SharePoint RCE flaws patched and exploited from China Dell acknowledges World Leaks data breach $44 million stolen from crypto exchange Huge thanks to our sponsor, Nudge Security Nudge Security discovers every GenAI tool ever used in your org, even those you've never heard of. For each tool, you'll see who introduced it, who else is using it, where it's integrated into other tools, and a vendor security profile. Get your free GenAI inventory today at NudgeSecurity.com ....
Jul 22, 2025•8 min
Hewlett Packard warns of hardcoded passwords in Aruba access points SharePoint zero-day exploited via RCE, no patch available Russian vodka producer suffers ransomware attack Huge thanks to our sponsor, Nudge Security Discover every SaaS account ever created by anyone in your org within minutes of starting a free trial. Harden configs, enforce MFA, revoke risky app-to-app access, and more. Learn more at NudgeSecurity.com Find the stories behind the headlines at CISOseries.com ....
Jul 21, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Cyrus Tibbs , CISO, PennyMac Thanks to our show sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your ...
Jul 18, 2025•32 min
Chinese hackers use Cobalt Strike on Taiwan's semiconductor sector Salt Typhoon breaches National Guard and steals network configurations Congress considers Stuxnet to manage OT threats Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulne...
Jul 18, 2025•9 min
Google says 'Big Sleep' AI tool found bug hackers planned to use Google fixes actively exploited sandbox escape zero day in Chrome China's cyber sector amplifies Beijing's hacking of U.S. targets Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential c...
Jul 17, 2025•6 min
Pentagon welcomes Chinese engineers into its environment HazyBeacon: It's not a beer, but it leaves a bitter aftertaste What the world needs now is another framework Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn...
Jul 16, 2025•8 min
EU states to test age verification app ( Reuters ) AAR pledges to start fixing 20-year old vulnerability next year ( Security Week ) Grok-4 jailbroken in two days ( Infosecurity Magazine ) DoD awards contracts for agentic AI ( Reuters ) eSIM vulnerability exposes billions of IoT devices ( Infosecurity Magazine ) UK launches Vulnerability Research Initiative ( Bleeping Computer ) Interlock ransomware using FileFix for malware ( Bleeping Computer ) Disinformation groups spoofs European journalists...
Jul 15, 2025•8 min
CISA gives one day for Citrix Bleed 2 fix Google Gemini flaw hijacks email summaries for phishing Louis Vuitton says UK customer data stolen in cyber-attack Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and...
Jul 14, 2025•9 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Jim Bowie , vp, CISO, Tampa General Hospital Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta ...
Jul 11, 2025•25 min
Look Out! Another Outlook Outage Iranian APTs increased activity against U.S. industries in late spring Russian basketball player arrested in France over alleged ransomware ties Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls ...
Jul 11, 2025•10 min
AMD warns of new Meltdown, Spectre-like bugs affecting CPUs Multiple vulnerabilities in Mozilla Thunderbird could allow for arbitrary code execution Bitcoin Depot breach exposes data of nearly 27,000 crypto users, More than $40 million stolen from GMX crypto platform Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-...
Jul 10, 2025•8 min
Four members of President Trump's cabinet impersonated Is this some kind of a game? Batavia attacks Russian industrial companies Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings automation to evidence ...
Jul 09, 2025•9 min
Call of Duty game pulled from PC store after reported exploit U.S. military gets cybersecurity boost Bank employee helped hackers steal $100M Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings automation...
Jul 08, 2025•9 min
Ingram Micro suffers ransomware attack Hacker leaks Telefónica data allegedly from new breach ChatGPT prone to recommending wrong URLs, creating a new phishing opportunity Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with V...
Jul 07, 2025•8 min
Undetectable Android spyware leaks user logins Hunters ransomware group shuts doors Medical device company Surmodics reports cyberattack Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered pro...
Jul 04, 2025•9 min
Student data lost in Columbia University hack German hunger relief charity hit by ransomware Qantas contact center breached Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, dete...
Jul 03, 2025•7 min
Chrome Zero-Day CVE-2025-6554 under active attack — Google issues security update International Criminal Court targeted by new 'sophisticated' attack Kelly Benefits says 2024 data breach impacts 550,000 customers, Esse Health says recent data breach affects over 263,000 patients Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex ...
Jul 02, 2025•7 min
U.S. agencies issue urgent warning over Iran threat Canada bans Chinese surveillance company CISA names new executive director Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, d...
Jul 01, 2025•8 min
Hawaiian Airlines suffers cyberattack United Natural Foods says cyber incident will impact quarterly income Russia throttles Cloudflare making sites inaccessible Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security tha...
Jun 30, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Bil Harmer , operating partner and CISO, Craft Ventures . Check out Bil's page, KillSwitchAdvisory . Thanks to our show sponsor, ThreatLocker Alert fatigue, false positives, analyst burnout—you know the drill. What if you could stop threats before they run? ThreatLocker gives CISOs what they've been asking for: real control at the execution layer. Only approved apps, scripts, and e...
Jun 27, 2025•25 min
Iranian-backed spearphishing campaign seeks out cybersecurity experts Microsoft fixes Outlook bug causing crashes when opening emails Glasgow City Council suffers cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities....
Jun 27, 2025•9 min
NHS confirms patient death linked to ransomware attack BreachForums busted again Thousands of SaaS apps still vulnerable to nOAuth Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, vi...
Jun 26, 2025•8 min
Hackers target over 70 Microsoft Exchange servers to steal credentials via keyloggers Apple, Netflix, Microsoft sites 'hacked' for tech support scams The 2022 initiative by Cloudflare, CrowdStrike and Ping Identity provided cybersecurity support to critical infrastructure sectors seen as potential targets of Russia-linked attacks Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from z...
Jun 25, 2025•8 min
DHS warns of retaliatory Iranian cyberattacks Steel giant Nucor confirms breach Ransomware hits healthcare system again Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatL...
Jun 24, 2025•9 min
CMC officially points finger at Scattered Spider for Marks & Spencer and Co-op attacks Aflac investigating suspicious activity on its U.S. network Russian dairy producers suffer cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyb...
Jun 23, 2025•7 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Howard Holton , COO and industry analyst, GigaOm Thanks to our show sponsor, Adaptive Security As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multil...
Jun 20, 2025•33 min
Cisco, Atlassian fix high-severity vulnerabilities Alleged Ryuk ransomware gang member arrested and extradited Telecom company Viasat attacked by Salt Typhoon Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and pol...
Jun 20, 2025•9 min
Over 5 million impacted by Episource breach Predatory Sparrow strikes Iran again Data leak at Swiss banks Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training —...
Jun 19, 2025•8 min
Hackers exploit critical Langflow flaw to unleash Flodrix botnet Organizations warned of vulnerability exploited against discontinued TP-Link routers Russia detects first SuperCard malware attacks skimming bank data via NFC Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness ...
Jun 18, 2025•9 min
Beware the SMS 2FA middleman Police seize Archetyp Market Zoomcar hack impacts 8.4 million users Huge thanks to our sponsor, Adaptive Security As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by A...
Jun 17, 2025•8 min
