Cyber Security Headlines

Dutch cybersecurity incident affects Giant Food and Hannaford

Indictment against Snowflake breach suspects is released

Surge in zero-day vulnerability exploits is new normal, says Five Eyes

Thanks to today's episode sponsor, ThreatLocker

Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com.

Get the stories behind the headlines at CISOSeries.com

Cyberattack cost Halliburton $35 million thus far

DDoS attack makes credit card readers malfunction in Israel

Debt relief firm Forth announces data breach for customers and non-customers

Thanks to today's episode sponsor, ThreatLocker

Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com.

Get the stories behind the headlines at CISOSeries.com

U.S. financial regulator calls for reduced cell phone use at

FBI warns of spike in hacked police emails and fake subpoenas

Cyberscoundrels target UK senior citizens with Winter Fuel Payment texts

Thanks to today's episode sponsor, ThreatLocker

Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com.

Get the stories behind the headlines at CISOSeries.com

Link to episode page

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Ken Athanasiou, CISO, VF Corporation

Thanks to our show sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.

Visit vanta.com to learn more about Questionnaire Automation.

All links and the video of this episode can be found on CISO Series.com

Interlock ransomware gang aims at U.S. healthcare, IT and government

Canada tells TikTok to dissolve its Canadian business

Hewlett Packard warns of critical RCE flaws in Aruba Networking software

Thanks to today's episode sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.

Visit vanta.com to learn more about Questionnaire Automation.

Find the stories behind the headlines at CISOseries.com.

Nokia says it has no evidence that hackers breached company data

Nigerian cybercrime bust arrests 130 people

200,000 SelectBlinds customers impacted by e-skimmer

Thanks to today's episode sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.

Visit vanta.com to learn more about Questionnaire Automation.

ElizaRAT hits India

IT outage impacts Washington courts

Alleged Snowflake hacker arrested

Thanks to today's episode sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.

Visit vanta.com to learn more about Questionnaire Automation.

Schneider Electric breached for second time this year

U.S. says Russia behind fake Haitian voter video

Ohio’s capital city faces lawsuits for handling of ransomware attack

Thanks to today's episode sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.

Visit vanta.com to learn more about Questionnaire Automation.

Microsoft Entra “security defaults” to make MFA setup mandatory

Ransomware attack hits German pharmaceutical wholesaler AEP

Upgraded LightSpy spyware targets iPhones with more destructive power

Thanks to today's episode sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.

Visit vanta.com to learn more about Questionnaire Automation.

Find the stories behind the headlines at CISOseries.com.

Link to episode page

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest David Cross, SVP/CISO, Oracle. Also check out David’s travel blog and recent “Secure by Default” white paper at IT ISAC.

Thanks to our show sponsor, Dropzone AI

Security operations are evolving, and AI is leading the way. Dropzone AI autonomously investigates 100% of your alerts with precision, freeing up your team to focus on real threats. See how this works in action. Visit dropzone.ai and schedule a demo today.

Add to Description: All links and the video of this episode can be found on CISO Series.com

Peruvian bank warns of data theft after dark web revelations

Windows 11 Task Manager displays wrong number of running processes

CyberPanel sees vulnerabilities exploited soon after disclosure

Thanks to today's episode sponsor, Dropzone AI

Security operations are evolving, and AI is leading the way. Dropzone AI autonomously investigates 100% of your alerts with precision, freeing up your team to focus on real threats. See how this works in action. Visit dropzone.ai and schedule a demo today.

Find the stories behind the headlines at CISOseries.com.

CISA launches International Cybersecurity Plan

North Korean hackers tied to Play ransomware

FakeCall learns new tricks

Thanks to today's episode sponsor, Dropzone AI

Tired of false positives slowing your SOC down? Dropzone AI uses advanced AI to filter out the noise and focus on real threats. 24/7, every alert, no manual intervention. Want to learn more? Schedule a demo and see the power of Dropzone AI at dropzone.ai.

Five Eyes launches startup security program

Canada and the Netherlands seeing increased Chinese activity

Russia might fork the Linux community

Thanks to today's episode sponsor, Dropzone AI

Facing alert overload? Dropzone AI autonomously investigates every alert, reducing noise and providing decision-ready reports. Discover how our AI solutions can enhance your SOC’s efficiency. Check out our demo gallery and see how Dropzone AI works at dropzone.ai.

Global law enforcement gains access to RedLine and Meta infostealer networks

Russian-backed malware poses as Ukrainian anti-recruitment tool

Massive breach impacts French telecom giant

Thanks to today's episode sponsor, Dropzone AI

Imagine an AI analyst that never sleeps. Dropzone AI autonomously handles every alert, cutting manual analysis by 90%. It's like adding a new team member, but one that works 24/7. Experience the difference AI can make. Visit dropzone.ai to test drive the future of security operations.

Change Healthcare data breach confirmed as largest-ever in U.S. healthcare history

Authorities investigate telecom hacks following reports of campaign intrusions

Delta sues CrowdStrike over sensor update that prompted mass flight disruptions

Thanks to today's episode sponsor, Dropzone AI

Is your SOC overwhelmed by endless alerts? Dropzone AI’s autonomous SOC Analyst investigates 100% of alerts, around the clock. No playbooks, no code. Just actionable insights to reduce false positives and save your team time. Ready to see it in action? Schedule a demo today at dropzone.ai.

