Laden...
CSO US First Look
The day's top cybersecurity news and in-depth coverage
January 07, 2025
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
Large language models (LLMs) are proving to be valuable tools for discovering zero-days, bypassing detection, and writing exploit code â thereby lowering the barrier to entry for pen-testers and attackers alike.
Read more
Sponsored by Tines: Whatâs next for SOAR? Find out on January 14 with Tines and GigaOm
SOAR is evolving fast. Are you keeping up? Join Tines Field CISO Matt Muller & GigaOm's Andrew Green on January 14th to explore SOAR trends, vendor insights, and innovations driving agility in security teams. Uncover the state of the SOAR market -- and whatâs next for security automation in 2025.
Zscaler protects data through unified classification engine
A companyâs data is everywhere â on devices, in the cloud, at rest and in motion. Protecting that enterprise data is a very complex challenge, requiring a more unified approach. Zscalerâs unified data protection platform aims to provide a single classification engine that lets CISOs and other IT leaders to protect data from every angle and location. Moinul Khan, SVP/GM for SSE/Data Protection at Zscaler, demonstrates some key features of the platform, including new features on generative AI protection.
US military allocated about $30 billion to spend on cybersecurity in 2025
The 2025 NDAA provides the US military with funding to rip Chinese gear out of telecom networks, protect mobile devices from foreign spyware, create an AI security center, and much more.
More telecom firms were breached by Chinese hackers than previously reported
Salt Typhoonâs latest victims include Charter, Consolidated, and Windstream, underscoring the widening scope of China's cyberespionage campaign against critical US infrastructure.
Open source vulnerability scanner found with a serious vulnerability in its own code
The flaw could allow attackers to bypass Nucleiâs template signature verification process to inject malicious codes into host systems.
Personal liability sours 70% of CISOs on their role
With responsibility versus authority a key CISO issue, many security execs express hesitancy in taking CISO positions, while security specialists suggest ways to protect them from taking the fall.
Critical Windows LDAP flaw could lead to crashed servers, RCE attacks
LDAPNightmare: If December Patch Tuesday server updates have not yet been installed, itâs time to do so to avoid DoS or RCE attacks on Active Directory domain controllers as shown by PoC exploit.
© 2025
