Link to Blog Post This week's Cyber Security Headlines – Week in Review , Sep 6-10, 2021, is hosted by Rich Stroffolino with our guest, Matt Crouse , CISO, Taco Bell Thanks to our episode sponsor, Semperis One thing we've learned from attacks like SolarWinds: Cybercriminals can lurk in your Active Directory environment for weeks or months before dropping malware. How do you root them out? First, you need to uncover security gaps in Active Directory that can lead to a breach. Download Purple Knig...
Sep 10, 2021•25 min
US considers limiting CISA director's term 'Azurescape' Kubernetes attack allows cross-container cloud compromise Hackers leak VPN account passwords from 87,000 FortiGate devices Thanks to our episode sponsor, Semperis One thing we've learned from attacks like SolarWinds: Cybercriminals can lurk in your Active Directory environment for weeks or months before dropping malware. How do you root them out? First, you need to uncover security gaps in Active Directory that can lead to a breach. Downloa...
Sep 10, 2021•8 min
Brad Smith relives early days of the SolarWinds attack Internet Explorer zero-days are still something to worry about German police bought NSO Pegasus spyware Thanks to our episode sponsor, Semperis Have you fixed PrintNightmare yet? Ransomware groups including Vice Society are already exploiting this critical flaw in the Windows Print Spooler service. But you can fight back: Download Purple Knight , a free Active Directory security assessment tool that scans your environment for PrintNightmare ...
Sep 09, 2021•7 min
Ransomware gang threatens to leak data if victim contacts FBI, police Personal details of French visa applicants exposed by cyber-attack Brazil President Bolsonaro restricts powers of social media companies to remove accounts and content Thanks to our episode sponsor, Semperis It's no secret that Active Directory is a prime target for cybercriminals: AD is more than 20 years old, and security settings can get sloppy over time. If you haven't checked your Active Directory environment for risky se...
Sep 08, 2021•8 min
ProtonMail shares user IP address with law enforcement IoT attacks double in six months Study looks at criteria for ransomware targeting Thanks to our episode sponsor, Semperis How would your organization score in an Active Directory security assessment? The average grade for first-time users of Purple Knight , a free security assessment tool from Semperis, is about 68%—a barely passing grade. Security and identity managers are shocked at the security gaps this tool has uncovered. But with knowl...
Sep 07, 2021•7 min
Cyber Command urges patching of massively exploited Confluence bug DDoS hits New Zealand – back up again in 30 minutes Salesforce email service used for phishing campaign Thanks to our episode sponsor, Semperis Do you know your Active Directory security vulnerabilities? Cybercriminals love to exploit Active Directory: It has dozens of security gaps because of misconfigurations and new sophisticated hacking tools. But hang on, help is on the way: Download Purple Knight , a free Active Directory s...
Sep 06, 2021•8 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , Aug 30-Sep 3, 2021, is hosted by Steve Prentice with our guest, Marnie Wilking , Global Head of Security & Technology Risk Management, Wayfair Thanks to our episode sponsor, Semperis All links and the video of this episode can be found on CISO Series.com...
Sep 03, 2021•24 min
WhatsApp faces $267M fine for breaching Europe's GDPR UK VoIP telcos disrupted by cyberattacks White House doubles down on holiday cyberattack warnings Thanks to our episode sponsor, Semperis One thing we've learned from attacks like SolarWinds: Cybercriminals can lurk in your Active Directory environment for weeks or months before dropping malware. How do you root them out? First, you need to uncover security gaps in Active Directory that can lead to a breach. Download Purple Knight , a free se...
Sep 03, 2021•8 min
BrakTooth bites major SoC vendors The cost of ransomware to schools Posts surrounding January 6th disappear from Facebook data Thanks to our episode sponsor, Semperis Have you fixed PrintNightmare yet? Ransomware groups including Vice Society are already exploiting this critical flaw in the Windows Print Spooler service. But you can fight back: Download Purple Knight , a free Active Directory security assessment tool that scans your environment for PrintNightmare and more than 70 other attack in...
