Hackers hijack Japanese financial accounts to conduct billions in trades Education giant Pearson hit by cyberattack exposing customer data Microsoft Teams will soon block screen capture during meetings Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibil...
May 12, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Dan Holden , CISO, BigCommerce Thanks to our show sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start you...
May 09, 2025•30 min
Cisco patches a level 10 vulnerability in IOS XE President nominates former Unilever CISO to be Pentagon CIO SonicWall patches a new zero-day vulnerability Thanks to today's episode sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn mo...
May 09, 2025•9 min
Europol shuts down six DDoS-for-hire services used in global attacks CrowdStrike says it will lay off 500 workers Passkeys set to protect GOV.UK accounts against cyber-attacks Thanks to today's episode sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerab...
May 08, 2025•7 min
Congress challenges Noem over proposed CISA cuts Texas school district breach impacts over 47,000 people NSO Group to pay WhatsApp $167 million in damages Thanks to today's episode sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn mor...
May 07, 2025•9 min
Signal clone gets hacked Sounding the alarm on easyjson Ransomware group takes credit for UK retail attacks Thanks to today's episode sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker...
May 06, 2025•8 min
Microsoft ends Authenticator password autofill in favor of Edge StealC malware enhanced with stealth upgrades and data theft White House proposes cutting $491M from CISA budget Thanks to today's episode sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnera...
May 05, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest DJ Schleen , Head of Security, Boats Group Thanks to our show sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more a...
May 02, 2025•32 min
UK retailer Co-Op suffers cyberattack FBI shares list of 42,000 LabHost phishing domains NSO group looking at hefty damages in WhatsApp case Thanks to today's episode sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start yo...
May 02, 2025•8 min
Alleged 'Scattered Spider' member extradited to U.S. Experts see little progress after major Chinese telecom hack Polish police take down impersonation scammers Thanks to today's episode sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To lea...
May 01, 2025•9 min
Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi Google tracked 75 zero days exploited in the wild in 2024 France ties Russian APT28 hackers to 12 cyberattacks on French orgs Thanks to today's episode sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potentia...
Apr 30, 2025•8 min
Uyghur Language Software Hijacked to Deliver Malware Cloudflare sees a big jump in DDoS attacks 4chan back online Thanks to today's episode sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit Threat...
Apr 29, 2025•8 min
SAP zero-day vulnerability under widespread active exploitation Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts Cybersecurity firm CEO charged with installing malware on hospital systems Thanks to today's episode sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mit...
Apr 28, 2025•7 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Bethany De Lude , CISO emeritus, The Carlyle Group Thanks to our show sponsor, Dropzone AI Alert investigation is eating up your security team's day—30 to 40 minutes per alert adds up fast. Dropzone AI 's SOC Analyst transforms this reality by investigating every alert with expert-level thoroughness at machine speed. Our AI SOC Analyst gathers evidence, connects the dots across you...
Apr 25, 2025•30 min
Russian army targeted by Android malware hidden in mapping app Attackers hit security device defects hard in 2024 Critical Commvault Command Center flaw warning Huge thanks to our sponsor, Dropzone AI Alert investigation is eating up your security team's day—30 to 40 minutes per alert adds up fast. Dropzone AI 's SOC Analyst transforms this reality by investigating every alert with expert-level thoroughness at machine speed. Our AI SOC Analyst gathers evidence, connects the dots across your secu...
Apr 25, 2025•8 min
Blue Shield of California shared private health data of millions with Google The FBI issues its 2024 IC3 report Ex-Army sergeant jailed for selling military secrets Huge thanks to our sponsor, Dropzone AI Security analysts need practical experience to build investigation skills, but getting expert guidance for every alert is impossible. That's why Dropzone AI created COACH—a free Chrome extension that serves as an AI security mentor for SOC analysts at any level. COACH reads alerts across all ma...
Apr 24, 2025•10 min
Microsoft Recall on Copilot+ PC: testing the security and privacy implications Russian organizations targeted by backdoor masquerading as secure networking software updates SSL.com Scrambles to Patch Certificate Issuance Vulnerability Huge thanks to our sponsor, Dropzone AI Is your security team spending too much time chasing alerts instead of stopping threats? Dropzone AI modernizes your security operations by handling the routine investigations that consume your team's day. Our AI SOC Analyst ...
