIAQUEST
Threat Hunting 101 – A Framework for Building and Maturing a Proactive Threat...
MANDIANT
M-TRENDS 2022 Mandiant Special Report
M-TRENDS 2022 Mandiant Special Report
Andreessen Horowitz
State of Crypto & the Web3 An overview report
State of Crypto & the Web3 An overview report
Andreessen Horowitz
Web3 Defined – An overview report by Brainsy
Web3 Defined – An overview report by Brainsy
Telefonica Tech & Nozomi Networks
Cybersecurity in OT Environments – Case Study in the Oil & Gas Sector by Telefonica Tech & Nozomi Networks
Cybersecurity in OT Environments – Case Study in the Oil & Gas Sector...
SOPHOS
The State of Ransomware in Retail 2022 by SOPHOS –
The State of Ransomware in Retail 2022 by SOPHOS –
FORGEROCK
2022 Consumer Identity Breach Report by ForgeRock – Eve Maler.
2022 Consumer Identity Breach Report by ForgeRock – Eve Maler.
MANDIANT
Remediation and Hardering Strategies for Microsoft 365 to Defend Against APT29 Group – Threat Intelligence White Paper by MANDIANT
Remediation and Hardering Strategies for Microsoft 365 to Defend Against APT29 Group –...
MALTEGO
Maltego handbook for Incident Response
Maltego handbook for Incident Response
Recorded Future
Malware and Vulnerability Trends Report H1 2022 by Recorded Future
Malware and Vulnerability Trends Report H1 2022 by Recorded Future
Renee Tarun y Susan Burg
CIBER SEGURO – Una guía perruna sobre seguridad en Internet para niños y adultos “todos deben leer esto” by Renee Tarun y Susan Burg
CIBER SEGURO – Una guía perruna sobre seguridad en Internet para niños y...
offs.ec
PEN-200 and the OSCP prep book by offs.ec
PEN-200 and the OSCP prep book by offs.ec
Kaspersky
The Nature of cyber incidents – Based on cyberattack investigations conducted by Kaspersky Global Emergency Response Team
The Nature of cyber incidents – Based on cyberattack investigations conducted by Kaspersky...
trendmicro
A global study EVERYTHING IS CONNECTED – Uncovering the ransomware threat from global supply chains by TRENDMICRO
A global study EVERYTHING IS CONNECTED – Uncovering the ransomware threat from global...
KPMG
Adopting secure DevOps – An introduction to transforming your organization by KPMG
Adopting secure DevOps – An introduction to transforming your organization by KPMG
Cider Security
Top 10 CI/CD Security Risks by Cider Security
Top 10 CI/CD Security Risks by Cider Security
Hidecybersecurity.com
Social Engineering and its menace by Hidecybersecurity.com
Social Engineering and its menace by Hidecybersecurity.com
CLOUDFLARE
5 Ways to Maximize the Security, Performance and Reliability of Your Online Business by Cloudflare
5 Ways to Maximize the Security, Performance and Reliability of Your Online Business...
ONAPSIS
Five Ways to Secure SAP S/4 HANA Migrations by ONAPSIS
Five Ways to Secure SAP S/4 HANA Migrations by ONAPSIS
VIRUSTOTAL
Deception at Scale – How Malware Abuses Trust by VIRUSTOTAL
Deception at Scale – How Malware Abuses Trust by VIRUSTOTAL
Ministry of Digital - Greece
CYBERSECURITY HANDBOOK – Best practices for the protection and resilience of network and information systems – Ministry of Digital Governance – Greece
CYBERSECURITY HANDBOOK – Best practices for the protection and resilience of network and...
SANS DFIR
Malware Analysis TIPS & TRICKS Poster by SANS DFIR
Malware Analysis TIPS & TRICKS Poster by SANS DFIR
IT Governance
Cyber Security and Business Resilience – Thinking strategically by IT Governance
Cyber Security and Business Resilience – Thinking strategically by IT Governance
VINOD KUMAR
Telecom Threat Detection via Stride Mapping Case Study
Telecom Threat Detection via Stride Mapping Case Study
sqrrl
HUNTPEDIA – Your Threat Hunting Knowledge Compendium by sqrrl
HUNTPEDIA – Your Threat Hunting Knowledge Compendium by sqrrl
RIT
Guide to Risk Assessment and Response by RIT
Guide to Risk Assessment and Response by RIT
ThreatLabz Team
2022 ThreatLabz Research Team – State of Ransomware Report by Zscaler
2022 ThreatLabz Research Team – State of Ransomware Report by Zscaler
McKinsey & Company
Value creation in the metaverse – The Real business of the virtual world by McKinsey & Company – June 2022
Value creation in the metaverse – The Real business of the virtual world...
CRS Report Services
The Metaverse – Concepts and Issues for Congress by Congressional Research Service
The Metaverse – Concepts and Issues for Congress by Congressional Research Service
SLOWMIST
Blockchain Security and AML Analysis Report 2022 Mid-Year by SLOWMIST
Blockchain Security and AML Analysis Report 2022 Mid-Year by SLOWMIST
HADESS
GITHUB IN THE WILD – Some examples of offensive security used github by HADESS
GITHUB IN THE WILD – Some examples of offensive security used github by...
Interpol
GUIDELINES FOR DIGITAL FORENSICS FIRST RESPONDERS BY INTERPOL
GUIDELINES FOR DIGITAL FORENSICS FIRST RESPONDERS BY INTERPOL
Joas Antonio
Ransomware Investigation (OSINT & HUNTING) Overview PT1 by Joas Antonio
Ransomware Investigation (OSINT & HUNTING) Overview PT1 by Joas Antonio
stottandmay.com
The CISO Survival Guide – Practical advice for Security Leaders by stottandmay.com
The CISO Survival Guide – Practical advice for Security Leaders by stottandmay.com
Cryptomeria Capital
The Metaverse Overview by Cryptomeria Capital – Vadim Krekotin
The Metaverse Overview by Cryptomeria Capital – Vadim Krekotin