Link to episode page

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Dmitriy Sokolovskiy, senior vice president, information security, Semrush

Thanks to our show sponsor, SpyCloud

SpyCloud disrupts cybercrime by telling you what criminals know about your business, so you can take action on exposed identity data to prevent cyber attacks like ransomware. To learn more how to level the playing field against bad actors and combat cyber attacks, visit spycloud.com/headlines.

All links and the video of this episode can be found on CISO Series.com

Researchers reveal upgraded Qilin ransomware-as-a-service

CISA adds Microsoft SharePoint flaw to its KEV catalog

Rhysida ransoms Easterseals

Thanks to today's episode sponsor, SpyCloud

Ransomware continues to impact organizations. A new report released by SpyCloud shares insights from your peers in security – the majority of whom were affected by ransomware in the past year. The report has some fascinating industry-specific stats you’ll want to see – plus confirms some stark truths: that the industry you’re in can affect your likelihood of being hit with ransomware. Check it out at spycloud.com/headlines.

Find the stories behind the headlines at CISOseries.com.

CISA proposes new security requirements for personal data

Fortinet patches actively exploited zero-day

UK report on Cyber Essentials certification

Thanks to today's episode sponsor, SpyCloud

Stolen data is a hot commodity for cybercriminals. Using infostealer malware, bad actors can siphon valid session cookies from employee devices, scoring the keys to access your networks and systems. According to SpyCloud’s latest research, security teams are now seeing stolen cookies among the top three entry points for initial access for ransomware. Get the full insights, including other risk factors at spycloud.com/headlines.

Four cyber companies fined for SolarWinds disclosure failures

Zendesk helps Internet Archive after hacker breached email system

Samsung zero-day under active exploit

Thanks to today's episode sponsor, SpyCloud

Researchers at SpyCloud recently found that one in five individuals was infected with infostealer malware in the last year. Unfortunately, research now confirms that infostealer infections open the door to ransomware. But organizations with visibility into identity data stolen by malware infections are better-suited to prevent a future attack. Learn more about the connection between infostealers and ransomware in SpyCloud’s new report at spycloud.com/headlines.

Proposed rules ban U.S. companies from selling sensitive data

Cisco data stolen by IntelBroker

Nidec breach exposes 50,000+ documents

Thanks to today's episode sponsor, SpyCloud

Did you know that infostealer malware can be a precursor to ransomware? Infostealers are a trending tactic used by cybercriminals to exfiltrate valuable identity data like credentials, PII, and session cookies. According to recent SpyCloud research, 75% of organizations were affected by ransomware more than once in the past year! Visit spycloud.com/headlines to find out how to keep your organization from becoming one of the statistics.

Microsoft warns it lost some customers’ security logs for a month

Omni Family Health data breach impacts almost half a million individuals

Internet Archive breached again through stolen access tokens

Thanks to today's episode sponsor, SpyCloud

It turns out infostealer infections are a major contributing factor to a company’s ransomware risk, with some industries faring better than others. Get the new research from our sponsor, SpyCloud, and see if your ransomware defense strategy stacks up against your peers. Visit spycloud.com/headlines

Find the stories behind the headlines at CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Steve Person, CISO, Cambia Health

Thanks to our show sponsor, Conveyor

It’s spooky season, and nothing’s scarier than all of your account execs asking if you’re done with their customer security questionnaires. Don’t worry—Conveyor is here to help.  Conveyor’s market leading AI automates the most time-consuming parts of customer security reviews: answering security questionnaires and sharing security docs like your SOC 2 with customers. Get instant AI answers to questionnaires and host an enterprise-grade trust center where customers can download documents and self-serve answers to their own questions. End the horror show. Try it for free at www.conveyor.com.

All links and the video of this episode can be found on CISO Series.com

Insurance giant Globe Life facing extortion attempts after data theft from subsidiary

Infamous hacker USDoD possibly arrested in Brazil

Anonymous Sudan masterminds indicted

Thanks to today’s episode sponsor, Conveyor 

It’s spooky season, and nothing’s scarier than all of your account execs asking if you’re done with their customer security questionnaires. Don’t worry—Conveyor is here to help.

Conveyor’s market leading AI automates the most time-consuming parts of customer security reviews: answering security questionnaires and sharing security docs like your SOC 2 with customers.

Get instant AI answers to questionnaires and host an enterprise-grade trust center where customers can download documents and self-serve answers to their own questions.

End the horror show. Try it for free at www.conveyor.com.

Get the story behind the headlines at CISOSeries.com.

Putting AI models to the EU test

Chinese researchers don’t break classical encryption… yet

Chinese group calls for security reviews on all Intel products

Thanks to today’s episode sponsor, Conveyor 

There’s so many reasons why infosec and presales teams choose Conveyor for automating their security reviews, but here are the main three:

One—Conveyor’s market-leading AI provides instant, accurate answers to any format of security questionnaire—without requiring constant knowledge base updates and maintenance.

