If Salesforce flutters its wings in San Francisco... How is this still tricking people? From tagging to bagging Huge thanks to our sponsor, Prophet Security Security teams are drowning in alerts - many companies generate upwards of 1000 or more alerts a day, and nearly half go ignored. That's where Prophet Security comes in. Their AI SOC platform automatically triages and investigates alerts, so your team can focus on real threats instead of busywork. Faster response, less burnout, and lower ris...
Aug 26, 2025•8 min
Malicious Go module steals credentials via Telegram Mirai-based botnet resurfaces targeting systems globally Silk Typhoon hackers exploit cloud trust to hack downstream customers Huge thanks to our sponsor, Prophet Security Ever feel like your security team is stuck in a loop of alert fatigue and manual investigations? Meet Prophet Security . Their Agentic AI SOC Platform automates the tedious stuff: triaging, investigating, and responding to alerts - so your analysts can focus on real threats. ...
Aug 25, 2025•9 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino . This is our milestone edition, celebrating five years of the daily Cyber Security Headlines news podcast. Our guests today will be the CSH reporters themselves, reflecting on some stories from this week as well as their favorite stories from the past few years. Joining Rich live will be Hadas Cassorla and Steve Prentice , with videos from Sarah Lane and Lauren Verno . Thanks to our show spo...
Aug 22, 2025•46 min
Apple urges iPhone, iPad and Mac update ASAP Scattered Spider operative gets 10 years and a big fine Microsoft seeks customer feedback on SSD failure issues Huge thanks to our sponsor, Conveyor Does logging into a portal security questionnaire feel like punishment? We get it. Other solutions offer browser extensions that require you to do all the copy-pasting. It's slow, tedious, and frustrating. Conveyor takes care of it for you. Our AI auto-scrolls, finds every question, and fills in accurate ...
Aug 22, 2025•9 min
A patch today keeps the zero-day away Jailbreaking ChatGPT-5 Pro The thing about vulnerabilities is they stay vulnerable Huge thanks to our sponsor, Conveyor It's Thursday. Have you been personally victimized by a portal security questionnaire this week? Most solutions just give you a browser extension to copy and paste answers in, still leaving hours of manual work. With Conveyor , you don't have to slog through it yourself. Just open the portal and Conveyor's AI will scroll through each page, ...
Aug 21, 2025•9 min
UK agrees to drop 'backdoor' mandate for Apple devices Massive Allianz Life data breach impacts 1.1M people Speed cameras knocked out after cyber attack Huge thanks to our sponsor, Conveyor If portal questionnaires were a person, you'd block them by now. Endless clicks, bad navigation, and expanding questions stacked like russian nesting dolls, all add up to hours of your life you'll never get back. Conveyor's AI browser extension auto-completes any portal questionnaire without the copy and past...
Aug 20, 2025•7 min
Workday confirms data breach An alliance to unify post-quantum cryptography New Chinese threat actor targeting Taiwan Huge thanks to our sponsor, Conveyor If the thought of logging into a portal questionnaire makes you want to throw your laptop away, you're not alone. Most solutions just give you a browser extension to copy and paste answers, still leaving hours of manual work. With Conveyor , you don't have to slog through it yourself. Just open the portal and Conveyor's AI will scroll through ...
Aug 19, 2025•8 min
Cisco warns of maximum-severity defect in firewall software UK's Colt Telecom suffers cyberattack CISA implores OT environments to lock down critical infrastructure Huge thanks to our sponsor, Conveyor Have you been personally victimized by portal security questionnaires? Conveyor is here to help. Endless clicks, bad navigation, and expanding questions stacked like Russian nesting dolls, all add up to hours of your life you'll never get back. With Conveyor's AI-powered browser extension, you can...
Aug 18, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Steve Zalewski , co-host, Defense in Depth Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta br...
Aug 15, 2025•30 min
New wave of NFC relay fraud, call hijacking, and root exploits in banking sector Canada's House of Commons suffers cyberattack Zoom fixes critical Windows client flaw that could enable privilege escalation Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous vis...
Aug 15, 2025•8 min
Hack of federal court filing system exploited security flaws known since 2020 Pennsylvania attorney general says cyberattack knocked phone, email systems offline Spike in Fortinet VPN brute-force attacks raises zero-day concerns Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 compan...
