Link to Blog Post This week's Cyber Security Headlines – Week in Review , Jan 24-Feb 4, is hosted by Rich Stroffolino with our guest, Brian Lozada , CISO, HBOMax Thanks to our episode sponsor, Pentera Align validation to the MITRE ATT&CK framework and the OWASP Top 10. By aligning to industry standards, security teams ensure that their testing covers the latest adversary techniques. Most attacks succeed by leveraging the most common TTPs, so challenging the attack surface against these frame...
Feb 04, 2022•22 min
iPhone flaw exploited by second Israeli spy firm Target shares its own web skimming detection tool with the world MFA adoption pushes phishing actors to reverse-proxy solutions Thanks to our episode sponsor, Pentera Align validation to the MITRE ATT&CK framework and the OWASP Top 10. By aligning to industry standards, security teams ensure that their testing covers the latest adversary techniques. Most attacks succeed by leveraging the most common TTPs, so challenging the attack surface agai...
Feb 04, 2022•9 min
Iran-linked APT activity on the rise Hacker claims responsibility for North Korean internet disruptions TikTok: the once and future national security threat Thanks to our episode sponsor, Pentera To continuously know the exploitable attack surface, automate your validation. Security validation must be as dynamic as the attack surface it's securing. Periodical and manual tests aren't enough to challenge the changes an organization undergoes. Security teams need to have an on-demand view of their ...
Feb 03, 2022•7 min
Cyber attack disrupts German oil firm operations Tesla recalls Full Self Driving feature that lets cars roll through stop signs FBI recommends using burner phones at the Olympics Thanks to our episode sponsor, Pentera To understand the exploitable attack surface, security teams need to cover the full scope of potential attacks. Adversaries take the path of least resistance to the critical assets. This means using a variety of techniques to progress an attack, leveraging any vulnerability and its...
Feb 02, 2022•7 min
Your GPU knows your secrets UPnP behind Eternal Silence router campaign DeFi platform hacked for $80 million Thanks to our episode sponsor, Pentera To understand the exploitable attack surface, take the adversarial perspective. The way to know which vulnerabilities are exploitable is to…well, exploit them. This way, security teams get a concise attack vector pointing to the organization's weakest link. From here remediation requests handed to IT are focused, manageable, and based on true busines...
Feb 01, 2022•6 min
Novel device registration trick enhances multi-stage phishing attacks US bans major Chinese telecom over national security risks Over 20,000 data center management systems exposed to hackers Thanks to our episode sponsor, Pentera Pentera introduces Automated Security Validation! The newly-minted unicorn out of Israel takes a whole new approach to penetration testing - allowing every organization to continuously test the integrity of all cybersecurity layers - including against ransomware - lever...
Jan 31, 2022•8 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , Jan 24-28, is hosted by Rich Stroffolino with our guest, Gary Hayslip , CISO, Softbank Investment Advisers Thanks to our episode sponsor, deepwatch All links and the video of this episode can be found on CISO Series.com...
Jan 28, 2022•21 min
US says national water supply 'absolutely' vulnerable to hackers Microsoft mitigated a record 3.47 Tbps DDoS attack on Azure users BotenaGo Mirai botnet code leaked to GitHub Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and mi...
Jan 28, 2022•8 min
White House releases new cybersecurity strategy Trickbot gets trickier VPNLab shuttered in global takedown Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com ...
Jan 27, 2022•7 min
Canada's foreign ministry hacked Hactivists target Belarus rail system to stop Russian military buildup Segway victimized by Magecart attack Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an att...
Jan 26, 2022•7 min
SBA launches cybersecurity program Ransomware gangs step up insider recruitment American Olympians warned to take cybersecurity precautions Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an atta...
Jan 25, 2022•7 min
Ukraine attack update: experts find strategic similarities with NotPetya Molerats use Google Drive and Dropbox as attack infrastructure Senators introduce bill to protect satellites from getting hacked Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reduc...
Jan 24, 2022•8 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , Jan 17-21, is hosted by Rich Stroffolino with our guest, Julie Tsai, Cybersecurity Leader Thanks to our episode sponsor, Datadog Join Datadog in their upcoming webinar to learn how to dissect the anatomy of an attack vector in the cloud with the use of their unified Cloud Security Platform. Visit datadoghq.com/ciso to register for the webinar in the time zone most convenient for you and attendees will also get a chance to ...
Jan 21, 2022•22 min
NATO and Ukraine sign deal to boost cybersecurity Microsoft Sees Log4j attacks exploiting SolarWinds Serv-U bug Large-scale cyberattack hits the Red Cross Thanks to our episode sponsor, Datadog Join Datadog in their upcoming webinar to learn how to dissect the anatomy of an attack vector in the cloud with the use of their unified Cloud Security Platform. Visit datadoghq.com/ciso to register for the webinar in the time zone most convenient for you and attendees will also get a chance to win a Dat...
Jan 21, 2022•8 min
CISA warns of data-wiping attacks EU working on its own DNS service Biden expands the NSA's cybersecurity purview Thanks to our episode sponsor, Datadog In Datadog 's upcoming webinar, you'll learn how to best utilize the suite of Datadog Cloud Security products to identify the root cause of an attack and how a unified platform provides real-time threat-detection and continuous configuration audits across applications, hosts, containers and cloud infrastructure. Visit datadoghq.com/ciso to regis...
