Entry Details

About the Entry

Category: 
Online > Online Industry News Coverage > New England

Title of entry: 
Security in the Crosshairs

Issue or Publication date:
April 2, 2024; May 29, 2024; Aug. 5, 2024; Oct. 10, 2024; Oct. 21, 2024

Publication name: 
CSO

View Website home page:
https://www.csoonline.com/

Links to entry URLs

Please note: These URLs are only required for entries in the Online division categories, or digital entries in appropriate Overall Excellence, Design or All Content division categories.

Entry URL(s), if applicable:
Please enter a URL that will direct judges to the entry: 
https://www.csoonline.com/article/2077692/dangerous-xz-utils-backdoor-was-the-result-of-years-long-supply-chain-compromise-effort.html
Additional URLs, if needed:
https://www.csoonline.com/article/2128924/repeated-cyberattacks-on-court-systems-raise-security-concerns-for-the-us.html
https://www.csoonline.com/article/3480918/design-flaw-has-microsoft-authenticator-overwriting-mfa-accounts-locking-users-out.html
https://www.csoonline.com/article/3557979/do-the-marriott-cybersecurity-settlements-send-the-wrong-message-to-cisos-cfos.html
https://www.csoonline.com/article/3568804/russian-groups-hack-of-texas-water-system-underscores-critical-ot-cyber-threats.html

Entry Essay: 
For cyber pros, keeping up with the latest vulnerabilities, attacks, legal rulings, regulations, and more is as challenging as it is vital. Context and shrewd analysis can significantly enhance cyber pros’ ability to act on those latest developments in safeguarding their orgs. In “Design flaw has Microsoft Authenticator overwriting MFA accounts,” Evan Schuman breaks news of a longstanding flaw in MS Authenticator, bringing a LinkedIn post by an IT consultant to the attention of several security experts who confirmed the issue, a story that weeks later led to Microsoft correcting the years-old flaw (https://www.csoonline.com/article/3526573/microsoft-fixes-authenticator-design-flaw-after-eight-years-overwriting-accounts.html). In “Dangerous XZ Utils backdoor...,” Lucian Constantin draws on social media posts to report on what could have been one of the highest-impact software supply chain breaches to date. With “Russian group’s hack of Texas water system...,” Cynthia Brumfield mines Telegram to break news of Russian “hacktivists” activity that could hint at deeper, more nefarious intentions when viewed in context with recent critical infrastructure attacks. Shweta Sharma connects the dots between attacks on US court systems to uncover whether they raise additional security concerns for the US. And Schuman breaks down Marriott’s settlement on past breaches, finding that the low fines could spell trouble for CISOs attempting to sell CFOs on budget for security enhancements.