Microsoft says Ukraine, Poland targeted with novel ransomware attack Wi-Fi spy drones snoop on financial firm Indian power generation giant Tata Power hit by a cyber attack Thanks to this week's episode sponsor, SafeBase Security questionnaires. If those two words sent a shiver down your spine, you need to check out SafeBase . SafeBase's Smart Trust Center is a centralized source of truth for your organization's security and compliance information. After implementing SafeBase, many companies see...
Oct 17, 2022•7 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , October 10-14, is hosted by Rich Stroffolino with our guest, Matt Honea , Head Of Security, SmartNews Thanks to today's episode sponsor, NoName Security Prevent API attacks in real-time with automated AI and ML-based detection from Noname Security . Monitor API traffic for data leakage, data tampering, data policy violations, suspicious behavior, and API security attacks. Integrate with your existing IT workflow management...
Oct 14, 2022•24 min
Polonium APT targets Israel with a new custom backdoor dubbed PapaCreep RSA Conference reveals CISO-Board relationships UK government urges action to enhance supply chain security Thanks to today's episode sponsor, Noname Security Prevent API attacks in real-time with automated AI and ML-based detection from Noname Security . Monitor API traffic for data leakage, data tampering, data policy violations, suspicious behavior, and API security attacks. Integrate with your existing IT workflow manage...
Oct 14, 2022•8 min
Npm timing attack could impact supply chain Legit software used to spread malicious WhatsApp mod Mango Markets hit by $100 million hack Thanks to today's episode sponsor, Noname Security Are you sure your APIs are secure? Noname Security discovers all the APIs running on your network and analyzes them to spot design flaws, misconfigurations, and vulnerabilities. You can even catalog sensitive data and quickly see how many APIs are able to access credit card data, phone numbers, SSNs, and other s...
Oct 13, 2022•7 min
UK warns of Chinese global security threat Toyota data leak impacts 300,000 customers CISOs at risk of being overworked Thanks to today's episode sponsor, Noname Security Stop API vulnerabilities before production with Noname Security. Automatically run over 100 dynamic tests that simulate malicious traffic, including the OWASP API Top Ten. Integrate with your existing CI/CD pipelines and tools, such as Jenkins and Postman, as well as all your ticketing and workflow tools such as ServiceNow, Sla...
Oct 12, 2022•7 min
Finger heat can leak your password US airport sites targeted by KillNet Intel confirms UEFI leak Thanks to today's episode sponsor, Noname Security Prevent API attacks in real-time with automated AI and ML-based detection from Noname Security . Monitor API traffic for data leakage, data tampering, data policy violations, suspicious behavior, and API security attacks. Integrate with your existing IT workflow management system like Jira, ServiceNow, or Slack for seamless remediation. Learn more at...
Oct 11, 2022•7 min
Fortinet warns admins to patch critical auth bypass bug immediately Windows 11 22H2 errors break provisioning Security chiefs fear 'CISO scapegoating' following Uber-Sullivan verdict Thanks to today's episode sponsor, Noname Security Are you sure your APIs are secure? Noname Security discovers all the APIs running on your network and analyzes them to spot design flaws, misconfigurations, and vulnerabilities. You can even catalog sensitive data and quickly see how many APIs are able to access cre...
Oct 10, 2022•8 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , October 3-7, is hosted by Sean Kelly , with our guest, Patrick Benoit , VP, Global Cyber, GRC/BISO, CBRE Thanks to this week's episode sponsor, Hunters Hunters is a SaaS platform, purpose built for Security Operation teams. Providing unlimited data ingestion and normalization at a predictable cost, Hunters helps SOC teams mitigate real threats faster and more reliably than SIEM. Visit Hunters.ai to learn more. All links an...
Oct 07, 2022•26 min
Former Uber security chief found guilty of data breach coverup Optus confirms 2.1 million ID numbers exposed in data breach Retailer Easylife fined £1.5m for data protection breaches Thanks to today's episode sponsor, Hunters Hunters is a SaaS platform, purpose built for Security Operation teams. Providing unlimited dataingestion and normalization at a predictable cost, Hunters helps SOC teams mitigate real threats faster and more reliably than SIEM. Visit Hunters.ai to learn more. For the stori...
