The CISO Times

2026 National Security Predictions

As borders become irrelevant through remotely-launched attacks, the geopolitical landscape is rapidly growing in complexity ...
cisotimes

Insider Threat – From Detection to Prevention

From data leaks and cybersecurity incidents enabled by careless users to the malicious theft of intellectual property (IP) or even workplace violence, insider threats continue to pose a significant ...
cisotimes

Find Information About a Person on Instagram with OSINTgram

A Free Tool to Gather Publicly Available Information Through Social Media OSINT or “Open Source INTeligence” plays a critical role in the field of cybersecurity. It can be used by your company to ...
cisotimes

ThePhish: An Open Source Phishing Email Analysis Tool

A new open source phishing email analysis tool has been published on Githhub, which helps automate the analysis process. ThePhish, was created by Emanuele Galdi, a researcher at Italian cybersecurity ...
cisotimes

The Internet of Medical Things and Cybersecurity Risk

The healthcare and life sciences industry continues to be plagued by cybersecurity threats. 1 According to FTI Consulting’s U.S. Healthcare & Life Sciences Industry Outlook 2023 survey, 70 percent of ...
cisotimes

Apple iOS 14 Introduces “BlastDoor” to Prevent Execution of Malicious Code

BlastDoor works by parsing all the data contained in an iMessage in a secure sandbox, isolated from the rest of the operating system. By doing so, if any malicious content exists inside the iMessage, ...
cisotimes

What Is The Difference Between GWAPT and OSWE Penetration Testing Certifications

GWAPT and OSWE are among the top certifications in security and are mainly built for penetration testers. Let’s look at the differences between the two in terms of their focus areas, their exam ...
cisotimes

How to Detect and Fix the “Text4Shell” Vulnerability

Similar to the Spring4Shell and Log4Shell vulnerabilities, Text4Shell is a new vulnerability reporter by Alvaro Munoz, in the Apache Commons Text library. Read further to learn how to detect and fix ...
cisotimes

Penetration Testing: Create a DNS Zone Transfer Lab

Easy Lab Setup in Minutes and Multiple Tools to Choose From DNS zone transfers use the AXFR protocol to replicate DNS records across DNS servers. If you do not protect your name servers, attackers can ...
cisotimes

The Future of Technology: Microsoft CEO Satya Nadella’s Vision of a World Without Software Applications

Microsoft CEO Satya Nadella recently made waves in the tech industry with groundbreaking predictions about the future of software. His bold statements have sparked conversations that could redefine ...
cisotimes

Critical Vulnerability on Samsung Devices Could Enable Remote Exploitation

A significant vulnerability has been uncovered in Samsung smartphones, linked to the Monkey’s Audio (APE) decoder. The flaw, now resolved, was identified as CVE-2024-49415, carrying a CVSS score of ...
cisotimes

Cloud Lateral Movement Via Exploited SQL Servers

Recent findings by Microsoft security researchers have unveiled a concerning cyberattack campaign that involves lateral movement to a cloud environment through a Microsoft SQL Server instance. While ...