CSO Online

Quantum resistance and the Signal Protocol: From PQXDH to Triple Ratchet

Signal’s getting ahead of the quantum curve, adding new layers of encryption to keep your chats safe from tomorrow’s ...
CSO Online

Ransomware recovery perils: 40% of paying victims still lose their data

Paying the ransom is no guarantee of a smooth or even successful recovery of data. But that isn’t even the only issue ...
CSO Online

AI browsers can be abused by malicious AI sidebar extensions: Report

What SquareX discovered are malicious extensions that can spoof the legitimate AI sidebars people use for queries. Their goal ...
CSO Online

Prompt hijacking puts MCP-based AI workflows at risk

An AI version of session hijacking can lead to attackers injecting malicious prompts into legitimate MCP communications.
CSO Online

Why must CISOs slay a cyber dragon to earn business respect?

Although one in four security leaders find themselves replaced after a ransomware attack, for example, other CISOs are ...
CSO Online

Manipulating the meeting notetaker: The rise of AI summarization optimization

As AI increasingly becomes the system of record for company meetings, adversarial techniques for manipulating the algorithm’s ...
CSO Online

Salesforce’s glaring Dreamforce omission: Vital security lessons from Salesloft Drift

Salesforce failed to address the massive wave of OAuth breaches at its Dreamforce conference, but securing third-party ...
CSO Online

Google ‘Careers’ scam lands job seekers in credential traps

The phishing campaign impersonates Google’s recruiting team with fake “Book a Call” invites, using spoofed logins and HTML ...
CSO Online

‘I am not a robot’: Russian hackers use fake CAPTCHA lures to deploy espionage tools

Researchers caution that the group’s rapid pivots and targeted filtering complicate detection and require behavior-based ...
CSO Online

Google kills its cookie killer

Google launched the Privacy Sandbox initiative in August 2019 as a way for advertisers to gain information on users without ...
CSO Online

Foreign hackers breached a US nuclear weapons plant via SharePoint flaws

A foreign actor infiltrated the National Nuclear Security Administration’s Kansas City National Security Campus through ...
CSO Online

AI-enabled ransomware attacks: CISO’s top security concern — with good reason

New surveys from CSO and CrowdStrike reveal growing fears that generative AI is accelerating ransomware attacks while ...