Insurer AXA hit by ransomware after dropping support for ransom payments Darkside says it lost control of servers and money a day after Biden threat CEOs could face jail time for IoT attacks by 2024 Thanks to our episode sponsor, Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating yo...
May 17, 2021•7 min
Colonial Pipeline makes ransom payment of nearly $5 million Biden signs executive order to bolster federal cyber defenses Apple failed to disclose security incident affecting millions of users Thanks to our episode sponsor, Altitude Networks Wouldn't it be great if you could INSTANTLY KNOW if a file containing sensitive information was shared in the wrong way, anywhere in your company AND security had a real time slack notification with a magic "undo button"?! Altitude Networks solves these chal...
May 14, 2021•8 min
FBI warns of phishing sites using search ads Researcher finds WiFi vulnerable to "frag attacks" Data transfer demonstrated on Apple's Find My network Thanks to our episode sponsor, Altitude Networks Imagine an employee just left and went to a competitor: did they take proprietary documents or critical roadmaps with them? Did they add a backdoor access via personal accounts to documents? You're a cloud-forward company on G Suite, how would you know your data is at risk? Altitude Networks can auto...
May 13, 2021•7 min
Link to Blog Post This week's Cyber Security Headlines - Week in Review , May 10-14, 2021, is hosted by Steve Prentice ( @stevenprentice ) with our guest, Al Ghous , CISO, Envision Digital Thanks to our episode sponsor, Altitude Networks All links and the video of this episode can be found on CISO Series.com...
May 12, 2021•23 min
U.S. declares emergency in 17 states over fuel pipeline cyber attack Japanese manufacturer Yamabiko targeted by Babuk ransomware Microsoft May 2021 Patch Tuesday fixes 55 flaws, 3 zero-days Thanks to our episode sponsor, Altitude Networks Imagine an employee just left and went to a competitor: did they take proprietary documents or critical roadmaps with them? Did they add a backdoor access via personal accounts to documents? You're a cloud-forward company on G Suite, how would you know your dat...
May 12, 2021•8 min
Darkside behind the Colonial Pipeline attack Insurance provider ends ransomware reimbursement Tor exit nodes plagued by malware Thanks to our episode sponsor, Altitude Networks Uh oh, Johnny left the company 6 months ago, but still has access to numerous files in Google Drive via his personal account! Do you know how many other former employees and contractors still have access to our documents? It's a lot more than you might think. Altitude Networks automatically discovers sharing to personal a...
May 11, 2021•6 min
Colonial hackers stole data ahead of pipeline shutdown Microsoft pulls Windows 10 AMD driver causing PCs not to boot New TsuNAME flaw could let attackers take down authoritative DNS servers Thanks to our episode sponsor, Altitude Networks Uh oh, Johnny left the company 6 months ago, but still has access to numerous files in Google Drive via his personal account! Do you know how many other former employees and contractors still have access to our documents? It's a lot more than you might think. A...
May 10, 2021•8 min
DOD announces expansion of bug bounty program Data leak uncovers Amazon product review scam DHS to embark on historic hiring initiative Thanks to our episode sponsor, Boxcryptor We think CISOs also have a right to sleep peacefully at night. Therefore, we recommend encrypting your sensitive business data for an extra layer of protection. Now in its 10th year, Boxcryptor offers strong end-to-end encryption for more than 30 cloud providers, NAS, file servers, and local data to organizations of all ...
May 07, 2021•7 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review, May 3-7, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Mitch Parker (@mitchparkerciso), CISO, Indiana University Health. Thanks to our episode sponsor, Boxcryptor We think CISOs also have a right to sleep peacefully at night. Therefore, we recommend encrypting your sensitive business data for an extra layer of protection. Now in its 10th year, Boxcryptor offers strong end-to-end encryption for more tha...
May 06, 2021•25 min
Facebook's Oversight Board upholds Trump suspension Phishing for workplace credentials Report looks at third-party SDKs in school apps Thanks to our episode sponsor, Boxcryptor We think CISOs also have a right to sleep peacefully at night. Therefore, we recommend encrypting your sensitive business data for an extra layer of protection. Now in its 10th year, Boxcryptor offers strong end-to-end encryption "Made in Germany" for OneDrive, Dropbox, Google Drive, and Co. as well as for Microsoft Teams...
May 06, 2021•6 min
A new set of vulnerabilities may affect 60 percent of the world's public email servers worldwide Hundreds of millions of Dell computers potentially vulnerable to attack Apple products hit by fourfecta of zero-day exploits Thanks to our episode sponsor, Boxcryptor We think CISOs also have a right to sleep peacefully at night. Therefore, we recommend encrypting your sensitive business data for an extra layer of protection. Now in its 10th year, Boxcryptor offers strong end-to-end encryption for mo...