Last Cyber Security News

naked security
Bitcoin ATM customers hacked by video upload that was actually an app
Bitcoin ATM customers hacked by video upload that was actually an app
csonline
7 guidelines for identifying and mitigating AI-enabled phishing campaigns
7 guidelines for identifying and mitigating AI-enabled phishing campaigns
csonline
BianLian ransomware group shifts focus to extortion
BianLian ransomware group shifts focus to extortion
csonline
CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws
CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws
Krebs on Security
Why You Should Opt Out of Sharing Data With Your Mobile Provider
Why You Should Opt Out of Sharing Data With Your Mobile Provider
The Guardian UK
How an AI voice clone fooled Centrelink – video
How an AI voice clone fooled Centrelink – video
Data Breach Today
Is Your Identity Management Comprehensive Enough? Are You Just Tipping Your Toes?
Is Your Identity Management Comprehensive Enough? Are You Just Tipping Your Toes?
Data Breach Today
Impact of Technology Deployments on Privacy: Striking the Right Balance
Impact of Technology Deployments on Privacy: Striking the Right Balance
Data Breach Today
Future of Cybersecurity: Threats and Opportunities
Future of Cybersecurity: Threats and Opportunities
Data Breach Today
It’s Raining Zero-Days in Cyberspace
It’s Raining Zero-Days in Cyberspace
The Guardian UK
Cybersecurity funds should go towards beefing up Centrelink voice authentication, Greens say
Cybersecurity funds should go towards beefing up Centrelink voice authentication, Greens say
Data Breach Today
Hitachi Energy Latest Victim of Clop GoAnywhere Attacks
Hitachi Energy Latest Victim of Clop GoAnywhere Attacks
The Hacker News
Pompompurin Unmasked: Infamous BreachForums Mastermind Arrested in New York
Pompompurin Unmasked: Infamous BreachForums Mastermind Arrested in New York
The Hacker News
Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack
Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack
Data Breach Today
FBI Says It Arrested BreachForums Mastermind “Pompompurin”
FBI Says It Arrested BreachForums Mastermind “Pompompurin”
The Hacker News
BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads
BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads
The Hacker News
FakeCalls Vishing Malware Targets South Korean Users via Popular Financial Apps
FakeCalls Vishing Malware Targets South Korean Users via Popular Financial Apps
The Hacker News
LockBit 3.0 Ransomware: Inside the Cyberthreat That’s Costing Millions
LockBit 3.0 Ransomware: Inside the Cyberthreat That’s Costing Millions
Krebs on Security
Feds Charge NY Man as BreachForums Boss “Pompompurin”
Feds Charge NY Man as BreachForums Boss “Pompompurin”
Data Breach Today
Webinar | Reducing Risk with a Zero Trust Architecture
Webinar | Reducing Risk with a Zero Trust Architecture
Data Breach Today
TikTok Says US Threatens Ban Unless Chinese Owners Divest
TikTok Says US Threatens Ban Unless Chinese Owners Divest
Data Breach Today
What the FTC Is Signaling in Recent Data Privacy Cases
What the FTC Is Signaling in Recent Data Privacy Cases
Data Breach Today
Chinese Hackers Targeting Security and Network Appliances
Chinese Hackers Targeting Security and Network Appliances
Data Breach Today
European Digital Identity Bill Heads to Final Negotiations
European Digital Identity Bill Heads to Final Negotiations
The Hacker News
Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips
Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips
The Hacker News
Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials
Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials
The Hacker News
Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware
Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware
The Hacker News
A New Security Category Addresses Web-borne Threats
A New Security Category Addresses Web-borne Threats
The Hacker News
New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks
New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks
The Hacker News
THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter
THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter
naked security
Dangerous Android phone 0-day bugs revealed – patch or work around them now!
Dangerous Android phone 0-day bugs revealed – patch or work around them now!
csonline
Two Patch Tuesday flaws you should fix right now
Two Patch Tuesday flaws you should fix right now
The Guardian UK
Why is TikTok banned from government phones – and should rest of us be worried?
Why is TikTok banned from government phones – and should rest of us...
Data Breach Today
Webinar | Open Source License Compliance and M&A Activity: What You Don’t Know Can Hurt You
Webinar | Open Source License Compliance and M&A Activity: What You Don’t Know...
Data Breach Today
SVB Parent Company Seeks Bankruptcy Amid Asset Sale Process
SVB Parent Company Seeks Bankruptcy Amid Asset Sale Process
Data Breach Today
ISMG Editors: Will SVB Crash Kill Cybersecurity Innovation?
ISMG Editors: Will SVB Crash Kill Cybersecurity Innovation?
csonline
BrandPost: 1Password integrates with Okta SSO
BrandPost: 1Password integrates with Okta SSO
CSH CYBER SECURITY HUB
What is phishing?
What is phishing?
Data Breach Today
Microsoft, CrowdStrike Lead Endpoint Protection Gartner MQ
Microsoft, CrowdStrike Lead Endpoint Protection Gartner MQ
Data Breach Today
Healthcare Leaders Call for Cybersecurity Standards
Healthcare Leaders Call for Cybersecurity Standards
Data Breach Today
Breach Roundup: Med Devices, Hospitals and a Death Registry
Breach Roundup: Med Devices, Hospitals and a Death Registry
Data Breach Today
Magniber Ransomware Group Exploiting Microsoft Zero Day
Magniber Ransomware Group Exploiting Microsoft Zero Day

We LIve Security

What TikTok knows about you – and what you should know about TikTok
Highlights from TikTok CEO’s Congress grilling – Week in security with Tony Anscombe
Understanding Managed Detection and Response – and what to look for in an MDR solution
Twitter ends free SMS 2FA: Here’s how you can protect your account now
Banking turmoil opens opportunities for fraud – Week in security with Tony Anscombe
SVB collapse is a scammer’s dream: Don’t get caught out

Krebs on Security

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware
Why You Should Opt Out of Sharing Data With Your Mobile Provider
Feds Charge NY Man as BreachForums Boss “Pompompurin”
Microsoft Patch Tuesday, March 2023 Edition
Two U.S. Men Charged in 2022 Hacking of DEA Portal
Who’s Behind the NetWire Remote Access Trojan?

Info Security Magazine

Security Flaws Cost Fifth of Execs Business
UK Parliament Bans TikTok from its Network and Devices
IRS Phishing Emails Used to Distribute Emotet
GitHub Updates Security Protocol For Operations Over SSH
WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
CISA Unveils Ransomware Notification Initiative

Cyber Talk

How one CEO founded a successful cyber security company
How AI is helping companies fight document fraud
What is reverse tabnabbing and how can you stop it?
Improving security velocity with agentless workloads
How to invest in ChatGPT (and should you?)