Sep 02, 2021•7 min
QNAP announces OpenSSL bugs fallout Cyberattackers are now quietly selling off their victim's internet bandwidth Indonesian government's Covid-19 app accidentally exposes over 1 million people Thanks to our episode sponsor, Semperis It's no secret that Active Directory is a prime target for cybercriminals: AD is more than 20 years old, and security settings can get sloppy over time. If you haven't checked your Active Directory environment for risky settings, you might be in for a surprise. To fi...
Sep 01, 2021•8 min
Manual Windows 11 installs might not get updates LockBit to publish Bangkok Air customer data Intermittent encryption hopes to make ransomware worse Thanks to our episode sponsor, Semperis How would your organization score in an Active Directory security assessment? The average grade for first-time users of Purple Knight , a free security assessment tool from Semperis, is about 68%—a barely passing grade. Security and identity managers are shocked at the security gaps this tool has uncovered. Bu...
Aug 31, 2021•7 min
"Worst cloud vulnerability you can imagine" discovered in Microsoft Azure Work from home increased worldwide phishing attacks T-Mobile hacker brute-forced his way through the network Thanks to our episode sponsor, Semperis Do you know your Active Directory security vulnerabilities? Cybercriminals love to exploit Active Directory: It has dozens of security gaps because of misconfigurations and new sophisticated hacking tools. But hang on, help is on the way: Download Purple Knight , a free Active...
Aug 30, 2021•8 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , August 23-27, 2021, is hosted by Steve Prentice with our guest, Edward Contreras , ( @CISOEdwardC )CISO, Frost Bank Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that wil...
Aug 27, 2021•22 min
21-year-old claims responsibility for massive T-Mobile hack Microsoft and Google to invest billions to bolster US cybersecurity Ragnarok ransomware releases master decryptor after shutdown Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will...
Aug 27, 2021•9 min
Most government agencies use facial recognition Botnet scans for vulnerabilities in Realtek chipsets Does cyber insurance make ransomware worse? Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will enter in random variables. Should the merch...
Aug 26, 2021•7 min
Modded WhatsApp delivers Triada trojan Bahraini activists targeted with new iOS zero-click exploit New CISA director wants to spend less time cleaning up after big hacks, more time preparing for them Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Car...
Aug 25, 2021•8 min
Apple started scanning for CSAM in 2019 Power Apps had leaky APIs Razer mice squeak past user privileges Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will enter in random variables. Should the merchant ever get hacked, the fraudsters will...
Aug 24, 2021•7 min
Microsoft Exchange under attack with ProxyShell flaws Australians hit by 'Flubot' malware that arrives by text message Cyberattack hits State Department Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will enter in random variables. Should t...
Aug 23, 2021•8 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , August 16-20, 2021, is hosted by Rich Stroffolino with our guest, Will Gregorian , Head of Security and Technical Operations, Rhino Thanks to our episode sponsor, Copado The traditional development lifecycle is a game of tradeoffs. You either deploy at blazing speed and put yourself at risk of bugs and breaches — or you shore up your security and release software at a snail's pace. But with Copado DevOps , you get the best...
Aug 20, 2021•23 min
Liquid cryptocurrency exchange loses $94 million following hack New unofficial Windows patch fixes more PetitPotam attack vectors New York man sentenced to prison for stealing students' nude photos after hacking their accounts Thanks to our episode sponsor, Copado The traditional development lifecycle is a game of tradeoffs. You either deploy at blazing speed and put yourself at risk of bugs and breaches — or you shore up your security and release software at a snail's pace. But with Copado DevO...
Aug 20, 2021•9 min
T-Mobile says hackers stole records belonging to 48.6 million individuals OIG issues report on US Census Bureau breach Operator of the Helix bitcoin mixer pleads guilty to money laundering Thanks to our episode sponsor, Copado DevOps is the biggest revolution since the cloud. And Copado happens to be the #1 native DevOps solution for Salesforce and SaaS. So say goodbye to tedious deployments, disconnected teams and security risks. Copado provides visibility over your entire lifecycle and empower...