May 05, 2021•8 min
A look at the Project Signal ransomware campaign Moscow facial recognition system used against protestors Facebook Oversight Board to release Trump decision Wednesday Thanks to our episode sponsor, Boxcryptor We think CISOs also have a right to sleep peacefully at night. Therefore, we recommend encrypting your sensitive business data for an extra layer of protection. Now in its 10th year, Boxcryptor offers strong end-to-end encryption "Made in Germany" for OneDrive, Dropbox, Google Drive, and Co...
May 04, 2021•7 min
New Spectre exploits beat AMD and Intel mitigations Microsoft finds critical code execution bugs in IoT, OT devices New ransomware group uses SonicWall zero-day to breach networks Thanks to our episode sponsor, Boxcryptor We think CISOs also have a right to sleep peacefully at night. Therefore, we recommend encrypting your sensitive business data for an extra layer of protection. Now in its 10th year, Boxcryptor offers strong end-to-end encryption for more than 30 cloud providers, NAS, file serv...
May 03, 2021•8 min
Babuk ransomware operators announce shutdown Now we need to worry about deepfake satellite images QNAP hit with AgeLocker ransomware Thanks to our episode sponsor, Aptible Compliance teams have a ton of work to do such as completing access reviews, mitigating risks, and collecting evidence towards an audit pst Aptible Comply can help automate all of those things. The last thing the compliance team should be spending time on is sharing infosec documentation. That's why we also created Rooms. Now ...
Apr 30, 2021•7 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , April 26-30, 2021, is hosted by Steve Prentice ( @stevenprentice ) with our guest, Jerich Beason ( @blanketSec ), CISO, Epiq . Thanks to our episode sponsor, Aptible What do the compliance leaders at Datadog, Pagerduty, Fullstory, Sift, PartnerStack, and many other marque companies have in common? They all understand that the ultimate goal of their work is to build trust with customers. And that's why they all use Aptible ...
Apr 29, 2021•23 min
Linux malware used to backdoor systems for years Intel and Microsoft partner to detect cryptojacking Android contact tracing logs exposed to preinstalled apps Thanks to our episode sponsor, Aptible Remember this? It's the end of the quarter which means urgent sales requests for security documentation. Well, thanks to Aptible Comply those days are over. Comply Rooms is a completely free, sales enablement tool built specifically for compliance teams to provide immediate, self-serve, and secure acc...
Apr 29, 2021•7 min
Ransomware gang threatens to expose police informants if ransom is not paid Vulnerabilities in Eaton product can allow hackers to disrupt power supply FBI shares four million email addresses used by Emotet with Have I Been Pwned Thanks to our episode sponsor, Aptible What do the compliance leaders at Datadog, Pagerduty, Fullstory, Sift, PartnerStack, and many other marque companies have in common? They all understand that the ultimate goal of their work is to build trust with customers. And that...
Apr 28, 2021•8 min
Software bug opened macOS to malware An analysis of the COMB21 password leak Authorities warn of FluBot Android malware Thanks to our episode sponsor, Aptible Compliance teams have a ton of work to do such as completing access reviews, mitigating risks, and collecting evidence towards an audit pst Aptible Comply can help automate all of those things. The last thing the compliance team should be spending time on is sharing infosec documentation. That's why we also created Rooms. Now your security...
Apr 27, 2021•7 min
Emotet malware officially removed from all infected devices globally Computer security world in mourning over death of Dan Kaminsky Password manager Passwordstate hacked to deploy malware on customer systems Thanks to our episode sponsor, Aptible Remember this? It's the end of the quarter which means urgent sales requests for security documentation. Well, thanks to Aptible Comply those days are over. Comply Rooms is a completely free, sales enablement tool built specifically for compliance teams...
Apr 26, 2021•7 min
Prometei botnet exploits Exchange server bugs Facebook wants to 'normalize' the mass scraping of personal data Microsoft 365 outage affects email delivery Thanks to our episode sponsor, Palo Alto Networks In 1666, Sir Isaac Newton famously used a prism to disperse white light into colors. Today, cloud security professionals use Prisma Cloud from Palo Alto Networks to disperse full lifecycle security and full stack protection across their multi- and hybrid-cloud environments. We think Sir Isaac w...