Two—Conveyor offers an enterprise-grade trust center that automates every customer security review request, so you’re not constantly distracted with questions and SOC 2 requests.

And three—Conveyor’s sales team. They’re actually fun to work with.

Learn more at www.conveyor.com.

Get the story behind the headlines at CISOSeries.com.

VW says IT infrastructure unaffected after alleged data theft

Finland seizes servers of 'Sipultie' dark web market

Calgary Public Library services limited after cyberattack

Thanks to today’s episode sponsor, Conveyor 

Does the thought of a whopper 300 question security questionnaire in your most dreaded portal give you nightmares?

Conveyor can help you sleep peacefully.

How? They are the market leaders in instant and accurate AI answers to any format of security questionnaire.

They even offer a zero-touch option for portal-based questionnaires—just paste the URL, and ConveyorAI automatically answers the questions and exports them back to the portal for you.

End the nightmares. Try it for free at www.conveyor.com.

Get the story behind the headlines at CISOSeries.com.

Pokémon game developer breached

TrickMo hits with 40 new trojan variants

Nation-state actor exploits Ivanti zero-days

Thanks to today’s episode sponsor, Conveyor 

It’s spooky season, and nothing’s scarier than all of your account execs asking if you’re done with their customer security questionnaires. Don’t worry—Conveyor is here to help.

Conveyor’s market leading AI automates the most time-consuming parts of customer security reviews: answering security questionnaires and sharing security docs like your SOC 2 with customers.

Get instant AI answers to questionnaires and host an enterprise-grade trust center where customers can download documents and self-serve answers to their own questions.

End the horror show. Try it for free at www.conveyor.com.

Get the story behind the headlines at CISOSeries.com.

Iranian hackers exploit Windows flaw to elevate privileges

Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server

NATO’s ‘most experienced expert on cyber rotated out of cyber section

Thanks to today’s episode sponsor, Conveyor 

What’s the ultimate jumpscare? 

That moment when the security questionnaire in the portal didn’t auto-save all your work. 

Good news: with Conveyor, that’s one horror you won’t have to face. 

Conveyor is the market leader in instant, generative AI answers for security questionnaires, no matter the format.

They even offer a zero-touch option for portal-based questionnaires where you can just paste the URL, and the AI automatically answers the questions and exports them back to the portal for you. 

Don't let security questionnaires haunt your workflow. Learn more at www.conveyor.com.

Get the story behind the headlines at CISOSeries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Quincy Castro, CISO, Redis.

Thanks to our show sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews. Visit vanta.com to learn more about Questionnaire Automation.

All links and the video of this episode can be found on CISO Series.com

White House prioritizes secure internet routing, using memory safe languages

Federal Trade Commission and CISA warn of hurricane-related scams

Mozilla warns of Firefox zero day: patch now

Huge thanks to our sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews. Visit vanta.com to learn more about Questionnaire Automation.

For the stories behind the headlines, head on over to CISOSeries.com

Australian Parliament introduces standalone cybersecurity law

Qualcomm zero-day used to target Android devices

Russia and Turkey ban Discord

Huge thanks to our sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews. Visit vanta.com to learn more about Questionnaire Automation.

For the stories behind the headlines, head on over to CISOSeries.com

GoldenJackal uses new tools against governments

Cross-site scripting flaw found in major WordPress plugin

Ukraine’s defense ministry launched military CERT

Huge thanks to our sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews. Visit vanta.com to learn more about Questionnaire Automation.

For the stories behind the headlines, head on over to CISOSeries.com

Salt Typhoon attack potentially exposes wiretap data

Cyberattack hits major U.S. water utility

A not- so- happy birthday present for Russia’s president

Huge thanks to our sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews. Visit vanta.com to learn more about Questionnaire Automation.

For the stories behind the headlines, head on over to CISOSeries.com

Insurers should stop funding ransomware payments, says Neuberger

Google removes Kaspersky antivirus software from Play Store

Cyberattack hits Detroit-area government services

Huge thanks to our sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews. Visit vanta.com to learn more about Questionnaire Automation.

For the stories behind the headlines, head on over to CISOSeries.com

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Jonathan Waldrop, CISO, The Weather Company. Here’s a link to CISA’s Cybersecurity Awareness Month announcement, sent to us by Jonathan.

Thanks to our show sponsor, SpyCloud

SpyCloud disrupts cybercrime by telling you what criminals know about your business, so you can take action on exposed identity data to prevent cyber attacks like ransomware. To learn more how to level the playing field against bad actors and combat cyber attacks, visit spycloud.com/headlines.

All links and the video of this episode can be found on CISO Series.com

Cloudflare blocks largest recorded DDoS attack

Adobe Commerce and Magento stores compromised by CosmicSting bug

DOJ and Microsoft take down 107 domains used in Star Blizzard phishing attacks

Huge thanks to our sponsor, SpyCloud

Ransomware continues to impact organizations. A new report released by SpyCloud shares insights from your peers in security – the majority of whom were affected by ransomware in the past year. The report has some fascinating industry-specific stats you’ll want to see – plus confirms some stark truths: that the industry you’re in can affect your likelihood of being hit with ransomware. Check it out at spycloud.com/headlines.

