Our sponsor, Omada's identity governance tip of the day Deploy identity capabilities in phases. If you try to do a massive lift and shift problems will occur and it will probably take longer than you expect. See where you can add value early on. First, launch the solution's basic functionality. What can be done without writing custom code? Where you can deliver value at each iteration? You want to show continuous success rather than the fastest total completion time. Learn more at omada.net . Fo...
Jan 08, 2021•8 min
Link to Blog Post This week's Cyber Security Headlines Week in Review - January 4-8, 2021 is hosted by Steve Prentice, with our guest, Ross Young, CISO, Caterpillar Financial ( LinkedIn ). Thanks to our episode sponsor, Omada Get stakeholders on board early. Sounds simple, but the hard part is making sure everyone has the right level of information they need at the right time to do their job. So start thinking early about the needs of your CISO, the security staff, auditors, compliance officers,...
Jan 08, 2021•20 min
Rioters storm US Capitol, Trump's Twitter suspended SolarWinds attackers accessed DOJ's email server WhatsApp to share user data with Facebook Our sponsor, Omada's identity governance tip of the day According to Gartner, if you use a SaaS solution for identity governance and administration you'll save an average of 30 percent in initial integration costs. Here are some items to look for when choosing an IGA SaaS solution: Does it have high availability? Is it configurable to your specific busine...
Jan 07, 2021•7 min
Google, Alphabet employees unionize NYSE no longer plans to de-list Chinese firms Amazon banned from using AWS trademark in China Our sponsor, Omada's identity governance tip of the day Upon launching a project map your business priorities to best-practice identity processes. Then, perform a fit-gap analysis between functional areas in the process to the ideal goal. Where are key data and systems going? Where are there gaps? Are there deviations from best practices? You now have a blueprint of b...
Jan 06, 2021•7 min
Microsoft source code accessed by SolarWinds attackers Slack suffers massive outage UK judge denies Assange extradition to US Our sponsor, Omada's identity governance tip of the day Well-tested process frameworks are great starting points. No need to reinvent. Just tweak processes that have already proven effective such as automating identity management, access requests, cross-application segregation of duties, and least privilege access. Head over to omada.net to see how Omada can help you get ...
Jan 05, 2021•6 min
Russian SolarWinds hack damage escalates Backdoor account discovered in more than 100,000 Zyxel firewalls and VPN gateways Wall Street to kick out Chinese telecom giants Our sponsor, Omada's identity governance tip of the day Get stakeholders on board early. Sounds simple, but the hard part is making sure everyone has the right level of information they need at the right time to do their job. So start thinking early about the needs of your CISO, the security staff, auditors, compliance officers,...
Jan 04, 2021•8 min
T-Mobile discloses data breach CISA updates SolarWinds guidance Emotet strikes Lithuanian health infrastructure Thanks to our sponsor ReversingLabs Newly created digital data that supports productivity is growing greater than forty percent annually. With more employees working remote and businesses reliant on this digital content, what steps are you taking to ensure this data is secure? Learn more about how ReversingLabs can help establish secure digital business processes today and watch an on-...
Dec 31, 2020•6 min
Google Docs bug exposes users private documents Kawasaki discloses security breach, potential data leak Brexit deal warns of security dangers of Netscape Communicator Thanks to our sponsor ReversingLabs We've seen a 430% growth in next generation cyber attacks actively targeting open-source software projects. Worse yet, contemporary malware implements evasive techniques to avoid detection by AV and Sandbox technologies. What can you do to stay on top of these new threats? Learn more about how Re...
Dec 30, 2020•7 min
Defending the COVID-19 vaccine supply chain Cellular aggregation tool detailed in police records CISA releases malware detection tool for Azure and Microsoft 365 Thanks to our sponsor ReversingLabs The SolarWinds attack has highlighted the need to scan "gold" software images prior to their release or consumption, and look for software tampering, invalid digital signing, and build quality issues. Do you have the right controls in place to assess these risks? Learn more about how ReversingLabs can...
Dec 29, 2020•7 min
Microsoft resellers seen as Russian cyberattack mules GoDaddy employees fail holiday bonus phishing test SolarWinds releases updated advisory for new SUPERNOVA malware Thanks to our sponsor ReversingLabs Less than thirty percent of organizations have a formal threat hunting program, yet threat hunting has shown to improve overall security postures by over ten percent. What actions are you taking to upskill your security staff and bring threat hunting practices into your daily security practices?...