Oct 07, 2022•7 min
CommonSpirit Health hit with "IT security issue" MySQL servers backdoored Fraud hitting P2P payment apps Thanks to today's episode sponsor, Hunters Hunters is a SaaS platform, purpose built for Security Operation teams. Providing unlimited dataingestion and normalization at a predictable cost, Hunters helps SOC teams mitigate real threats faster and more reliably than SIEM. Visit Hunters.ai to learn more....
Oct 06, 2022•7 min
Musk offers to proceed with Twitter deal TikTok security deal becomes a political pawn Netwalker ransomware affiliate sentenced to 20 years in prison Thanks to today's episode sponsor, Hunters Hunters is a SaaS platform, purpose built for your Security Operation team. Cimpress, theparent company of VistaPrint, implemented Hunters SOC Platform to replace its SIEM. Thanks to Hunters, Cimpress no longer needs to babysit alerts and detection logic – they've improved their SOC's efficiency, and optim...
Oct 05, 2022•7 min
LA school data published on leak site Exchange zero-day mitigations bypassed Supreme Court will look legal protections for apps and sites Thanks to today's episode sponsor, Hunters Hunters helps your security team overcome data volume and complexity – while significantlyreducing false positives. Upwork uses Hunters SOC Platform to "remain threat focused". Because of Hunters, Upwork has been able to stop going through the daily repetitive task of looking at alerts, and doing repetitive, manual in...
Oct 04, 2022•7 min
Microsoft confirms two Exchange Server zero days are being used in cyberattacks Lazarus hackers abuse Dell driver bug using new FudModule rootkit Ex-NSA employee charged with violating Espionage Act, selling U.S. cyber secrets Thanks to today's episode sponsor, Hunters Hunters is a SaaS platform, purpose built for Security Operation teams. Providing unlimited dataingestion and normalization at a predictable cost, Hunters helps SOC teams mitigate real threats faster and more reliably than SIEM. V...
Oct 03, 2022•8 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , September 26-30, is hosted by Rich Stroffolino with our guest, Sara Lazarus , VP and head of trust and security, Stavvy Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped f...
Sep 30, 2022•25 min
Finnish intelligence warns Russia 'highly likely' to turn to cyber in winter Researchers uncover covert attack campaign targeting military contractors IRS warns of "industrial scale" smishing surge Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipp...
Sep 30, 2022•8 min
Leaked ransomware builder used in attacks Cloudflare hopes Turnstile can replace CAPTCHAs Fast Company goes dark after cyber attack Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything – in...
Sep 29, 2022•7 min
Lazarus Group targets macOS users Geopolitics behind recent DDoS surge Meta takes on influence networks Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything – including Microsoft 365. Learn...
Sep 28, 2022•7 min
Jamf buys ZecOps Porn phishing scam turns into a DDoS Cloudflare announced secure eSIM offering Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything – including Microsoft 365. Learn more at...
Sep 27, 2022•7 min
London Police arrest 17-year-old hacker suspected of Uber and GTA 6 breaches Microsoft SQL servers hacked in TargetCompany ransomware attacks Attackers impersonate CircleCI platform to compromise GitHub accounts Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-prot...
Sep 26, 2022•9 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , September 19-23, is hosted by Rich Stroffolino with our guest, Joseph Lewis , Director, Cyber Assessment Strategy, US Department of Energy Thanks to this week's sponsor, 6clicks 6clicks is your AI-powered GRC platform, featuring a fully integrated content library. 6clicks provides organizations with a powerful GRC platform to build highly scalable risk and compliance functions and advisors with the tools to streamline and ...
Sep 23, 2022•22 min
MFA Fatigue: Hackers' new favorite tactic in high-profile breaches Senate reports details inefficiencies, confusion at key U.S. counterintelligence center Australian telco Optus suffers massive data breach Thanks to today's episode sponsor, 6clicks With 6clicks , organizations can manage enterprise risk easier than ever before. 6clicks helps you identify your risks, group them into risk registers, and run risk assessments. It highlights causes and potential impacts, outlines risk treatment plans...