Get the story behind the headlines at CISOSeries.com

Russian authorities arrest nearly 100 cybercriminals in raid

Northern Ireland police fined for exposing officer identities

Rackspace breach sparks vendor blame game

Huge thanks to our sponsor, SpyCloud

Stolen data is a hot commodity for cybercriminals. Using infostealer malware, bad actors can siphon valid session cookies from employee devices, scoring the keys to access your networks and systems. According to SpyCloud’s latest research, security teams are now seeing stolen cookies among the top three entry points for initial access for ransomware. Get the full insights, including other risk factors at spycloud.com/headlines.

Get the story behind the headlines at CISOSeries.com

UK ties LockBit affiliate to Evil Corp

Public records systems riddled with security flaws

Ransomware disrupts emergency services at Texas hospital

Huge thanks to our sponsor, SpyCloud

Researchers at SpyCloud recently found that one in five individuals was infected with infostealer malware in the last year. Unfortunately, research now confirms that infostealer infections open the door to ransomware. But organizations with visibility into identity data stolen by malware infections are better-suited to prevent a future attack. Learn more about the connection between infostealers and ransomware in SpyCloud’s new report at spycloud.com/headlines.

Get the story behind the headlines at CISOSeries.com

T-Mobile data breaches cost company $31.5 million

Iranian hackers charged for targeting 2024 U.S. election

Deepfake scam hits U.S. senate

Huge thanks to our sponsor, SpyCloud

Did you know that infostealer malware can be a precursor to ransomware? Infostealers are a trending tactic used by cybercriminals to exfiltrate valuable identity data like credentials, PII, and session cookies. According to recent SpyCloud research, 75% of organizations were affected by ransomware more than once in the past year! Visit spycloud.com/headlines to find out how to keep your organization from becoming one of the statistics.

Get the story behind the headlines at CISOSeries.com

Recall redesign: reinforced and removable

Embargo moves ransomware attacks to cloud environments

Dallas suburb deals with ransomware attack

Huge thanks to our sponsor, SpyCloud

It turns out infostealer infections are a major contributing factor to a company’s ransomware risk, with some industries faring better than others. Get the new research from our sponsor, SpyCloud, and see if your ransomware defense strategy stacks up against your peers. Visit spycloud.com/headlines

Get the story behind the headlines at CISOSeries.com

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Jason Elrod, CISO, Multicare Health System

Missed the live show? Watch it on YouTube. And make sure to check out Jason’s book (coming soon) at CyberCISOmarksmanship.com, as well as his newsletter at LimitlessCyber.com.

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews.

With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs.

Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.

Visit vanta.com to learn more about Questionnaire Automation. 

All links and the video of this episode can be found on CISO Series.com

Public Wi-Fi hacked at some of the UK’s busiest train stations

Data privacy watchdog files complaint against Mozilla for ad tracking feature

NIST drops password complexity, mandatory reset rules

Thanks to today's episode sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews.

With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs.

Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.

Visit vanta.com to learn more about Questionnaire Automation.

Find the stories behind the headlines at CISOseries.com.

DragonForce uses ransomware’s greatest hits

Salt Typhoon strikes US ISPs

Finding SpAIware on the ChatGPT Mac app

Thanks to today's episode sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews.

With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs.

Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.

Visit vanta.com to learn more about Questionnaire Automation.

Kansas water plant pivots to analog after cyber event

CrowdStrike exec apologizes in Congress for global IT outage

MoneyGram goes offline after cyber incident

Thanks to today's episode sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews.

With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs.

Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.

Visit vanta.com to learn more about Questionnaire Automation.

For the stories behind the headlines, visit CISOseries.com

U.S. proposes ban on Chinese, Russian tech in autonomous vehicles

Telegram updates policies to expose ‘bad actors’

Necro Trojan infects 11 million android devices through Google Play apps

Thanks to today's episode sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews.

With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs.

Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.

Visit vanta.com to learn more about Questionnaire Automation.

LinkedIn halts AI data processing in UK due to privacy concerns, Ukraine bans Telegram Use for government and military, Dismissed German cyber chief falsely accused of associating with Russian spies

Thanks to today's episode sponsor, Vanta

As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews.

With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs.

Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.

Visit vanta.com to learn more about Questionnaire Automation.

Find the stories behind the headlines at CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Mike Rosen, CISO, ZwillGen, advisor to NightDragon and Villager at Team8, whose favorite story of the week was Starlink’s ability to detect stealth aircraft. Check it out.

Thanks to our show sponsor, Conveyor

Why do teams choose Conveyor over the competition for customer security reviews?

A few reasons. 

One.  Market-leading AI accuracy for any format of security questionnaire with limited knowledge base maintenance.Two. Enterprise-grade trust center that automates every customer security request.Three. Conveyor’s sales team is actually fun to work with.

Learn why Conveyor is the security review platform your infosec friends love at www.conveyor.com  

All links and the video of this episode can be found on CISO Series.com

New INC ransomware targets U.S. healthcare sector

Providence public schools deal with irregular internet activity

Apple pulls iPadOS 18 update that was bricking M4 iPad Pro devices

Thanks to today's episode sponsor, Conveyor

It’s Friday and Conveyor hopes you don’t have a meaty security questionnaire waiting for you on the other side of this podcast. If you do, you should check them out.

