New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now Microsoft reminds admins to prepare for WSUS driver sync deprecation Zwipe runs out of time for biometric card revenues, files for bankruptcy Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help m...
Feb 19, 2025•7 min
Dutch Police take down Zservers Chase to block Zelle payments to sellers on social media Finastra notifies victims of October data breach Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a...
Feb 18, 2025•8 min
Hackers steal emails in device code phishing attacks Anti-TOAD feature seeks to prevent in-call sideloading attacks Chinese hackers breach more U.S. telecoms via unpatched Cisco routers Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as y...
Feb 17, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Doug Mayer , vp, CISO, WCG Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings automation ...
Feb 14, 2025•29 min
U.S. lawmakers demand UK retraction of Apple backdoor Sarcoma ransomware claims breach at giant PCB maker Unimicron Ransomware attack disrupts Michigan's Sault Tribe operations Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls w...
Feb 14, 2025•8 min
DOGE is hacking America This Ad-Tech company is powering surveillance of US military personnel Apple and Google take down malicious mobile apps from their app stores Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta ....
Feb 13, 2025•9 min
LockBit host sanctioned A peak at DeepSeek's weak security Sandworm targeting Ukraine with trojanized KMS Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings automation to evidence collection across over ...
Feb 12, 2025•7 min
Urgent iOS update fixes critical USB security flaw CISA officials placed on administrative leave Attack disrupts newspaper giant's operations Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings automation...
Feb 11, 2025•10 min
Shock and lawsuit over security failures in DOGE takeover CISA adds Microsoft Outlook and Sophos XG Firewall to its Known Exploited Vulnerabilities catalog DeepSeek App transmits sensitive user and device data without encryption Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 compan...
Feb 10, 2025•9 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Caitlin Sarian , owner and CEO, Cybersecurity Girl LLC Thanks to our show sponsor, ThreatLocker ThreatLocker (R) is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. T...
Feb 07, 2025•27 min
Critical RCE bug in Microsoft Outlook now exploited in attacks Kimsuky uses forceCopy malware to steal browser-stored credentials Treasury agrees to block additional DOGE staff from accessing sensitive payment systems Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack sur...
Feb 07, 2025•8 min
Spain arrests hacker of U.S. and Spanish military agencies Robocallers called the FCC pretending to be from the FCC Ransomware payments decreased 35% year-over-year Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To...
Feb 06, 2025•9 min
Meta says it may stop development of AI systems it deems too risky Ferret Malware Added to 'Contagious Interview' Campaign Credential Theft Becomes Cybercriminals' Favorite Target Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vuln...
Feb 05, 2025•7 min
Exploited vulnerabilities up significantly from previous year First U.S. state to declare ban on DeepSeek Crypto scams make comeback on X Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your ...
Feb 04, 2025•8 min
Google describes APTs using Gemini AI India's Tata Technologies suffers ransomware attack Meta confirms new zero-click WhatsApp spyware Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your fr...
Feb 03, 2025•7 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Alexandra Landegger , Global Head of Cyber Strategy & Transformation, RTX Thanks to our show sponsor, Conveyor Let me guess, another security questionnaire just landed in your inbox. Which means all the follow up tasks you don't have time for are close behind. What are you going to do? Here's a better question: what would Sue do? Sue is Conveyor's new AI Agent for Customer Trus...
Jan 31, 2025•23 min
New York Blood Center suffers ransomware attack DeepSeek's exposed database leaks sensitive data CISA's future unclear under new administration Huge thanks to our sponsor, Conveyor Let me guess, another security questionnaire just landed in your inbox. Which means all the follow up tasks you don't have time for are close behind. What are you going to do? Here's a better question: what would Sue do? Sue is Conveyor's new AI Agent for Customer Trust. She handles the entire security review process ...
Jan 31, 2025•8 min
Tenable acquiring Israel's Vulcan Cyber in $150 million deal Chinese and Iranian Hackers Are Using U.S. AI Products to Bolster Cyberattacks U.S. Navy bans use of DeepSeek due to 'security and ethical concerns' Huge thanks to our sponsor, Conveyor Ever wish you had a teammate that could handle the most annoying parts of customer security reviews? You know, chasing down SMEs for answers, updating systems, coordinating across teams—all the grunt work nobody wants to do. Plus, having to finish the d...
