Okta explains hack source and response timeline Looney Tunables now being exploited Lazarus Group uses KandyKorn against blockchain engineers Thanks to today's episode sponsor, OffSec And now a word from our sponsor. OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is hosting a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. During the event, you'll learn how to attract and assess t...
Nov 06, 2023•7 min
Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Shawn Bowen , CISO, World Kinect Corporation Thanks to our show sponsor, Hunters There's nothing worse than relying on a legacy SIEM that your security team has out-grown, especially when it impacts your ability to detect real incidents. Hunters' SOC Platform offers built-in, always up-to-date detection rules and automatic correlation that allow SOC analysts to focus on higher-value t...
Nov 03, 2023•29 min
Power outage darkens Cloudflare dashboard and APIs Apache ActiveMQ flaw sees HelloKitty attempt Boeing says cyber incident affects parts and distribution Thanks to today's episode sponsor, Hunters There's nothing worse than relying on a legacy SIEM that your security team has out-grown, especially when it impacts your ability to detect real incidents. Hunters' SOC Platform offers built-in, always up-to-date detection rules and automatic correlation that allow SOC analysts to focus on higher-valu...
Nov 03, 2023•8 min
Countries at UK summit pledge to tackle AI risks 'Kill switch' deliberately shuts down notorious botnet EU regulator bans Meta's targeted advertising practices Thanks to today's episode sponsor, Hunters There's nothing worse than relying on a legacy SIEM that your security team has out-grown, especially when it impacts your ability to detect real incidents. Hunters' SOC Platform offers built-in, always up-to-date detection rules and automatic correlation that allow SOC analysts to focus on highe...
Nov 02, 2023•8 min
Canada bans WeChat on government devices 40 countries sign no ransom pledge Apple warns Indian opposition leaders about iPhone attacks Thanks to today's episode sponsor, Hunters If your SIEM is causing an endless cycle of noisy alerts, manually writing generic detection rules, and limited data ingestion & retention, your SOC might need an upgrade. Hunters is a SaaS platform, purpose built for your Security Operations team. Solaris Group, a leading German FinTech, implemented Hunters to repla...
Nov 01, 2023•6 min
Executive order outlines generative AI rules in the US Russia launchings its own VirusTotal Roaming data could leak geolocations Thanks to today's episode sponsor, Hunters Piecing together a SIEM not only takes forever, but it wastes your security team's valuable resources. Hunters is a SIEM alternative purpose built to help your Security Operations mature to the next level in a fraction of the time. Spontnana, a next-generation Travel-as-a-Service platform, uses Hunters' built-in correlation an...
Oct 31, 2023•8 min
DC Board of Elections breach may include entire voter roll LockBit claims Boeing breach StripedFly malware infects 1 million Windows and Linux hosts Thanks to today's episode sponsor, Hunters Hunters is a SIEM alternative, built for your security team. Hunters empowers companies to replace their SIEM with unlimited ingestion and normalization of security data at a predictable cost. Using Hunters, a CISO at a leading online retailer "tripled the amount of data ingested by her security team while ...
Oct 30, 2023•7 min
Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Arvin Bansal , former CISO, Nissan Americas Thanks to our show sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without t...
Oct 27, 2023•27 min
ILeakage attack steals emails, passwords from Apple devices and browsers CISA protests potential 25% budget cut as "catastrophic" Surge in hyper-volumetric HTTP DDoS attacks Thanks to today's episode sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and yo...
Oct 27, 2023•8 min
SMIC making advanced chips with ASML tech Roundcube webmail exploited with zero-day Philadelphia's week somehow gets worse Thanks to today's episode sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staf...
Oct 26, 2023•7 min
Cisco IOS XE Update: Number of infected devices via zero-day remains high California sidelines GM's driverless cars, citing safety risk Canada accuse China of 'Spamouflage' disinformation campaign Thanks to today's episode sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks ...
Oct 25, 2023•9 min
Chrome testing IP Protection Microsoft tests Security Copilot Cisco releases IOS XE patches Thanks to today's episode sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 9...
Oct 24, 2023•8 min
Okta HAR support system attacked Cisco identifies additional IOS XE vulnerability Key Ragnar Locker player arrested in Paris Thanks to today's episode sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional st...
Oct 23, 2023•8 min
Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Andrew Wilder , CISO, Community Veterinary Partners Thanks to our show sponsor, Vanta "Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all ...
Oct 20, 2023•23 min
International sting operation brings down RagnarLocker More 23andMe records leaked Casio discloses data breach Huge thanks to our sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automa...
Oct 20, 2023•8 min
State-backed attackers exploit WinRAR zero-day Five Eyes warns of Chinese IP theft ServiceNow data exposure issue identified Huge thanks to our sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing....
Oct 19, 2023•8 min
Zero-day attacks affect over 10,000 Cisco devices US government warns of widespread exploitation of Confluence vulnerability D-Link confirms data breach caused by phishing attack Huge thanks to our sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your...
Oct 18, 2023•8 min
Israeli government warns to secure home security cameras Signal debunks zero-day report Equifax fined for 2017 data breach Huge thanks to our sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. A...
Oct 17, 2023•7 min
LockBit claims attack on CDW FBI and CISA publish joint advisory regarding AvosLocker ransomware EPA rescinds cyber regulations for water sector Huge thanks to our sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for ...