As the market-leader in instant, generative AI answers to entire security questionnaires, Conveyor helps you complete questionnaires fast, no matter the format they’re in, so you don’t feel like you’re getting crushed by the wave of unfinished work.

Learn why we’re the software your infosec friends love at www.conveyor.com.

Get the story behind the headlines at CISOSeries.com.

Feds derail Raptor Train

Newmark creates Volunteer Network for Civil Cyber Defense 

US to host global AI safety summit

Thanks to today's episode sponsor, Conveyor

Does the next security questionnaire that hits your inbox make you want to throw your laptop out the window? If so, don’t do it. You should check out Conveyor first.

Conveyor is the market-leader in instant, generative AI answers to entire security questionnaires no matter the format they are in.

Yes, that’s right. Upload any file like excels, word docs and even PDFs for instant processing and tackle any portal-based questionnaire with a browser extension that auto-scrolls and fills in answers for you.

Try a free proof of concept today at www.conveyor.com.

Get the story behind the headlines at CISOSeries.com.

Exploding pager tragedy experts look towards supply chain sabotage

Construction companies potentially vulnerable through accounting software

Cyberattacks result in job losses

Thanks to today's episode sponsor, Conveyor

Are customer security reviews constantly interrupting your day? You should check out Conveyor.

With an enterprise-grade trust center to securely share your security posture, SOC 2, and security FAQs and security questionnaires and market-leading AI accuracy for instant security questionnaire answers, you’ll fly through any customer security request and get back to your regular job.

Learn more about the AI security review automation platform your infosec friends love at www.conveyor.com. Mention this podcast for 5 free questionnaire credits when you purchase a Pro plan.

Get the story behind the headlines at CISOSeries.com.

Spyware giant Intellexa faces new U.S. sanctions

Nearly 1 million impacted by ransomware attack on London hospitals

Apple releases long-awaited update

Thanks to today's episode sponsor, Conveyor

Why do teams choose Conveyor over the competition for customer security reviews?

A few reasons. 

One.  Market-leading AI accuracy for any format of security questionnaire with limited knowledge base maintenance.

Two. Enterprise-grade trust center that automates every customer security request.

Three. Conveyor’s sales team is actually fun to work with.

Learn why Conveyor is the security review platform your infosec friends love at www.conveyor.com 

Get the story behind the headlines at CISOSeries.com.

Fortinet confirms customer data breach

RansomHub threatens to leak stolen Kawasaki data

Update: Transport for London requires in-person password resets after hack

Thanks to today's episode sponsor, Conveyor

Ever feel like completing security questionnaires has become your full time side hustle you’re not even getting paid extra for? If so, you should check out Conveyor. Conveyor is the market-leader in instant, generative AI answers to entire security questionnaires no matter the format they are in. Yes, that’s right. Upload any file like excels, word docs and even PDFs for instant processing and tackle any portal-based questionnaire with a browser extension that auto-scrolls and fills in answers for you.

Try a free proof of concept today at www.conveyor.com.

Get the story behind the headlines at CISOSeries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by David Spark with guest Patrick Heim, co-founder and partner, SYN Ventures

Huge thanks to our sponsor, Vanta

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at vanta.com/headlines. 

All links and the video of this episode can be found on CISO Series.com

Lazarus Group’s VMConnect campaign spoofs CapitalOne

Mastercard buys security firm Recorded Future

WordPress to require two-factor authentication for plugin developers

Huge thanks to our sponsor, Vanta

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines. That’s vanta.com/headlines. 

Get the story behind the headlines at CISOSeries.com

The $20 WHOIS vulnerability

India training thousands of “cyber commandos”

A Word of warnings for Taiwanese drone makers

Huge thanks to our sponsor, Vanta

When it comes to ensuring your company has top-notch security practices, things can get complicated, fast. Vanta automates compliance for SOC 2, ISO 27001, and more, saving you time and money. With Vanta, you can unify your security program management and proactively manage security reviews with AI-powered security questionnaires.Our listeners get $1,000 off at vanta.com/headlines. That’s vanta.com/headlines.

Get the story behind the headlines at CISOSeries.com

Slim CD notifies 1.7M customers of data breach

Delaware men charged in international sextortion scheme

London transit agency drops claim it has ‘no evidence’ of customer data theft

Huge thanks to our sponsor, Vanta

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines. That’s vanta.com/headlines. 

Get the story behind the headlines at CISOSeries.com

1.7 million impacted in payment processing breach

Dark web administrators charged in U.S.

Resurgence of Predator Spyware sparks privacy concerns

Huge thanks to our sponsor, Vanta

When it comes to ensuring your company has top-notch security practices, things can get complicated, fast. Vanta automates compliance for SOC 2, ISO 27001, and more, saving you time and money. With Vanta, you can unify your security program management and proactively manage security reviews with AI-powered security questionnaires.Our listeners get $1,000 off at vanta.com/headlines. That’s vanta.com/headlines.

