Link to Blog Post This week's Cyber Security Headlines – Week in Review , Nov 15-19, is hosted by Sean Kelly with our guest, Richard Rushing , CISO, Motorola Mobility Thanks to our episode sponsor, Vulcan Cyber All links and the video of this episode can be found on CISO Series.com...
PerSwaysion phishing campaign still ongoing, and pervasive FBI: FatPipe VPN zero-day exploited by APT for 6 months RedCurl corporate espionage hackers resume attacks with updated tools Thanks to our episode sponsor, Vulcan Cyber The fact that CISA felt the need to release the massive "Known Exploited Vulnerabilities Catalog" recently says everything we need to know about the state of our collective cyber debt. Attend the Vulcan Cyber virtual summit on December 9th and learn how your peers are wo...
CISA releases cyber response playbooks Exec pleads guilty on internet address fraud Iranian ransomware targeting US organizations Thanks to our episode sponsor, Vulcan Cyber Vulnerability scanners are commoditized. Cloud service providers provide free scanners. Open source scanners are plentiful. Your team doesn't need another scanner, but they need to get better at identifying and prioritizing the risk that is buried in that scan data. Attend the Vulcan Cyber virtual user conference and learn h...
Emotet botnet makes comeback with help from TrickBot Leaked Robinhood customer data now up for sale WordPress sites defaced in fake ransomware attacks Thanks to our episode sponsor, Vulcan Cyber Matt Hurewitz is the associate director of application security at Best Buy. Matt has a theory that a risk-based approach to application security is more effective than a faith-based approach. We agree. Attend the Vulcan Cyber virtual summit on December 9th to hear how Matt and the Best Buy team approach...
DHS launches program to close cyber talent gap China expands cybersecurity review requirements Microsoft blocks Edge redirects Thanks to our episode sponsor, Vulcan Cyber Ryan Gurney spent years as CSO and security exec for companies like Google Looker, Zendesk, Engine Yard, and eBay. Ryan has seen a few things and is done pretending cyber security is something it isn't. Attend the Vulcan Cyber virtual summit on December 9th to get Ryan's take on the difference between negligent and effective cy...
FBI email system reportedly hacked to send fake DHS cyberattack messages FBI email hacker blames poor coding US Education Department urged to boost K-12 schools' ransomware defenses Thanks to our episode sponsor, Vulcan Cyber Cyber risk isn't easy to quantify, much less mitigate. Use the same approach endorsed by leading security teams at Honeywell, Zoom, and Wells Fargo to tackle cyber risk. Attend the Vulcan Cyber virtual summit on December 9th and learn how the new Vulcan Security Posture Rat...
Link to Blog Post This week's Cyber Security Headlines - Week in Review , Nov 8-12, is hosted by Rich Stroffolino with our guest, John Overbaugh , CISO, Alpine Software Group Thanks to our episode sponsor, Vulcan Cyber The fact that CISA felt the need to release the massive "Known Exploited Vulnerabilities Catalog" recently says everything we need to know about the state of our collective cyber debt. Attend the Vulcan Cyber virtual summit on December 9th and learn how your peers are working to t...
EU pharmaceutical giants run old, vulnerable apps and fail to use encryption in login forms Gmail accounts are used in 91% of all baiting email attacks Microsoft warns of uptick in HTML smuggling Thanks to our episode sponsor, Vulcan Cyber The fact that CISA felt the need to release the massive "Known Exploited Vulnerabilities Catalog" recently says everything we need to know about the state of our collective cyber debt. Attend the Vulcan Cyber virtual summit on December 9th and learn how your p...
Trend Micro details long running hacker-for-hire group WP Reset PRO plugin works a little too well Zero-day found in Palo Alto Networks security appliances Thanks to our episode sponsor, Vulcan Cyber Vulnerability scanners are commoditized. Cloud service providers provide free scanners. Open source scanners are plentiful. Your team doesn't need another scanner, but they need to get better at identifying and prioritizing the risk that is buried in that scan data. Attend the Vulcan Cyber virtual u...
Robinhood breach impacts millions of customers Meta shares bullying and harassment numbers for the first time Meta to remove sensitive ad-targeting categories as new bill takes aim at online platform algorithms Thanks to our episode sponsor, Vulcan Cyber Matt Hurewitz is the associate director of application security at Best Buy. Matt has a theory that a risk-based approach to application security is more effective than a faith-based approach. We agree. Attend the Vulcan Cyber virtual summit on ...
US infrastructure bill includes cybersecurity provisions Chipmakers respond to US call for supply chain info REvil hackers arrested Thanks to our episode sponsor, Vulcan Cyber Ryan Gurney spent years as CSO and security exec for companies like Google Looker, Zendesk, Engine Yard, and eBay. Ryan has seen a few things and is done pretending cyber security is something it isn't. Attend the Vulcan Cyber virtual summit on December 9th to get Ryan's take on the difference between negligent and effecti...