Oct 16, 2023•8 min
Link to blog post This week's Cyber Security Headlines – Week in Review , is hosted by Rich Stroffolino with guest Martin Choluj , VP Security ClickHouse Thanks to our show sponsor, Hyperproof Are you struggling to showcase the value of your work? It's a classic challenge in the risk and compliance space: leadership just doesn't understand what exactly you do and why it matters. With Hyperproof, the leading risk and compliance management platform, you get access to real-time reports that can hel...
Oct 13, 2023•27 min
Microsoft thwarts large-scale ransomware attack Former Uber CISO files appeal ToddyCat group targets telcos Thanks to today's episode sponsor, Hyperproof Is your company scaling? Do you need to quickly add more compliance frameworks but don't know where to start? Hyperproof has you covered. Hyperproof is a risk and compliance management platform that can help you manage compliance at scale. With Hyperproof, you can quickly add new frameworks, crosswalk controls between frameworks, view your risk...
Oct 13, 2023•7 min
404 pages hijacked Atlassian Confluence attacked by state-backed actors Adobe's "icon of transparency" Thanks to today's episode sponsor, Hyperproof It's more critical than ever to focus on strategically addressing risk, but how can you do it when working with limited resources? That's where Hyperproof comes in: Hyperproof is a risk and compliance operations platform that helps you automate evidence collection, task management, and collaboration within your organization so you can focus on what ...
Oct 12, 2023•7 min
Internet-wide zero-day bug fuels largest-ever DDoS attack 23andMe resets user passwords after genetic data posted online Microsoft Exchange gets 'better' patch to mitigate critical bug Thanks to today's episode sponsor, Hyperproof We get it. You're a risk manager or compliance professional, and you're overworked. You're trying to do the right thing by keeping your company safe and secure, but your technology is holding you back. Why not upgrade to Hyperproof? Hyperproof is a platform that not on...
Oct 11, 2023•9 min
Hacktivist attacks abound in the Middle East Network protocol open-source tool Curl faces worst security flaw in a long time HelloKitty ransomware source code leaked on hacking forum Thanks to today's episode sponsor, Hyperproof Imagine. You have an audit coming up, but instead of the usual rush, you actually feel prepared. You've collected your evidence. You can see which risks have been mitigated. And best of all, you don't have to send out any last-minute emails to other teams begging them fo...
Oct 10, 2023•8 min
MGM Resorts quotes ransomware tab at $110 million Blackbaud in $49.5 million settlement for May 2020 ransomware attack 23andMe investigates breach claims Thanks to today's episode sponsor, Hyperproof Tired of managing risk and compliance in spreadsheets? Sick of tracking down stakeholders to find evidence? Worried about whether that evidence is up to date for your next audit? Hyperproof has you covered. With Hyperproof, you can efficiently manage multiple compliance frameworks and risks in a sin...
Oct 09, 2023•8 min
Link to blog post This week's Cyber Security Headlines – Week in Review , is hosted by Rich Stroffolino with guest Bob Schuetter , CISO, Ashland Thanks to our show sponsor, Conveyor Got a scary security questionnaire to complete and you'd rather have AI do it? Your infosec friends are making the switch from outdated RFP and compliance tools to Conveyor: the most accurate security questionnaire automation software on the market. The proof is in the AI. Customers are seeing 80-90% accurate auto-ge...
Oct 06, 2023•26 min
Apple rolls out patch for active iOS Zero-Day Cisco patches urgent Emergency Responder flaw Researchers warn of 100,000 exposed ICS systems Thanks to our episode sponsor, Conveyor We can all agree that AI can take one job from us: answering security questionnaires. Enter Conveyor : the AI security review platform helping infosec teams attack security questionnaires from all angles. Reduce incoming questionnaires by sharing a trust portal with customers and for those questionnaires you do get, us...
Oct 06, 2023•8 min
Red Cross issues hacktivist rules Looney Tunables hits major Linux distros CISA may have violated the First Amendment Thanks to our episode sponsor, Conveyor Will security questionnaires ever go away? Maybe. But as long as they're still here, you might as well get AI to complete them for you. Enter Conveyor . The AI security questionnaire automation software that auto-generates 80-90% accurate answers to entire questionnaires in seconds so all you have to do is review. There's even a browser ext...
Oct 05, 2023•6 min
Arm and Qualcomm warn about exploited GPU drivers EU Parliament strengthens spyware protections for journalists NSA creates AI Security Center Thanks to our episode sponsor, Conveyor Does the mountain of security questionnaires in your inbox make you feel like a 2 dollar umbrella in a hurricane? Then you might want to check out Conveyor : the AI security review platform helping infosec teams attack security questionnaires from all angles. Reduce incoming questionnaires by sharing a trust portal ...
Oct 04, 2023•7 min
Critical Progress FTP bug now being exploited in attacks Norway urges Europe-wide ban on Meta's targeted data collection KillNet claims DDoS attack against Royal Family website Thanks to our episode sponsor, Conveyor Got a scary security questionnaire to complete and you'd rather have AI do it? Your infosec friends are making the switch from outdated RFP and compliance tools to Conveyor : the most accurate security questionnaire automation software on the market. The proof is in the AI. Customer...
Oct 03, 2023•7 min