Get the story behind the headlines at CISOSeries.com

Car rental company Avis discloses data breach

Microsoft Office 2024 to disable ActiveX controls by default

Wisconsin Medicare users had information leaked in MOVEit breach

Huge thanks to our sponsor, Vanta

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines.  

Get the story behind the headlines at CISOSeries.com

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Justin Somaini, partner, YL Ventures

Thanks to our show sponsor, Scrut Automation

Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That’s www.scrut.io.

All links and the video of this episode can be found on CISO Series.com

Planned Parenthood suffers cyberattack

DoJ propaganda domains takedown

Microchip Technology confirms data theft

Thanks to today's episode sponsor, Scrut Automation

Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That’s www.scrut.io.

Find the stories behind the headlines at CISOseries.com.

Spyware research report

They found a way to make Cicadas more annoying

MacroPack red teaming tool used for malware

Thanks to today's episode sponsor, Scrut Automation

Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That’s www.scrut.io.

Halliburton confirms data stolen in cyberattack

City of Columbus sues researcher after ransomware attack

White House publishes plan to protect a key component of the internet

Thanks to today's episode sponsor, Scrut Automation

Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That’s www.scrut.io.

For the stories behind the headlines, visit CISOseries.com.

Transport for London suffers cyberattack

German air traffic control agency confirms cyberattack

Sweden warns of heightened risk of Russian sabotage

Thanks to today's episode sponsor, Scrut Automation

Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That’s www.scrut.io.

Find the stories behind the headlines at CISOseries.com

Seattle Airport issues travelers’ advisory for Labor Day travel

SQL injection able to bypass airport TSA security checks

North Korea uses FudModule Rootkit in Chrome zero-day exploit

Thanks to today's episode sponsor, Scrut Automation

Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That’s www.scrut.io.

Find the stories behind the headlines at CISOseries.com.

DICK’S Sporting Goods suffers cyberattack

Brain Cipher claims attack on Paris museums, promises data leak

Play ransomware hackers claim attack on Microchip Technology

Thanks to today's episode sponsor, Scrut Automation

Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That’s www.scrut.io.

Find the stories behind the headlines at CISOSeries.com

Iran targeting presidential administration officials

Iran working with ransomware gangs

UK Labour Party chided over cyberattack backlog

Thanks to today's episode sponsor, Scrut Automation

Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That’s www.scrut.io.

Find the stories behind the headlines at CISOSeries.com

Texas credit union user data exposed in another MOVEit breach

US Marshals Service disputes ransomware gang's breach claims

Park’N Fly notifies 1 million customers of data breach

Thanks to today's episode sponsor, Scrut Automation

Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That’s www.scrut.io.

Find the stories behind the headlines at CISOSeries.com

SonicWall warns of critical access control flaw

Microsoft to host security summit

More details on Telegram CEO’s arrest

Thanks to today's episode sponsor, Scrut Automation

Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That’s www.scrut.io.

Find the stories behind the headlines at CISOSeries.com

Halliburton takes systems offline following cyberattack

French police arrest Telegram CEO Pavel Durov

DOJ joins suit against Georgia Tech over Defense Department cybersecurity failures 

Thanks to today's episode sponsor, Scrut Automation

Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That’s www.scrut.io.

Find the stories behind the headlines at CISOSeries.com

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Bethany De Lude, CISO, The Carlyle Group

Thanks to today’s episode sponsor, Nudge Security

When your CEO asks “Hey, are we using that SaaS app that was just breached?”, how quickly and confidently can you answer? Stop guessing with Nudge Security. Discover all SaaS accounts ever introduced by anyone in your org, in minutes and get alerted when any SaaS app used in your org is breached. Start a 14-day trial now at nudgesecurity.com/saas

All links and the video of this episode can be found on CISO Series.com

Kremlin complains of DDoS attack, digital experts not so sure

FAA proposes new cybersecurity rules for airplanes

Windows Recall to reappear

Thanks to today’s episode sponsor, Nudge Security

Do you know who’s using genAI tools in your org? Find out today with Nudge Security. Their patented approach to SaaS discovery gives you a full inventory of all apps ever introduced by anyone in your org, in minutes, including genAI apps. And, automated workflows help you scale security and governance without breaking a sweat. Start a free trial today at nudgesecurity.com/genai

For the stories behind the headlines, head to CISOseries.com.

Security initiative from Japanese auto companies

Feds tapping into encrypted messaging haul

Microsoft breaks Linux dual-boot systems

Thanks to today’s episode sponsor, Nudge Security

How big is your SaaS attack surface? Find out today with Nudge Security. Nudge Security discovers all SaaS accounts ever created by anyone in your org, in minutes, and gives you automated workflows to scale SaaS security and governance. Take control of your SaaS security posture. Start a free trial today at nudgesecurity.com/cisoseries

Toyota confirms third-party data breach impacting customers

Man who hacked Hawaii state registry sentenced

U.S. Intelligence blames Iran for Trump campaign hack

Thanks to today’s episode sponsor, Nudge Security

When your CEO asks “Hey, are we using that SaaS app that was just breached?”, how quickly and confidently can you answer? Stop guessing with Nudge Security. Discover all SaaS accounts ever introduced by anyone in your org, in minutes and get alerted when any SaaS app used in your org is breached. Start a 14-day trial now at nudgesecurity.com/saas

For the stories behind the headlines, visit CISOseries.com.