Feds likely to fall short of deadline for strengthening encryption, multifactor authentication Experts spot phishing campaign impersonating security firm Proofpoint Facebook outage a prime example of insider threat by machine Thanks to our episode sponsor, Vulcan Cyber Cyber risk isn't easy to quantify, much less mitigate. Use the same approach endorsed by leading security teams at Honeywell, Zoom, and Wells Fargo to tackle cyber risk. Attend the Vulcan Cyber virtual summit on December 9th and l...
Link to Blog Post This week's Cyber Security Headlines – Week in Review , Nov 1-5, is hosted by Rich Stroffolino with our guest, Davi Ottenheimer , vp, trust and digital ethics, Inrupt Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021 , a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test ...
Expired certificate breaks Windows 11 snipping tool, emoji panel, and more Iranian hacking group leaks patient and LGBTQ info Popular 'coa' npm library hijacked to steal user passwords Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021 , a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test ...
CISA creates exploited bug catalog Bots used to scam 2FA codes US sanctions companies selling hacking tools Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021 , a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test your skills and win prizes in the 24-hr CLOUDSEC Challenge, a hands-on immers...
Facebook deletes 1 billion faceprints in Face Recognition shutdown Tesla recalls nearly 12,000 vehicles due to software error Android patches actively exploited zero-day kernel bug Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021 , a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test your...
Cyberattack disrupts healthcare in Canadian provinces Researchers discover Pink botnet Facebook takes down government-run troll farm in Nicaragua Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021 , a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test your skills and win prizes in the 24-hr...
Iranian Black Shadow hacking group breaches Israeli Internet hosting firm All Windows versions impacted by new LPE zero-day vulnerability International jeweler Graff hit by Conti gang, with data of its rich clients at risk Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021 , a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored t...
Link to Blog Post This week's Cyber Security Headlines – Week in Review , Oct 25-29, is hosted by Rich Stroffolino with our guest, Jason Fruge , CISO, Rent-a-Center Thanks to our episode sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-...
Android spyware spreading as antivirus software in Japan Half of home workers buy potentially insecure technology EU investigating leak of private key used to forge Covid passes And now a word from our sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hyb...
Chinese surveillance tech pulled from US retailers Microsoft warns of rise in password spraying attacks The FTC is looking into the Facebook Files And now a word from our sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-cloud environmen...
Iranian gas stations out of service after cyberattack Nevada and North Dakota top cybercrime lists Researcher cracked 70% of sampled WiFi networks And now a word from our sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-cloud environmen...
Microsoft report on Nobelium Healthcare organizations struggle with breaches ProtonMail wins appeal on surveillance data And now a word from our sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-cloud environments. Replace your tradition...
Crypto-miner and malware found hidden inside npm libraries Facebook sues Ukrainian who scraped the data of 178 million users BlackMatter ransomware victims quietly helped using secret decryptor And now a word from our sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those ...
Link to Blog Post This week's Cyber Security Headlines – Week in Review , Oct 18-22, is hosted by Rich Stroffolino with our guest, Matthew Southworth , CISO, Priceline Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Want to know what we learned from analyzing 2 million malicious emails? At Tessian's Human Layer Summit you'll hear about new threat intelligence into the state of spear phishing. Guest speakers from TrustedSec and KnowBe4 will discuss what kind of attacks ...
Cybercrime matures as hackers are forced to work smarter FIN7 tries to trick pentesters into launching ransomware attacks China VPN exposes data for 1M users Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Want to know what we learned from analyzing 2 million malicious emails? At Tessian's Human Layer Summit you'll hear about new threat intelligence into the state of spear phishing. Guest speakers from TrustedSec and KnowBe4 will discuss what kind of attacks are gettin...
Russian firms see DDoS spike Sinclair hack linked to Russian organization Microsoft expires old Windows updates Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Want to get the latest security insights from Cisco, Forrester, Intercontinental Exchange and Knowbe4? At Tessian's Human Layer Security Summit you'll get fresh insights and actionable advice to help you build an effective, future proof security strategy. Hear from top CISOs and InfoSec Leaders who will speak on...
Ransomware reports signal lack of preparedness and willingness to pay Acer hacked twice in a week by the same threat actor FCC takes aim at spam texts Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Worried if your security stack is enough for today's attack landscape? A recent Forrester Consulting study says, Human Layer Security could be the missing link. At Tessian's Human Layer Security Summit , hear why a commissioned study conducted by Forrester Consulting on beh...
Sinclair TV disrupted by ransomware Water system proves easy target for ransomware REvil shuts down… again Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Want to know what we learned from analyzing 2 million malicious emails? At Tessian's Human Layer Summit you'll hear about new threat intelligence into the state of spear phishing. Guest speakers from TrustedSec and KnowBe4 will discuss what kind of attacks are getting through typical enterprise defences, what that me...
Missouri Governor vows to prosecute St. Louis Post-Dispatch for reporting security vulnerability NFTs now come with wallet-emptying malware Experts hack a fully patched iOS 15 running on iPhone 13 at China's Tianfu Cup hacking contest Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Calling all security trailblazers! Want to get the latest security insights from Cisco, Forrester, Intercontinental Exchange and Knowbe4? At Tessian's Human Layer Security Summit you'll get ...
