Cybersecurity Headlines - podcast cover

Cybersecurity Headlines

CISO Seriescisoseries.com
Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
Last refreshed:
Download Metacast podcast app
Podcasts are better in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episodes

October 4, 2021

Transnational fraud ring stole millions from Army members, veterans Canadian vaccine passport app exposes data Business leaders admit willingness to pay five-figure ransoms Thanks to our episode sponsor, Votiro Your users need to accept and open files to do their jobs. Keep them safe and productive with Votiro . With Votiro, your users can download and use any file instantly, from PDF to Autodesk CAD, with malicious code already removed—and full file usability intact. The signatureless, agentles...

Oct 04, 20218 min

Week in Review - Sep 27-Oct 1, 2021

Link to Blog Post This week's Cyber Security Headlines – Week in Review , Sep 27-Oct-1, is hosted by Rich Stroffolino with our guest, Steve Zalewski , co-host, Defense in Depth Thanks to our episode sponsor, VMware ACCELERATE YOUR OWN ZERO TRUST JOURNEY. The strongest defense against modern threats comes from a Zero Trust posture. The trick is getting there — quickly and easily — from where you already are. At VMworld 2021 we'll show you how we help you operationalize Zero Trust whatever your st...

Oct 01, 202124 min

October 1, 2021

New leak of Epik data exposes company's entire server New Azure AD bug lets hackers brute-force passwords without getting caught Contactless payment card hack affects Apple Pay, Visa Thanks to our episode sponsor, VMware DO YOU KNOW ANYONE ON THE DEVELOPMENT TEAM WHO'D SAY, 'SECURITY SHOULD BE EVERYONE'S RESPONSIBILITY? Probably not. That's why Forrester and VMware have done some new research that dives into how the Development team perceives Security and what Security teams can do to make the r...

Oct 01, 20218 min

September 30, 2021

Ransomware gangs cause headaches for hacker forums too Don't look a Grifthorse in the mouth Ransomware's impact on patient care Thanks to our episode sponsor, VMware INCIDENT RESPONSE FIRMS ENGAGE POST-BREACH – IT'S A FASCINATING VANTAGE POINT WITH LESSONS TO LEARN. Join me and thousands of our peers at VMworld 2021 to hear Dr. Amelia Estwick, Director of Threat Research here at VMware, share her perspective on the ground truth for organizations that have experienced breaches. Not to be missed! ...

Sep 30, 20217 min

September 29, 2021

Microsoft 365 MFA outage locks users out of their accounts Exploit released for VMware vulnerability after CISA warning Crypto developer pleads guilty to North Korean plot Thanks to our episode sponsor, VMware PREPARE FOR THE POST-PANDEMIC THREAT LANDSCAPE. At VMworld 2021 , you'll gain fresh insight and actionable knowledge to help keep your focus on building resilient, cyber-vigilant teams that can proactively detect, prevent, mitigate, and remediate these attacks. The Security Track has 150+ ...

Sep 29, 20219 min

September 28, 2021

Russia muscling Big Tech Data on billions of Clubhouse and Facebook users up for sale Malware targets gamer accounts Thanks to our episode sponsor, VMware BEFORE YOU BUILD AND EVOLVE WHAT COMES NEXT – YOU HAVE TO IMAGINE IT. Join me and thousands of our peers at VMworld 2021 , the virtual conference where we share how innovation across the VMware portfolio helps make your vision a reality. Register now and join us at vmware.com/vmworld...

Sep 28, 20217 min

September 27, 2021

Researcher drops three iOS zero-days that Apple refused to fix Microsoft releases rollback fix for updates New Cooperative ransomware negotiations get hijacked Thanks to our episode sponsor, VMware DO YOU KNOW ANYONE ON THE DEVELOPMENT TEAM WHO'D SAY, 'SECURITY SHOULD BE EVERYONE'S RESPONSIBILITY? Probably not. That's why Forrester and VMware have done some new research that dives into how the Development team perceives Security and what Security teams can do to make the right thing easy. We are...

Sep 27, 20218 min

Week in Review - Sep 20-24, 2021

Link to Blog Post This week's Cyber Security Headlines – Week in Review , Sep 20-24, 2021, is hosted by Rich Stroffolino with our guest, Brett Conlon , CISO, Edelman Financial Engines Thanks to our episode sponsor, Kanu Solutions Over the next few weeks Kanu Solutions is offering a series of educational sessions on a variety of topics in security, such as endpoints, networks, privileged access management, Internet of things, and governance, risk management and compliance, or GRC. Attend these se...

Sep 24, 202122 min

September 24, 2021

Second farming cooperative shut down by ransomware this week Canadian VoIP provider battles massive DDoS attack REvil double-crosses ransomware affiliates using sneaky backdoor tactics Thanks to our episode sponsor, Kanu Solutions Over the next few weeks Kanu Solutions is offering a series of educational sessions on a variety of topics in security, such as endpoints, networks, privileged access management, Internet of things, and governance, risk management and compliance, or GRC. Attend these s...

