Grandoreiro banking Trojan reappears, hits banks worldwide Kimsuky deploys new backdoor in latest attack on South Korea Healthcare breaches in Australia and Texas Huge thanks to this week's episode sponsor, Tines From endpoint detection and response to vulnerability management, Tines empowers security teams to automate even their most complex workflows. It's fast, flexible, and secure by design. Your team can get up and running in minutes, not weeks. No code. No custom development. The world's s...
May 20, 2024•8 min
Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Ryan Bachman , evp and global CISO, GM Financial Thanks to our show sponsor, vanta.com/ciso Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like you...
May 17, 2024•31 min
Nissan North America breach impacts over 53,000 employees VMware fixes workstation flaws, thanks Pwn2Own hackers Security flaws discovered in GE Ultrasound machines Thanks to today's episode sponsor, Vanta Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like yo...
May 17, 2024•8 min
FBI seizes BreachForums Android getting live threat detection Senators recommend billions for AI investments Editor's note: post updated to fix audio issue Thanks to today's episode sponsor, Vanta Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like your SOC 2 ...
May 16, 2024•8 min
Singing River patient data was swiped in ransomware attack PoC exploit released for D-Link router zero-day Google to use GenAI to help identify phone scams Thanks to today's episode sponsor, Vanta Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like your SOC 2 ...
May 15, 2024•9 min
FCC implements new classification to combat robocall groups MITRE releases threat-modeling framework for embedded devices World renowned auction house attacked ahead of mega-auction Thanks to today's episode sponsor, Vanta Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key ...
May 14, 2024•10 min
Boeing confirms $200 million ransomware extortion attempt Dell announces data breach affecting 49 million customers Ascension healthcare suffers cyberattack, goes offline Thanks to today's episode sponsor, Vanta Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources l...
May 13, 2024•9 min
Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Sasha Pereira , CISO, WASH Thanks to our show sponsor, Vanta.com/ciso Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like your SOC 2 or ISO 27001 a...
May 10, 2024•28 min
F5 Networks warns of new Big-IP vulnerabilities UK armed forces' personal data hacked in MoD breach BetterHelp sends refund notices regarding data sharing lawsuit Huge thanks to our sponsor, Vanta Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like your SOC 2 ...
May 10, 2024•7 min
Lockbit takes credit for Wichita attack US looks at AI model export bans The Spectre of Pathfinder haunts Intel CPUs Huge thanks to our sponsor, Vanta Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like your SOC 2 or ISO 27001 and provide real-time evidence fo...
May 09, 2024•7 min
US indicts LockBit ransomware ringleader DocGo discloses cyberattack that compromised patient health data Payroll data breach exposed data of UK military personnel Huge thanks to our sponsor, Vanta Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like your SOC 2...
May 08, 2024•8 min
LockBit's website is back Germany takes action amid alleged Russian attack Chinese-linked ArcaneDoor targets global network infrastructure Huge thanks to our sponsor, Vanta Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like your SOC 2 or ISO 27001 and provide...
May 07, 2024•9 min
NSC's Neuberger suggests operational approach for on mitigating cyberattacks French cybersecurity teams prepare for "unprecedented" Olympic threat Feds warn about North Korean exploitation of improperly configured DMARC Huge thanks to our sponsor, Vanta Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstr...
May 06, 2024•8 min
Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Phil Beyer , former CISO, Etsy Thanks to today's episode sponsor, Dropzone.ai Dropzone.ai's AI Autonomous Analyst is transforming cybersecurity as we know it. By replicating the techniques of elite analysts and autonomously investigating every alert, our patented system force multiplies your SOC team by 10X without adding headcount. Experience the future of threat detection and respon...
May 03, 2024•26 min
Goldoon botnet exploits D-Link routers CISA adds Gitlab flaw to its KEV catalog Dropbox discloses breach of digital signature service Thanks to our episode sponsor, Dropzone AI Dropzone.ai's AI Autonomous Analyst is transforming cybersecurity as we know it. By replicating the techniques of elite analysts and autonomously investigating every alert, our patented system force multiplies your SOC team by 10X without adding headcount. Experience the future of threat detection and response at dropzone...
May 03, 2024•9 min
Chinese disinformation proving ineffectual NCSC release Advanced Mobile Solutions risk model China implements new State Secrets Law Thanks to our episode sponsor, Dropzone AI Cybersecurity leaders, are you being asked to leverage the power of Gen AI in your SOC? Dropzone.ai's AI Autonomous Analyst empowers your team to thoroughly investigate every alert. No playbooks, no code, just intelligent, adaptable alert investigation. Test drive on dropzone.ai to immediately see the results for yourself....
May 02, 2024•7 min
UnitedHealth Group CEO faces congress & cause of hack revealed Major U.S. wireless carriers face $200M FCC fine Marriott backtracks claims of encryption protection Thanks to our episode sponsor, Dropzone AI Dropzone.ai is proud to announce our selection as a Top 10 Finalist for the prestigious RSA Innovation Sandbox. Our AI Autonomous Analyst is revolutionizing the way SOC teams operate, replicating the techniques of elite analysts and autonomously investigating every alert. Meet us at RSAC ...
May 01, 2024•10 min
USPS phishing sites are popular UK bans bad IoT credentials USB malware attacks targeting industrial sites Thanks to our episode sponsor, Dropzone AI Attention cybersecurity professionals! Are you investigating 100% of the alerts from your IT and security systems? Dropzone.ai's AI Analyst autonomously investigates every alert without playbooks or code, enabling you to turn over every rock. Visit dropzone.ai to learn more and request a trial. Offload your tier-1 analysis to an AI analyst that nev...