Jan 30, 2025•8 min
Most ransomware victims shut down operations shutdowns EU sanctions GRU members for Estonia cyberattacks Lynx ransomware runs a tight ship Huge thanks to our sponsor, Conveyor Tired of herding cats to complete customer security questionnaires? Your team probably spends hours daily juggling the back and forth of completing these security requests. That's why Conveyor created Sue, the first AI Agent for Customer Trust. Sue doesn't just handle completing security questionnaires and sending SOC 2 to...
Jan 29, 2025•8 min
Google responds to "most sophisticated" voice phishing attack Security consortium creates Opengrep DeepSeek suspends new user registrations Huge thanks to our sponsor, Conveyor Tired of herding cats to complete customer security questionnaires? Your team probably spends hours daily juggling the back and forth of completing these security requests. That's why Conveyor created Sue, the first AI Agent for Customer Trust. Sue doesn't just handle completing security questionnaires and sending SOC 2 t...
Jan 28, 2025•8 min
DHS Advisory Committee memberships halted UnitedHealth updates number of data breach victims to 190 million Meta's Llama Framework flaw exposes AI systems to remote code execution risks Huge thanks to our sponsor, Conveyor Conveyor launched the first AI Agent for Customer Trust. So wtf does that mean? It means the AI agent goes beyond just sharing NDA-gated documents like a SOC 2 with customers or answering security questionnaires. Conveyor's AI Agent, Sue, handles the entire security review pro...
Jan 27, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Shaun Marion , vp, CSO, Xcel Energy Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings au...
Jan 24, 2025•29 min
TSA cyber chief David Pekoske ousted by new administration CISOs gain boardroom traction Influence but still lack soft skills, says Splunk Cisco Fixes vulnerability in Meeting Management Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their ...
Jan 24, 2025•8 min
Trump administration fires members of cybersecurity review board in 'horribly shortsighted' decision Major Cybersecurity Vendors' Credentials Found on Dark Web PowerSchool hacker claims they stole data of 62 million students Thanks to today's episode sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 com...
Jan 23, 2025•7 min
7-Zip flaw bypasses Windows security warnings Attackers impersonate Ukraine's CERT-UA AI Executive Order revoked Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings automation to evidence collection acros...
Jan 22, 2025•9 min
HPE investigates breach claims Former CIA analyst pleads guilty to sharing Top Secret files Data of nearly half million hotel guests exposed Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings automation ...
Jan 21, 2025•9 min
Tik Tok is back, with strings attached Noem promises to curtail CISA Label company Avery announces data breach Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings automation to evidence collection across ...
Jan 20, 2025•9 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Phil Beyer , head of security, Flex Thanks to our show sponsor, Dropzone.ai What if your SOC could handle 10x the alerts without burning out your team? Dropzone AI automates Tier 1 investigations and frees your analysts to tackle bigger challenges. It's how smart teams are staying ahead. See how it works—schedule a demo today at dropzone.ai . All links and the video of this episode...
Jan 17, 2025•30 min
Biden signs cybersecurity executive order Star Blizzard targeting WhatsApp US healthcare sector saw 585 breaches in 2024 Huge thanks to our sponsor, Dropzone AI What if your SOC could handle 10x the alerts without burning out your team? Dropzone AI automates Tier 1 investigations and frees your analysts to tackle bigger challenges. It's how smart teams are staying ahead. See how it works—schedule a demo today at dropzone.ai . For the stories behind the headlines, head on over to CISOSeries.com...
Jan 17, 2025•8 min
How to delete Facebook, Messenger, or Instagram - if you want Meta out of your life GoDaddy slapped with wet lettuce for years of lax security and 'several major breaches' TikTok could possibly stay alive after Sunday's upcoming ban Huge thanks to our sponsor, Dropzone AI Alert fatigue is real, and it's draining. Dropzone AI takes on the tedious investigations, so you can focus on making an impact where it matters most. It's smarter tools for a smarter SOC. Check it out at dropzone.ai . For the ...
Jan 16, 2025•7 min