Dec 28, 2020•7 min
Treasury Department's senior leaders were targeted by SolarWinds hack Draft lawsuit alleges Google and Facebook agreed to team up against antitrust action Three VPN providers with criminal ties taken down Thanks to our sponsor ReversingLabs Ransomware is responsible for causing the most destructive amount of downtime - more than seventeen hours. Are you equipped to fight ransomware? Do you have the latest intelligence and indicators of compromise to block these attacks? Learn more about how Reve...
Dec 23, 2020•7 min
Attackers staged a dry-run against SolarWinds in October 2019 NSO Group spyware reportedly used against journalists CIA agents exposed with stolen data Thanks to our sponsor ReversingLabs Open source packages from repos such as PyPI, npm, RubyGems and NuGet can be complex, and contain tens of thousands of files. Are you confident these files are safe before you include them in your builds? What steps are you taking to reduce third-party risk? Learn more about how ReversingLabs can help your soft...
Dec 22, 2020•7 min
SolarWinds supply chain attack updates Trump officials plan to split up Cyber Command and NSA Google explains the cause of its recent outage Thanks to our sponsor ReversingLabs Seventy seven percent of organizations are increasing investments in automation to simplify and speed response times. How are you leveraging Machine Learning and AI to solve cyber skills shortages and mitigate risks to your business? Learn more about how ReversingLabs can automate threat analysis and accelerate security r...
Dec 21, 2020•7 min
Ex-Homeland Security adviser: 'We're being hacked' Ignore Facebook 'Christmas bonus' come-on Twitter to start removing COVID-19 vaccine misinformation Thanks to our sponsor ReversingLabs A ransomware attack occurs every 10 seconds. What are you doing to detect hidden malware and expose key Indicators of compromise before they exploit your business. Learn more about how ReversingLabs can help your security teams today and watch an on-demand demo at reversinglabs.com/demo . For the stories behind ...
Dec 18, 2020•7 min
Trump considers clemency for Silk Road founder Researcher warned of SolarWinds security issues last year What can the US do to prevent cyberattacks? Thanks to our sponsor ReversingLabs A ransomware attack occurs every 10 seconds. What are you doing to detect hidden malware and expose key Indicators of compromise before they exploit your business. Learn more about how ReversingLabs can help your security teams today and watch an on-demand demo at reversinglabs.com/demo . For the stories behind th...
Dec 17, 2020•7 min
Microsoft seizes SolarWinds domain – quarantine starts today Twitter will use Amazon Web Services to power user feeds Data breach at Canadian financial services firm highlights perils of insider threats Thanks to our sponsor ReversingLabs 96% of commercial applications include open source components. Is open source software putting your supply chain at risk? Learn more about how ReversingLabs can inspect your new software packages and open source components today, and watch an on-demand demo at ...
Dec 16, 2020•7 min
SolarWinds Orion carrying malware Multiple US agencies impacted by SolarWinds supply-chain attack New EU data use legislation could lead to big tech fines Thanks to our sponsor ReversingLabs Cybersecurity staffing shortages exceed 3 million security professions globally, and the skills gap continues to widen. Learn how ReversingLabs automates the time-consuming task of analyzing malware, and how its explainable threat intelligence scales your security team to address complex cyberthreats. Watch ...
Dec 15, 2020•6 min
Adrozek malware can infect over 30K Windows PCs a day Subway UK finds TrickBot on its menu Ransomware in schools grew in 2020, more on the way in 2021 Thanks to our sponsor ReversingLabs Today the most advanced threats lay hidden…deep within files and objects. In only milliseconds, ReversingLabs is able to analyze the world's most complex files, providing security executives with the risk insights they need to ensure business resiliency, while enabling a security staff of just a few to act as if...
Dec 14, 2020•8 min
Breaking up Facebook won't be easy Intel source 'Spider' outed in election lawsuit's redaction gaff AI is coming for your job … slowly Thanks to our sponsor, Code42. Code42's annual Data Exposure Report on Insider Risk reveals that 42% of data breaches in the past year were caused by a malicious or criminal insider. Read the report for tips on how to stop your insider risk from becoming an insider threat. For the stories behind the headlines, go to CISOseries.com ....
Dec 11, 2020•6 min
The Cybersecurity community responds to FireEye hack Christopher Krebs sues over threats of violence Google makes changes to how Chrome extensions handle data Thanks to our sponsor, Code42. Code42, insider risk detection and response leader, is excited to announce the release of its annual Data Exposure Report on Insider Risk. The report reveals that employees are nine times more likely to leak sensitive data than they were pre-COVID. The report will launch today at 1pm ET at this link . For the...