Aug 19, 2021•8 min
Chase bank accidentally leaked customer info to other customers Kalay cloud platform flaw exposes millions of IoT devices Data sovereignty laws place new burdens on CISOs Thanks to our episode sponsor, Copado It's no secret — software risk has never been higher. In fact, 4 in 5 technology leaders lack confidence in their organizatons' ability to combat cybercrime. Ultimately, your business is only as secure as the software that drives it. That's why Copado 's DevOps solution includes built-in se...
Aug 18, 2021•8 min
Terrorist watchlist exposed online DHS considering using private companies to scan social media Reportedly leaked T-Mobile data for sale online Thanks to our episode sponsor, Copado Implementing Salesforce is like buying a private jet. While you could drive it around your neighborhood, wouldn't you rather learn how to fly it into the clouds? Enter Copado — the #1 Native DevOps Solution for Salesforce. Copado unites pro-code and low-code developers on the same platform to unlock visibility, trace...
Aug 17, 2021•7 min
Ford bug exposed customer and employee records from internal systems Huawei accused in suit of installing data 'back door' in Pakistan project Threat actors turning to RDDoS attacks as a new ransom vector Thanks to our episode sponsor, Copado The traditional development lifecycle is a game of tradeoffs. You either deploy at blazing speed and put yourself at risk of bugs and breaches — or you shore up your security and release software at a snail's pace. But with Copado DevOps , you get the best ...
Aug 16, 2021•8 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , August 9-13, 2021, is hosted by Rich Stroffolino with our guest, Ben Sapiro , CISO, Canada Life Thanks to our episode sponsor, Sotero All links and the video of this episode can be found on CISO Series.com...
Aug 13, 2021•22 min
Another unpatched PrintNightmare zero-day PrintNightmare vulnerability weaponized by ransomware gang Notorious darknet market comes back to life Thanks to our episode sponsor, Sotero It's a new CISO security brief that helps you cut through all the vendor noise and zero in on the best data security solution for your requirements. It includes info on data security technology advances, tips to help you meet your security requirements, and new rapid development capabilities so your development team...
Aug 13, 2021•8 min
China signals tech crackdown will deepen Poly Network hacker has a change of heart PrintNightmare finally patched for good Thanks to our episode sponsor, Sotero It's a new CISO security brief that helps you cut through all the vendor noise and zero in on the best data security solution for your requirements. It includes info on data security technology advances, tips to help you meet your security requirements, and new rapid development capabilities so your development team can implement securit...
Aug 12, 2021•6 min
eCh0raix ransomware now targets both QNAP and Synology NAS devices At Least 30,000 internet-exposed exchange servers vulnerable to Proxyshell attacks US Senate sends infrastructure bill to House Thanks to our episode sponsor, Sotero It's a new CISO security brief that helps you cut through all the vendor noise and zero in on the best data security solution for your requirements. It includes info on data security technology advances, tips to help you meet your security requirements, and new rapid...
Aug 11, 2021•7 min
Ransomware demands surge in 2021 Flaw found in IOT random number generators Apple says nation states cannot add to CSAM scanning lists Thanks to our episode sponsor, Sotero It's a new CISO security brief that helps you cut through all the vendor noise and zero in on the best data security solution for your requirements. It includes info on data security technology advances, tips to help you meet your security requirements, and new rapid development capabilities so your development team can imple...
Aug 10, 2021•6 min
Actively exploited bug bypasses authentication on millions of routers A zero-day RCE in Cisco ADSM has yet to be fixed Password of three random words better than complex variation, experts say Thanks to our episode sponsor, Sotero It's a new CISO security brief that helps you cut through all the vendor noise and zero in on the best data security solution for your requirements. It includes info on data security technology advances, tips to help you meet your security requirements, and new rapid d...
Aug 09, 2021•9 min