Jan 20, 2022•7 min
Beijing 2022 Winter Olympics app loaded with privacy risks Europol shuts down cybercriminals' VPN service of choice Newspaper accuses Israeli police of spying on its own citizens Thanks to our episode sponsor, Datadog Join Datadog in their upcoming webinar to learn how to dissect the anatomy of an attack vector in the cloud with the use of their unified Cloud Security Platform. Visit datadoghq.com/ciso to register for the webinar in the time zone most convenient for you and attendees will also g...
Jan 19, 2022•8 min
Ukraine points fingers in recent cyber attacks Another dark web marketplace calls it quits Renewable energy targeted for cyber espionage Thanks to our episode sponsor, Datadog In Datadog 's upcoming webinar, you'll learn how to best utilize the suite of Datadog Cloud Security products to identify the root cause of an attack and how a unified platform provides real-time threat-detection and continuous configuration audits across applications, hosts, containers and cloud infrastructure. Visit data...
Jan 18, 2022•6 min
Microsoft discloses malware attack on Ukraine government networks New unpatched Apple Safari browser bug allows cross-site user tracking Now you can get your vulnerability alerts by phone Thanks to our episode sponsor, Datadog Join Datadog in their upcoming webinar to learn how to dissect the anatomy of an attack vector in the cloud with the use of their unified Cloud Security Platform. Visit datadoghq.com/ciso to register for the webinar in the time zone most convenient for you and attendees wi...
Jan 17, 2022•8 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , Jan 10-14, is hosted by Rich Stroffolino with our guest, Tyler Young , Director, Information Security, Relativity Thanks to our episode sponsor, BlackBerry All links and the video of this episode can be found on CISO Series.com...
Jan 14, 2022•20 min
New undetected backdoor runs across three OS platforms Microsoft RDP bug enables data theft, smart-card hijacking Ukrainian police arrests ransomware gang that hit over 50 firms Thanks to our episode sponsor, BlackBerry CISO's…Listen Up. Is your team challenged with distinguishing threat signal from noise, reducing cyber costs and finding security talent? We're here to help. BlackBerry ® Guard is a Managed Extended Detection & Response(XDR) service that merges the Cylance artificial intellig...
Jan 14, 2022•8 min
EU planning supply chain attack simulations TellYouThePass ransomware returns A look at Senate confirmations for cyber positions Thanks to our episode sponsor, BlackBerry With ransomware attacks like REvil, DarkSide, Conti, and recently Log4Shell, how confident are you in your cyber solution to prevent threats today and into the future? With BlackBerry 's Prevention-First endpoint security, we prevent breaches vs responding to and mitigating future attacks. With our Cylance Artificial Intelligen...
Jan 13, 2022•7 min
Apple to allow third-party app payment options in South Korea Hotel chain switches to Chrome OS to recover from ransomware attack Hackers leveraging Log4j to install NightSky ransomware Thanks to our episode sponsor, BlackBerry Cybersecurity Professionals… Listen up. Ransomware is on the rise and you can't afford to rely on ineffective endpoint technology to PREVENT attacks. With BlackBerry 's 7th generation Artificial Intelligence(AI) and Machine Learning(ML) technology powered by Cylance, mali...
Jan 12, 2022•8 min
Open source developer poisons his own well Hacker group self-pwns Microsoft finds TCC bypass vulnerability in macOS Thanks to our episode sponsor, BlackBerry CISO's…Listen Up. Is your team challenged with distinguishing threat signal from noise, reducing cyber costs and finding security talent? We're here to help. BlackBerry ® Guard is a Managed Extended Detection & Response(XDR) service that merges the Cylance artificial intelligence cybersecurity platform with 24x7 support from award winni...
Jan 11, 2022•7 min
Hackers have been sending malware-filled USB sticks to U.S. companies disguised as gifts Swiss army asks its personnel to use the Threema instant-messaging app Norton 360 faces blowback for crypto feature Thanks to our episode sponsor, BlackBerry Cybersecurity Professionals… Listen up. Ransomware is on the rise and you can't afford to rely on ineffective endpoint technology to PREVENT attacks. With BlackBerry 's 7th generation Artificial Intelligence(AI) and Machine Learning(ML) technology power...
Jan 10, 2022•9 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , Jan 3-7, is hosted by Rich Stroffolino with our guest, Adam Glick , CISO, SimpliSafe Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the ove...
Jan 07, 2022•18 min
Honda, Acura cars hit by Y2K22 bug that rolls back clocks New trick could let malware fake iPhone shutdown to spy on users secretly Attackers exploit flaw in Google Docs' comments feature Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware...
Jan 07, 2022•8 min
Microsoft's digital signature verification exploited New York AG warns of credential stuffing attacks Google acquires Siemplify Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have....
Jan 06, 2022•6 min
FTC warns of potential penalties for failing to fix Log4j flaws UScellular discloses data breach after billing system hack SlimPay fined for exposing data of 12 million customers for 5 years Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomw...
Jan 05, 2022•8 min
Broward Health discloses major data breach Beware of the command line copy-paste backdoor HomeKit bug can crash iOS devices Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Vis...
Jan 04, 2022•7 min
Microsoft Exchange year 2022 bug breaks email delivery Uber email breach allows anyone to email as Uber Crypto security breaches cause $4.25 billion in losses in 2021 Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing...
Jan 03, 2022•7 min