Dec 10, 2020•6 min
Microsoft's December 2020 Patch Tuesday fixes 58 vulnerabilities Unpatched bugs open GE radiological devices to remote code execution Cloudflare and Apple design a new privacy-friendly internet protocol Thanks to our sponsor, Code42. Tomorrow Code42 will release its annual Data Exposure Report on Insider Risk. Last year's report revealed that 63% of new hires who admit to taking data with them to a new job are repeat offenders. Tune in tomorrow for highlights from this year's report. For the sto...
Dec 09, 2020•8 min
Google publishes cross-site leaks wiki NSA warns of state-sponsored attacks on remote-work systems Greater Baltimore Medical Center hit with ransomware attack Thanks to our sponsor, Code42. Organizations are moving faster than ever before and security tools like DLP, UEBA and CASB can't keep up. Code42 Incydr takes a Zero Trust approach to managing and mitigating data risk from insider threats. Learn more about Code42 Incydr, the insider risk platform that offers insider risk detection and respo...
Dec 08, 2020•6 min
Drug dealers offer Pfizer vaccine on the Dark Web Data theft from Italian defense manufacturer was an inside job Philadelphia food bank loses $1 million in BEC scam Thanks to our sponsor, Code42. Code42 is a cybersecurity company that offers a completely new approach to the old problem of insider threats. Code42's insider risk platform, Incydr, helps organizations foster a culture of speed and collaboration while still preventing data loss – without blocking. Learn more at Code42.com. For the st...
Dec 07, 2020•7 min
Spotify celebrity pages defaced to plug Trump, Taylor Swift Clop ransomware gang rips off 2M credit cards from retailer E-Land 8% of all Google Play apps vulnerable to old security bug Thanks to our episode sponsor, AuthSafe. Are online frauds a concern for your organization? Is it a hurdle for progress? Timely predictions and detections with cognitive engines, should do the trick. SecureLayer7 presents Authsafe. A technology to prevent and detect Fraud attacks old and new. With the help of cred...
Dec 04, 2020•6 min
Malicious hackers target the Covid-19 vaccine 'cold chain' Hackers target US think tanks Massachusetts passes ban on police facial recognition Thanks to our episode sponsor, SecureLayer7. Managing the vulnerabilities and workflows within an organization can be a handful of a task. What your organization needs is a product that is capable of overseeing the workflows and security status for you. SecureLayer7 presents BugDazz. A pentest as a service cloud delivery platform, which makes it easier to...
Dec 03, 2020•6 min
US Supreme Court eyes narrowing of CFAA FBI warns of BEC scammers using email auto-forwarding in attacks Trump lawyer calls for Christopher Krebs' execution Thanks to our episode sponsor, SecureLayer7. Getting rid of vulnerabilities within the systems can be quite an intricate task. But why bother with anything else when there is an all in one cybersecurity package for organizations. A platform where existing, and prospective vulnerability threats can be identified and mitigated through their pe...
Dec 02, 2020•7 min
Baltimore schools struggling with ransomware UK tightens restrictions on Huawei 5G equipment ZeroLogon now detected by Windows Defender Thanks to our episode sponsor, SecureLayer7. Getting rid of vulnerabilities within the systems can be quite an intricate task. But why bother with anything else when there is an all in one cybersecurity package for organizations. A platform where existing, and prospective vulnerability threats can be identified and mitigated through their pentests within set tim...
Dec 01, 2020•6 min
Biden transition team forced to build its own cybersecurity protections China owns the lion's share of internet cross-border data flow U.S. Supreme Court to rule on hacking laws Thanks to our episode sponsor, SecureLayer7. Getting rid of vulnerabilities within the systems can be quite an intricate task. But why bother with anything else when there is an all in one cybersecurity package for organizations. A platform where existing, and prospective vulnerability threats can be identified and mitig...
Nov 30, 2020•7 min
Brazil continues to recover from its worst cyberattack Apple's security chief indicted on bribery charges Baidu apps are leaking data Thanks to our sponsor, Dtex Traditional Employee Monitoring solutions are creepy. Capturing screenshots, recording keystrokes, monitoring web browsing and following social media activities is unnecessary and damages culture. DTEX InTERCEPT is the first and only solution that delivers the real-time workforce monitoring capabilities today's organizations need and em...
Nov 25, 2020•6 min
New Jersey passes anti-doxxing law TikTok patches account takeover flaw Watch out of DDoS on Black Friday Thanks to our sponsor, Dtex Forget projects, get answers. Start preventing insider threats, stopping data loss, and monitoring remote employees in minutes, not days. And do it all without invading user privacy. DTEX Systems helps enterprises run safer and smarter with a first-of-its-kind human-centric approach to enterprise operational intelligence. Learn more and start a free 30-day trial a...
Nov 24, 2020•7 min