‘Only’ 1.3 million affected by National Public Data Breach

Flaws in Microsoft macOS Apps allowing secret recording

Configuration issue exposes flight tracking site

Thanks to today’s episode sponsor, Nudge Security

Do you know who’s using genAI tools in your org? Find out today with Nudge Security. Their patented approach to SaaS discovery gives you a full inventory of all apps ever introduced by anyone in your org, in minutes, including genAI apps. And, automated workflows help you scale security and governance without breaking a sweat. Start a free trial today at nudgesecurity.com/genai

Microsoft Entra admins must enable MFA or lose access to admin portals

Cybercrime gang uses fake Windows update screen to hide data theft

Google Pixel devices shipped with vulnerable Verizon app

Thanks to today’s episode sponsor, Nudge Security

How big is your SaaS attack surface? Find out today with Nudge Security. Nudge Security discovers all SaaS accounts ever created by anyone in your org, in minutes, and gives you automated workflows to scale SaaS security and governance. Take control of your SaaS security posture. Start a free trial today at nudgesecurity.com/cisoseries

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Edwin Covert, head of cyber risk engineering, Bowhead Specialty Underwriters and edwincovert.com

Thanks to our show sponsor, ThreatLocker

Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com.

All links and the video of this episode can be found on CISO Series.com

GitHub vulnerability warning regarding ArtiPacked

RansomHub affiliate launches new EDR-killing tool

SolarWinds issues hotfix for web help desk vulnerability

Thanks to today's episode sponsor, ThreatLocker

Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker.

ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team.

To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com.

For the stories behind the headlines, head to CISOseries.com.

Google details privacy commitments with Gemini AI

MIT releases AI Risk Repository

Russian spies using highly targeted phishing

Thanks to today's episode sponsor, ThreatLocker

Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker.

ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team.

To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com.

FBI shutters Radar ransomware gangs servers

NIST finalizes post-quantum encryption standards

2.7 billion National Public Data records leaked

Thanks to today's episode sponsor, ThreatLocker

Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker.

ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team.

To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com.

For the stories behind the headlines, visit CISOseries.com.

U.S. operation of “laptop farm” for North Korea shutdown

Over 100 Ukrainian government computers compromised

Trump campaign says they were hacked

Thanks to today's episode sponsor, ThreatLocker

Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker.

ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team.

To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com.

Iranian hackers ramping up U.S. election interference

AMD SinkClose flaw helps install nearly undetectable malware

ADT discloses breach that impacts more than 30,000 customers demands

Thanks to today's episode sponsor, ThreatLocker

Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker.

ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team.

To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com.

For the stories behind the headlines, head to CISOseries.com

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest DJ Schleen, distinguished security architect, Yahoo

Thanks to our show sponsor, Vanta

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines. That’s vanta.com/headlines. 

All links and the video of this episode can be found on CISO Series.com

Chameleon reappears targeting Canadian restaurant chain

Rhysida claims attack on Bayhealth Hospital in Delaware

BlackSuit/Royal achieves $500m in ransomware demands

Huge thanks to our sponsor, Vanta

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines. That’s vanta.com/headlines.

For the stories behind the headlines, head to CISOseries.com.

McLaren hospitals disruption linked to INC ransomware attack

CrowdStrike to give customers control over Falcon sensor updates

Ronin Network hacked by "white hats"

Huge thanks to our sponsor, Vanta

When it comes to ensuring your company has top-notch security practices, things can get complicated, fast. Vanta automates compliance for SOC 2, ISO 27001, and more, saving you time and money. With Vanta, you can unify your security program management and proactively manage security reviews with AI-powered security questionnaires.Our listeners get $1,000 off at vanta.com/headlines. That’s vanta.com/headlines

Google patches Android kernel zero-day

Researchers find flaws in Georgia voter portal

Law would make ransomware a terrorist threat

Huge thanks to our sponsor, Vanta

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines. That’s vanta.com/headlines.

CrowdStrike strikes back against Delta’s claims of negligence

Ransomware attack costs Keytronic $17 million

Patch required for high-severity flaw in Apache OFBiz

Huge thanks to our sponsor, Vanta

When it comes to ensuring your company has top-notch security practices, things can get complicated, fast. Vanta automates compliance for SOC 2, ISO 27001, and more, saving you time and money. With Vanta, you can unify your security program management and proactively manage security reviews with AI-powered security questionnaires.Our listeners get $1,000 off at vanta.com/headlines. That’s vanta.com/headlines

Hackers use ISP to send malware through software updates

CrowdStrike sued by investors following update failure

Historic prisoner swap includes cybercriminals returned to Russia

Huge thanks to our sponsor, Vanta

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines. That’s vanta.com/headlines.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Dennis Pickett, vp, CISO, Westat

Thanks to our show sponsor, Dropzone AI

Dropzone AI’s Analyst investigates alerts with unmatched speed and precision, providing clear, actionable reports. Experience the power of autonomous threat detection. Meet Dropzone AI at BSides Las Vegas. Visit dropzone.ai for a 3-month free trial.