Sep 24, 20219 min

September 23, 2021

Let's Encrypt root certificate may cause problems for older devices Now we have to worry about PhaaS Time to patch all the VMware things Thanks to our episode sponsor, Kanu Solutions Over the next few weeks Kanu Solutions is offering a series of educational sessions on a variety of topics in security, such as endpoints, networks, privileged access management, Internet of things, and governance, risk management and compliance, or GRC. Attend these sessions to get some savvy education from the sec...

Sep 23, 20217 min

September 22, 2021

Capoae malware brute-forces WordPress sites for cryptomining Malicious email surge predicted for Q4 Farming group warns of supply chain chaos after ransomware attack Thanks to our episode sponsor, Kanu Solutions Over the next few weeks Kanu Solutions is offering a series of educational sessions on a variety of topics in security, such as endpoints, networks, privileged access management, Internet of things, and governance, risk management and compliance, or GRC. Attend these sessions to get some...

Sep 22, 20217 min

September 21, 2021

Google expands app permissions reset Epik confirms it got hacked Telegram suspends Russian election bots Thanks to our episode sponsor, Kanu Solutions Over the next few weeks Kanu Solutions is offering a series of educational sessions on a variety of topics in security, such as endpoints, networks, privileged access management, Internet of things, and governance, risk management and compliance, or GRC. Attend these sessions to get some savvy education from the security experts at Kanu Solutions....

Sep 21, 20217 min

September 20, 2021

Email scammers posed as DOT officials in phishing messages focused on $1 trillion bill A new banking Trojan abuses YouTube for remote configuration Admin of DDoS service behind 200,000 attacks faces serious prison time Thanks to our episode sponsor, Kanu Solutions Over the next few weeks Kanu Solutions is offering a series of educational sessions on a variety of topics in security, such as endpoints, networks, privileged access management, Internet of things, and governance, risk management and ...

Sep 20, 20218 min

Week in Review - Sep 13-17, 2021

Link to Blog Post This week's Cyber Security Headlines – Week in Review , Sep 13-17, 2021, is hosted by Rich Stroffolino with our guest, Geoff Belknap , CISO, LinkedIn Thanks to our episode sponsor, Sonrai Sonrai is changing Public Cloud Security by focusing on protecting data from over-privileged human and non-human identities. Sonrai provides a single pane of glass built on an analytic platform that protects organizations by leveraging CSPM, CIEM, and cloud DLP at the confidence level required...

Sep 17, 202123 min

September 17, 2021

New Windows security updates break network printing Bitdefender releases decryptor as REvil shows signs of return Biden announces joint deal with U.K. and Australia to counter China Thanks to our episode sponsor, Sonrai Are you a security expert who's afraid to admit you don't know what the heck is going on in your cloud? Relax. Public cloud security is overwhelming. Figuring out where to start, and what to do to track and improve your security posture, is the first step. Sonrai tracks everythin...

Sep 17, 20218 min

September 16, 2021

Travis CI security vulnerability is bad news for open source Ransomware accounts for a quarter of cyber insurance claims Microsoft goes passwordless Thanks to our episode sponsor, Sonrai Sonrai is changing Public Cloud Security by focusing on protecting data from over-privileged human and non-human identities. Sonrai provides a single pane of glass built on an analytic platform that protects organizations by leveraging CSPM, CIEM, and cloud DLP at the confidence level required by your environmen...

Sep 16, 20217 min

September 15, 2021

Apple issues urgent updates to fix new zero-day linked to Pegasus spyware Update Google Chrome to patch 2 new zero-day flaws under attack New Zloader attacks disable Windows Defender to evade detection Thanks to our episode sponsor, Sonrai Sonrai is gaelic for data - and that's what Sonrai Security is all about. Finding, classifying, and locking down sensitive data in AWS, Azure, or Google Cloud. Sonrai can see every identity's path to every piece of data - continuously. Learn more at sonraisecu...

Sep 15, 20218 min

September 14, 2021

SSID Stripping is a new take on spoofing Industrial control systems hammered by cyber attacks Olympus has fallen...to ransomware Thanks to our episode sponsor, Sonrai Are you a security expert who's afraid to admit you don't know what the heck is going on in your cloud? Relax. Public cloud security is overwhelming. Figuring out where to start, and what to do to track and improve your security posture, is the first step. Sonrai tracks everything in your cloud - sensitive data, identities, and pla...

Sep 14, 20217 min

September 13, 2021

Windows MSHTML zero-day exploits shared on hacking forums REvil ransomware operators targeting new victims Yandex pummeled by Meris DDoS botnet Thanks to our episode sponsor, Sonrai Are you a security expert who's afraid to admit you don't know what the heck is going on in your cloud? Relax. Public cloud security is overwhelming. Figuring out where to start, and what to do to track and improve your security posture, is the first step. Sonrai tracks everything in your cloud - sensitive data, iden...

Sep 13, 20218 min

Week in Review - Sep 6-10, 2021

Link to Blog Post This week's Cyber Security Headlines – Week in Review , Sep 6-10, 2021, is hosted by Rich Stroffolino with our guest, Matt Crouse , CISO, Taco Bell Thanks to our episode sponsor, Semperis One thing we've learned from attacks like SolarWinds: Cybercriminals can lurk in your Active Directory environment for weeks or months before dropping malware. How do you root them out? First, you need to uncover security gaps in Active Directory that can lead to a breach. Download Purple Knig...