Apr 30, 2024•7 min
Kaiser Permanente website tracking tools may have compromised customer data DHS announces AI safety board Okta warns of "unprecedented" credential stuffing attacks on customers Thanks to our episode sponsor, Dropzone AI Introducing Dropzone.ai , the industry's first AI Autonomous SOC Analyst. Their patented LLM replicates the techniques of elite analysts, autonomously investigating every alert without playbooks or code. Force multiply your SOC team by 10X without adding headcount. Visit dropzone...
Apr 29, 2024•8 min
Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Christina Shannon , CIO, KIK Consumer Products Thanks to our show sponsor, Veracode Get ready to experience the future of application security at RSAC 2024 with Veracode . Join us as we unveil cutting-edge innovations and insights to tackle today's most pressing security challenges. From live demos showcasing our newest products to engaging discussions with industry experts. See you a...
Apr 26, 2024•23 min
Google postpones third-party cookie deprecation Brocade SAN appliances and switches exposed to hacking ICICI Bank exposes credit cards to wrong users Thanks to this week's episode sponsor, Veracode Don't miss out on this opportunity to elevate your cybersecurity strategy. Build and scale secure software from code to cloud with speed and trust. Visit our booth #2045 at RSAC 2024 to discover how Veracode is shaping the future of Application Security in the AI era. For the stories behind the headli...
Apr 26, 2024•8 min
Chinese keyboard app flaws exposed Threat actors plant fake assassination story ByteDance on the clock to divest TikTok Thanks to this week's episode sponsor, Veracode Research reveals AI-generated code mirrors human-written code's security flaws. Even seasoned programmers struggle to spot errors, with incorrect AI-generated answers abound. Veracode knows the stakes. While AI accelerates coding, relying on hunches won't suffice. Trust multi-faceted, data-driven insights to mitigate risk from the...
Apr 25, 2024•7 min
Iranian nationals charged with hacking U.S. companies and agencies Siemens working to fix device affected by Palo Alto firewall bug Russian hackers claim cyberattack on Indiana water plant Thanks to this week's episode sponsor, Veracode Are you truly listening to both your security and development teams? Make informed decisions with Veracode . Our developer-friendly security tools integrate with your existing tech stack to secure code from the start. Bridge the gap between security and developme...
Apr 24, 2024•8 min
TikTok ban passes the US House Sandworm targets critical Ukrainian orgs North Koreans animating streaming shows Thanks to this week's episode sponsor, Veracode AI coding companions assist in generating high-quality code snippets, while Veracode swoops in to conduct thorough security assessments, identifying and fixing vulnerabilities quickly. With this dynamic duo, developers can innovate with confidence, knowing their code is both efficient and secure. Secure more code with Co-Pilot or any AI c...
Apr 23, 2024•7 min
RedLine stealer GitHub connection MITRE's breached was through Ivanti zero-day vulnerabilities Researchers find dozens of fake E-ZPass toll websites following FBI warning Thanks to this week's episode sponsor, Veracode Imagine your intelligent coding companion, backed by the robust security expertise of Veracode . Together, we form the ultimate duo, empowering developers to write better code while ensuring it's secure from the get-go. Learn more at RSAC 2024 with Veracode . For the stories behin...
Apr 22, 2024•7 min
Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Dan Walsh , CISO, Paxos Thanks to our show sponsor, Conveyor Happy Friday! Are you tired of hearing about Conveyor's AI security review automation software? We'll stop talking about it if you book a call. Ready to give the market leading AI for security questionnaires a spin? Try a free proof of concept at www.conveyor.com . Don't forget to mention this podcast for 5 free questionnair...
Apr 19, 2024•27 min
Police bust reveals sophisticated phishing-as-a-service platform Overlooked Windows Fibers offer handy route for malicious payload deployment Michigan healthcare organization suffers data breach Thanks to today's episode sponsor, Conveyor Happy Friday! Are you tired of hearing about Conveyor's AI security review automation software? We'll stop talking about it if you book a call. Ready to give the market leading AI for security questionnaires a spin? Try a free proof of concept at www.conveyor.c...
Apr 19, 2024•7 min
Sandworm-linked group tied to attack on water utilities GPT-4 reads security advisories Cell carrier workers solicited for SIM swaps Thanks to today's episode sponsor, Conveyor Conveyor is the market leading AI-powered platform that automates the entire customer security review process — from sharing your security posture and SOC 2 in a single portal to using that same information to automate answering security questionnaires with 90% accuracy. Use Conveyor to fly through any customer security r...
Apr 18, 2024•7 min
Cisco announces breach of multifactor authentication message provider Bad bots drive 10% annual surge in account takeover attacks LockBit 3.0 variant generates custom, self-propagating malware Thanks to today's episode sponsor, Conveyor Conveyor is the AI security review automation platform helping infosec teams automate everything from securely sharing a SOC 2 to one-click autofilling security questionnaires with AI so you can spend almost zero time on the manual tasks that make you want to cry...
Apr 17, 2024•10 min
Meta to close Threads in Turkey Palo Alto fixes backdoor zero-day Details on Microsoft's security overhaul Thanks to today's episode sponsor, Conveyor What are infosec teams measuring these days? More often than not, their impact on sales. As infosec teams become hands on in the sales cycle, proving your value becomes key. A director of GRC said last week that the most direct value for their CEO was showing the efficiencies and the dollars that security has been able to bring in from enabling sa...
Apr 16, 2024•8 min