All links and the video of this episode can be found on CISO Series.com

Cencora confirms patient data stolen in February cyberattack

Phishing campaign targets OneDrive users

Argentina will use AI to predict future crimes

Huge thanks to our sponsor, Dropzone AI

Picture an analyst who works tirelessly around the clock. Dropzone AI’s Analyst investigates every alert and provides comprehensive, actionable reports. Boost your SOC’s capabilities with a 3-month free trial at dropzone.ai.

For the stories behind the headlines, head to CISOseries.com

DDoS attacks won’t impact US elections

Dating apps leaked precise location data

Germany formally blames China for 2021 cyberattack

Huge thanks to our sponsor, Dropzone AI

Think of Alex, your new team member who never takes a break. Dropzone AI’s Analyst investigates every alert and delivers detailed reports without playbooks or code. Experience Alex’s dedication with a 3-month free trial at dropzone.ai.

Delta enlists Microsoft's legal nemesis over CrowdStrike losses

Dark Angels receives record-breaking ransom payment

Meta to pay $1.4 billion biometric lawsuit

Huge thanks to our sponsor, Dropzone AI

Dropzone AI’s Analyst investigates alerts and responds to threats with unmatched speed and precision. No playbooks, no code required. Transform your SOC’s performance with a 3-month free trial at dropzone.ai.

For the stories behind the headlines, head to CISOseries.com.

4.3 million impacted by HealthEquity data breach

Microsoft admits CrowdStrike incident far greater than first reported

Proofpoint exploit allows for millions of fake emails

Huge thanks to our sponsor, Dropzone AI

Imagine an analyst who never misses an alert. Dropzone AI autonomously investigates every alert and provides decision-ready reports, enhancing your SOC’s efficiency. Try it free for 3 months at dropzone.ai.

Hackers exploiting PyPi package targets MacOS

Columbus, Ohio suffers cyber incident

Windows July updates come with some BitLocker and remote connectivity challenges

Huge thanks to our sponsor, Dropzone AI

Meet Dropzone AI, the analyst who never rests. Investigating every alert with unparalleled speed and precision, delivering clear, actionable reports. No playbooks, no code. Experience the power of AI with a 3-month free trial at dropzone.ai.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Jana Moore, CISO, Belron, also vice president, EmpoWer – Supporting women in infosec.

Thanks to our show sponsor, Vanta

When it comes to ensuring your company has top-notch security practices, things can get complicated, fast. Vanta automates compliance for SOC 2, ISO 27001, and more, saving you time and money. With Vanta, you can unify your security program management and proactively manage security reviews with AI-powered security questionnaires. Our listeners get $1,000 off at Vanta dot com/headlines.

All links and the video of this episode can be found on CISO Series.com

Hackers exploiting Microsoft Defender SmartScreen bug

IT leaders note increase in severity of cyber-attacks, ransomware and BEC stand out,

Trump shooting investigation revives the end-to-end encryption issue

Huge thanks to our sponsor, Vanta

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines. 

For the stories behind the headlines, head to CISOseries.com

CrowdStrike dishes details 

Google scuttles third-party cookie deprecation

BreachForums leaked on Telegram

Huge thanks to our sponsor, Vanta

When it comes to ensuring your company has top-notch security practices, things can get complicated, fast. Vanta automates compliance for SOC 2, ISO 27001, and more, saving you time and money. With Vanta, you can unify your security program management and proactively manage security reviews with AI-powered security questionnaires. Our listeners get $1,000 off at vanta.com/headlines.

Google’s $23 billion plan to buy Wiz falls apart

U.S. government looking for answers amidst CrowdStrike aftermath

dYdX exchange hacked in DNS hijack attack

Thanks to our episode sponsor, Vanta

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines.

For the stories behind the headlines, visit CISOseries.com.

CrowdStrike says “significant number” back up and running

Russian cyber criminals sanctioned for infrastructure attacks

Ransomware attack shuts down largest trial court in U.S.

Huge thanks to our sponsor, Vanta

When it comes to ensuring your company has top-notch security practices, things can get complicated, fast. Vanta automates compliance for SOC 2, ISO 27001, and more, saving you time and money. With Vanta, you can unify your security program management and proactively manage security reviews with AI-powered security questionnaires. Our listeners get $1,000 off at vanta.com/headlines.

Microsoft confirms CrowdStrike update also hit cloud Windows PCs

Cybercriminals exploit CrowdStrike problem to distribute malware

CISA adds some big names to its KEV catalog

Huge thanks to our sponsor, Vanta

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post – get exact one from https://cisoseries.com

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Adam Arellano, former vp, enterprise cybersecurity, PayPal

Thanks to our show sponsor, Conveyor

Why do teams choose Conveyor over the competition to automate answering security questionnaires? A few reasons.  One.  Market-leading AI accuracy Two. They don’t have to maintain a crazy knowledge base anymore because ConveyorAI can read from any source like external support sites, documents, past questionnaires and more. Three. It can process ANY customer file format – even PDFs! It will even auto-scroll and auto-complete portal-basedl questionnaires. Don’t believe it? Try it yourself for free at www.conveyor.com.

All links and the video of this episode can be found on CISO Series.com