Sep 23, 2022•8 min
15-year old Python bug causing problem LinkedIn Smart Links used for phishing US military buys Augury network monitoring tool Thanks to today's episode sponsor, 6clicks Your GRC solution is only as valuable as the reports it can generate. Provide an exceptional analytics experience for all your GRC stakeholders with the 6clicks reporting suite. Unlock powerful insights and prove compliance using dashboards and charts, pixel perfect reporting, presentations, and data storytelling via LiveDocs.. F...
Sep 22, 2022•7 min
American Airlines announce breach of customer and staff info Crypto market maker hacked for $160 million 2K and Rockstar fall victim to cyber attacks Thanks to today's episode sponsor, 6clicks The 6clicks GRC solution comes with a fully integrated content library full of hundreds of standards, assessment templates, libraries, playbooks, and more. With the content library included in every 6clicks license, organizations can get started on their GRC implementation faster than ever before. For more...
Sep 21, 2022•7 min
The shifting ways of Chromeloader Ransomware attacks fall in first half Pentagon orders review of social media influence campaigns Thanks to today's episode sponsor, 6clicks Experience the magic of Hailey, the 6clicks artificial intelligence engine for risk and compliance. With Hailey, organizations can automatically show cross-compliance between regulations or identify gaps to external compliance requirements in their policies. Eliminate manual and costly risk and compliance processes by joinin...
Sep 20, 2022•7 min
Uber says there is no evidence that users' private information was compromised LastPass says hackers accessed its systems for just 4 days Netgear Routers impacted by FunJSQ module flaw Thanks to today's episode sponsor, 6clicks 6clicks has pioneered a unique Hub & Spoke architecture to underpin its AI-powered GRC solution and cater to markets requiring scalable, multi-tenanted GRC. This model enables organizations to deploy multiple, autonomous GRC entities connected to a single hub for roll...
Sep 19, 2022•8 min
Link to Blog Post This week's Cyber Security Headlines – Week in Review , June 6-10, is hosted by Rich Stroffolino with our guest, Quincy Castro , CISO, Redis Thanks to today's episode sponsor, Edgescan Scalable automated and continuous Attack Surface Management (ASM) and vulnerability detection integrated with a world-class cyber security team provide 100% false-positive-free alerts and expert remediation guidance. Edgescan.com All links and the video of this episode can be found on CISO Series...
Sep 16, 2022•24 min
Gamers targeted by self-spreading stealer on YouTube Biden order further scrutinizes foreign tech supply chains Phishing attacks being launched in the name of Queen Elizabeth II Thanks to today's episode sponsor, Edgescan Edgescan simplifies Vulnerability Management by delivering a single full-stack solution (SaaS) integrated with world-class security professionals. Instead of managing a plethora of point scanning tools for each layer of the attack surface and squandering precious staff resource...
Sep 16, 2022•8 min
Teams stores tokens in cleartext Cyberscammers caught up in human trafficking US Treasury issues guidance on Tornado Cash Thanks to today's episode sponsor, Edgescan Scalable automated and continuous Attack Surface Management (ASM) and vulnerability detection integrated with a world-class cyber security team provide 100% false-positive-free alerts and expert remediation guidance.
Sep 15, 2022•7 min
Apple Releases iOS and macOS updates to patch actively exploited zero-day flaw Extreme California heat knocks key Twitter data center offline New phishing scheme uses 'herd mentality' approach to dupe victims Thanks to today's episode sponsor, Edgescan Edgescan combines full-stack coverage with integrated reporting and business-level prioritization to deliver a single source of truth for your entire vulnerability management program with zero false positives. For the stories behind the headlines,...
Sep 14, 2022•8 min
Google closes on Mandiant Paying the iron price for Retbleed mitigation Meta hands over the keys to PyTorch Thanks to today's episode sponsor, Edgescan Edgescan offers a single platform solution that covers the full stack, from Web Applications to APIs to the Network and data layer. Continuous Attack Surface Management coupled with automated & strategic Pen-testing as a Service (PTaaS) yields fully scalable coverage....
Sep 13, 2022•6 min