Sep 10, 202125 min

September 10, 2021

US considers limiting CISA director's term 'Azurescape' Kubernetes attack allows cross-container cloud compromise Hackers leak VPN account passwords from 87,000 FortiGate devices Thanks to our episode sponsor, Semperis One thing we've learned from attacks like SolarWinds: Cybercriminals can lurk in your Active Directory environment for weeks or months before dropping malware. How do you root them out? First, you need to uncover security gaps in Active Directory that can lead to a breach. Downloa...

Sep 10, 20218 min

September 9, 2021

Brad Smith relives early days of the SolarWinds attack Internet Explorer zero-days are still something to worry about German police bought NSO Pegasus spyware Thanks to our episode sponsor, Semperis Have you fixed PrintNightmare yet? Ransomware groups including Vice Society are already exploiting this critical flaw in the Windows Print Spooler service. But you can fight back: Download Purple Knight , a free Active Directory security assessment tool that scans your environment for PrintNightmare ...

Sep 09, 20217 min

September 8, 2021

Ransomware gang threatens to leak data if victim contacts FBI, police Personal details of French visa applicants exposed by cyber-attack Brazil President Bolsonaro restricts powers of social media companies to remove accounts and content Thanks to our episode sponsor, Semperis It's no secret that Active Directory is a prime target for cybercriminals: AD is more than 20 years old, and security settings can get sloppy over time. If you haven't checked your Active Directory environment for risky se...

Sep 08, 20218 min

September 7, 2021

ProtonMail shares user IP address with law enforcement IoT attacks double in six months Study looks at criteria for ransomware targeting Thanks to our episode sponsor, Semperis How would your organization score in an Active Directory security assessment? The average grade for first-time users of Purple Knight , a free security assessment tool from Semperis, is about 68%—a barely passing grade. Security and identity managers are shocked at the security gaps this tool has uncovered. But with knowl...

Sep 07, 20217 min

September 6, 2021

Cyber Command urges patching of massively exploited Confluence bug DDoS hits New Zealand – back up again in 30 minutes Salesforce email service used for phishing campaign Thanks to our episode sponsor, Semperis Do you know your Active Directory security vulnerabilities? Cybercriminals love to exploit Active Directory: It has dozens of security gaps because of misconfigurations and new sophisticated hacking tools. But hang on, help is on the way: Download Purple Knight , a free Active Directory s...

Sep 06, 20218 min

Week in Review - Aug 30-Sep 3, 2021

Link to Blog Post This week's Cyber Security Headlines – Week in Review , Aug 30-Sep 3, 2021, is hosted by Steve Prentice with our guest, Marnie Wilking , Global Head of Security & Technology Risk Management, Wayfair Thanks to our episode sponsor, Semperis All links and the video of this episode can be found on CISO Series.com...

Sep 03, 202124 min

September 3, 2021

WhatsApp faces $267M fine for breaching Europe's GDPR UK VoIP telcos disrupted by cyberattacks White House doubles down on holiday cyberattack warnings Thanks to our episode sponsor, Semperis One thing we've learned from attacks like SolarWinds: Cybercriminals can lurk in your Active Directory environment for weeks or months before dropping malware. How do you root them out? First, you need to uncover security gaps in Active Directory that can lead to a breach. Download Purple Knight , a free se...

Sep 03, 20218 min

September 2, 2021

BrakTooth bites major SoC vendors The cost of ransomware to schools Posts surrounding January 6th disappear from Facebook data Thanks to our episode sponsor, Semperis Have you fixed PrintNightmare yet? Ransomware groups including Vice Society are already exploiting this critical flaw in the Windows Print Spooler service. But you can fight back: Download Purple Knight , a free Active Directory security assessment tool that scans your environment for PrintNightmare and more than 70 other attack in...

Sep 02, 20217 min

September 1, 2021

QNAP announces OpenSSL bugs fallout Cyberattackers are now quietly selling off their victim's internet bandwidth Indonesian government's Covid-19 app accidentally exposes over 1 million people Thanks to our episode sponsor, Semperis It's no secret that Active Directory is a prime target for cybercriminals: AD is more than 20 years old, and security settings can get sloppy over time. If you haven't checked your Active Directory environment for risky settings, you might be in for a surprise. To fi...

Sep 01, 20218 min

August 31, 2021

Manual Windows 11 installs might not get updates LockBit to publish Bangkok Air customer data Intermittent encryption hopes to make ransomware worse Thanks to our episode sponsor, Semperis How would your organization score in an Active Directory security assessment? The average grade for first-time users of Purple Knight , a free security assessment tool from Semperis, is about 68%—a barely passing grade. Security and identity managers are shocked at the security gaps this tool has uncovered. Bu...

Aug 31, 20217 min
Hosted on Libsyn
For the best experience, listen in Metacast app for iOS or Android