Apr 23, 2025•7 min
Google OAuth abused in DKIM replay attack Japan warns of sharp rise in unauthorized trading North Koreans hijacking Zoom's Remote Control Huge thanks to our sponsor, Dropzone AI Security threats don't clock out at 5 PM, but your analysts need to sleep sometime. Dropzone AI delivers around-the-clock alert investigations with the same attention to detail at midnight as at noon. Our AI SOC Analyst ensures no more morning backlogs and no more off-hours blind spots. Just reliable, continuous protecti...
Apr 22, 2025•8 min
Widespread Microsoft Entra lockouts cause by new security feature rollout Malware delivered through diplomatic wine-tasting invites British companies told to hold in-person interviews to thwart North Korea job scammers Huge thanks to our sponsor, Dropzone AI Growing your MSSP client roster while your alerts are multiplying? Dropzone AI works alongside your team, investigating alerts just like your best human analysts would. Our AI SOC Analyst cuts investigation time from an hour to minutes while...
Apr 21, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by David Spark with guest Trina Ford , CISO, iHeartMedia Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings automation t...
Apr 18, 2025•26 min
Bipartisan push for renewal of cyberthreat information sharing law ClickFix becoming a favorite amongst state-sponsored hackers GoDaddy puts Zoom on mute for about 90 minutes Thanks to this week's episode sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their c...
Apr 18, 2025•9 min
MITRE gets last-minute bailout from CISA Krebs exits SentinelOne after security clearance pulled Apple fixes two zero-days exploited in targeted iPhone attacks Thanks to this week's episode sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Va...
Apr 17, 2025•8 min
CISA issued a statement that it execution an option on its contract with MITRE to continue funding the CVE program.
Apr 16, 2025•36 sec
Government CVE funding set to end Tuesday 4chan, the internet's most infamous forum, is down following an alleged hack China accuses US of launching 'advanced' cyberattacks, names alleged NSA agents Thanks to this week's episode sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous...
Apr 16, 2025•8 min
AI code dependencies are a supply chain risk Morocco investigates social security leak European Commission increases security measures for US-bound staff Thanks to this week's episode sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . ...
Apr 15, 2025•8 min
Major workforce cuts planned for CISA Microsoft warns Windows users not to delete 'inetpub' folder Data breach at testing lab affects 1.6 million people Thanks to this week's episode sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . V...
Apr 14, 2025•7 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Carla Sweeney , SVP, InfoSec, Red Ventures Thanks to our show sponsor, Nudge Security Are you struggling to secure your exploding SaaS footprint? With Nudge Security , you can discover all SaaS apps and accounts, manage access, ensure secure configurations, vet unfamiliar tools, and automate daily identity security tasks. Start a free 14-day trial All links and the video of this ep...
Apr 11, 2025•23 min
President orders probe of former CISA Director Chris Krebs Nissan Leaf cars can be hacked for remote spying and physical takeover Infosec experts warn of China Typhoon retaliation against tariffs Thanks to our episode sponsor, Nudge Security Are you struggling to secure your exploding SaaS footprint? With Nudge Security, you can discover all SaaS apps and accounts, manage access, ensure secure configurations, vet unfamiliar tools, and automate daily identity security tasks. Start a free 14-day t...
Apr 11, 2025•8 min
U.S. Comptroller suffers 'major incident' Oracle confirms "obsolete servers" hacked Police seize Smokeloader malware servers and detain customers Thanks to our episode sponsor, Nudge Security Nudge Security is the only solution for SaaS security and governance that can discover up to two years of historical SaaS spend along with usage insights so you can uncover wasted spend and sources of unnecessary risk. Start a free 14-day trial today For the stories behind the headlines, visit CISOseries.co...
Apr 10, 2025•8 min
WhatsApp vulnerability could facilitate remote code execution Spyware targeting Chinese diaspora Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day Thanks to our episode sponsor, Nudge Security Nudge Security provides advanced security posture management for Okta, Microsoft 365, Google Workspace, and other critical apps. With Nudge, you'll be alerted of risks like weak or missing MFA, inactive admin accounts, and risky integrations, plus you can automate remediation tasks and...
Apr 09, 2025•7 min
