CSO US First Look
The day's top cybersecurity news and in-depth coverage
May 27, 2025
How CISOs can defend against Scattered Spider ransomware attacks
CISOs should fortify help desk and employee defenses, enhance intrusion detection and tracking capabilities, and recognize that paying ransoms is not a viable strategy.
Read more
Sponsored by Rockwell Automation: Build More Robust OT Security with the NIST Framework
From Chaos to Control:Â A NIST-Based Blueprint for more Resilient Operations
Breaking RSA encryption just got 20x easier for quantum computers
New research shows that RSA-2048 encryption could be cracked using a one-million-qubit system by 2030, 20x faster than previous estimates. Hereâs what it means for enterprise security.
CISA flags Commvault zero-day as part of wider SaaS attack campaign
Threat actors exploited the Commvault flaw to access M365 secrets, allowing further breaches of SaaS applications.
Poor DNS hygiene is leading to domain hijacking
Infoblox says crooks are finding and taking over âdanglingâ CNAME records for scams.
BadSuccessor: Unpatched Microsoft Active Directory attack enables domain takeover
Unprivileged users with permission to create objects inside an Active Directory organizational unit can abuse the new Delegated Managed Service Accounts (dMSA) feature to elevate their privilege to domain administrator.