Apr 23, 2021•8 min
Link to Blog Post This week's Cyber Security Headlines - Week in Review , April 19-23, 2021, is hosted by Steve Prentice ( @stevenprentice ) with our guest, George Finney , CISO, Southern Methodist University Thanks to our episode sponsor, Palo Alto Networks All links and the video of this episode can be found on CISO Series.com...
Apr 22, 2021•23 min
EU weighs regulations on "high-risk" AI DOJ forms ransomware task force Facebook disrupts two state-sponsored hacking groups Thanks to our episode sponsor, Palo Alto Networks Ralph Waldo Emerson famously wrote that "It's not the destination, it's the journey." For your cloud security journey, you need a reliable partner. On April 27th, Prisma Cloud by Palo Alto Networks will be hosting Spectrum, a virtual event with sessions to help you create a comprehensive cloud security strategy. Learn more ...
Apr 22, 2021•6 min
Hundreds of networks reportedly hacked in Codecov supply-chain attack Remote code execution vulnerabilities uncovered in smart air fryer Biden administration unveils plan to defend electric sector from cyberattacks Thanks to our episode sponsor, Palo Alto Networks In Latin, the word "spectrum" means "image". Spectrum also happens to be a cloud security event that's all about container images…and CI/CD pipeline security, cloud transformation strategies, and much more. Join Prisma Cloud by Palo Al...
Apr 21, 2021•8 min
Security conferences set for in-person return Apple approves Parler's return to the App Store Geico exposed driver's license numbers for months Thanks to our episode sponsor, Palo Alto Networks In 1666, Sir Isaac Newton famously used a prism to disperse white light into colors. Today, cloud security professionals use Prisma Cloud from Palo Alto Networks to disperse full lifecycle security and full stack protection across their multi- and hybrid-cloud environments. We think Sir Isaac would approv...
Apr 20, 2021•6 min
Codecov discloses 2.5-month-long supply chain attack BazarLoader malware aims at Slack and BaseCamp users Windows 10 update causing DNS and shared folder issues Thanks to our episode sponsor, Palo Alto Networks Ralph Waldo Emerson famously wrote that "It's not the destination, it's the journey." For your cloud security journey, you need a reliable partner. On April 27th, Prisma Cloud by Palo Alto Networks will be hosting Spectrum, a virtual event with sessions to help you create a comprehensive ...
Apr 19, 2021•8 min
US pins SolarWinds attack on Cozy Bear, boots 10 Russian diplomats Second Google Chromium zero-day released on Twitter this week Google rolls out Chrome 90 with HTTPS by default Thanks to our episode sponsor, Sonatype With security concerns around software supply chains ushered to center stage in recent months, organizations around the world are turning to Sonatype as trusted advisors. The company's Nexus platform offers the only full-spectrum control of the cloud-native software development lif...
Apr 16, 2021•9 min
Link to Blog Post https://cisoseries.com/cyber-security-headlines-week-in-review-april-12-16-2021 This week's Cyber Security Headlines - Week in Review , April 12-16, 2021, is hosted by Steve Prentice ( @stevenprentice ) with our guest, Davi Ottenheimer , vp, trust and digital ethics, Inrupt . Thanks to our episode sponsor, Sonatype With security concerns around software supply chains ushered to center stage in recent months, organizations around the world are turning to Sonatype as trusted advi...
Apr 15, 2021•24 min
FBI patches Exchange server backdoors IcedID looks to fill the Emotet malware void Draft plan to improve US power grid security Thanks to our episode sponsor, Sonatype Ask any software developer, and they'll tell you the truth about two things: 1. Conventional code analysis and appsec tools are noisy and not well integrated into the dev workflow. 2: Tools that don't actually make life easier for them just add friction and are ignored. Rather than slowing devs down with process-heavy security gat...
Apr 15, 2021•7 min
Chrome Zero-Day exploit posted on Twitter April Patch Tuesday patches 114 bugs including NSA's two at 9.8 severity Cyberattacks are the number-one threat to the global financial system, Fed chair says Thanks to our episode sponsor, Sonatype With security concerns around software supply chains ushered to center stage in recent months, organizations around the world are turning to Sonatype as trusted advisors. The company's Nexus platform offers the only full-spectrum control of the cloud-native s...
Apr 14, 2021•8 min
Nvidia announces AI-powered tools for cybersecurity Biden announces nominations for cybersecurity positions Apple updates chip security mid-production Thanks to our episode sponsor, Sonatype Ask any software developer, and they'll tell you the truth about two things: 1. Conventional code analysis and appsec tools are noisy and not well integrated into the dev workflow. 2: Tools that don't actually make life easier for them just add friction and are ignored. Rather than slowing devs down with pro...
Apr 13, 2021•6 min