Aug 14, 2025•7 min
The hits just keep on coming Where's the Little Dutch Boy when you need him? I felt the ransomware down in Africa Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings automation to evidence collection acro...
Aug 13, 2025•7 min
North Korean crypto theft Microsoft rolls out PC back up during attack U.S. charges four in $100M global fraud scheme Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings automation to evidence collection ...
Aug 12, 2025•9 min
DARPA awards $4 million prize for AI code review at DEF CON North Korea ScarCruft group adds ransomware to its activities Columbia University hack affects over 860,000 Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta...
Aug 11, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Montez Fitzpatrick , CISO, Navvis Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start y...
Aug 08, 2025•30 min
Microsoft warns of high-severity flaw in hybrid Exchange deployments France's third-largest mobile operator suffers breach Dialysis company's April attack affects 900,000 people Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabiliti...
Aug 08, 2025•8 min
Hackers hijacked Google's Gemini AI with a poisoned calendar invite to take over a smart home Nvidia rejects US demand for backdoors in AI chips Google says hackers stole its customers' data by breaching its Salesforce database Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack ...
Aug 07, 2025•6 min
PBS confirms data breach after employee info leaked on Discord servers TSMC fires engineers over suspected semiconductor secrets theft Cloudflare on Perplexity web scraping techniques to avoid robot.txt and network blocks Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surfac...
Aug 06, 2025•7 min
Microsoft and Google among most affected as zero day exploits jump 46% Vietnamese hackers use PXA Stealer, hit 4,000 IPs and steal 200,000 passwords globally New Plague Linux malware stealthily maintains SSH access Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and m...
Aug 05, 2025•8 min
Huge thanks to our sponsor, ThreatLocker ThreatLocker ® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO . Find the stories behind the headlines at CISOseries.com ....
Aug 04, 2025•9 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Derek Fisher , Director of the Cyber Defense and Information Assurance Program, Temple University – also check out Derek's substack . Thanks to our show sponsor, Dropzone AI Security teams everywhere are drowning in alerts. That's why companies like Zapier and CBTS turned to Dropzone AI —the leader in autonomous alert investigation. Their AI investigates everything, giving your ana...
Aug 01, 2025•31 min
NATM network breached and attacked through 4G Raspberry Pi Easterly's appointment to West Point rescinded Report links Chinese companies to tools used by state-sponsored hackers Huge thanks to our sponsor, Dropzone AI Security teams everywhere are drowning in alerts. That's why companies like Zapier and CBTS turned to Dropzone AI —the leader in autonomous alert investigation. Their AI investigates everything, giving your analysts time back for real security work. No more 40-minute rabbit holes. ...
Aug 01, 2025•9 min
Oh No! Lenovo You sunk my battleship! Or did you? Russians unable to get a taste of their own medicine Huge thanks to our sponsor, Dropzone AI Security teams everywhere are drowning in alerts. That's why companies like Zapier and CBTS turned to Dropzone AI —the leader in autonomous alert investigation. Their AI investigates everything, giving your analysts time back for real security work. No more 40-minute rabbit holes. If you're at BlackHat, find them in Startup City. Otherwise, check out thei...
Jul 31, 2025•8 min
Critical Authentication Flaw Identified in Base44 Vibe Coding Platform French telecom giant Orange discloses cyberattack FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation Huge thanks to our sponsor, Dropzone AI What if your SOC could investigate every single alert without burning out your team? That's exactly what Dropzone AI does. They're the leader in autonomous security investigations, and companies like Zapier and Fortune 500s are already on board. Their AI works alongside your...
Jul 30, 2025•7 min
Hacktivist attack grounds Russian flights Naval group denies breach, hackers beg to differ Dating app breach exposes thousands of women's pictures Huge thanks to our sponsor, Dropzone AI Let me tell you about Dropzone AI —they're revolutionizing how security teams work. Companies like CBTS and Zapier use their AI to investigate alerts automatically, freeing up analysts for the work that really matters. We're talking 40-minute investigations done in 3 minutes. You can meet the Dropzone team at Bl...
Jul 29, 2025•8 min
NASCAR announces data breach following March cyberattack Plankey appears to be on track to lead CISA Microsoft investigates another outage affecting 365 admin center Huge thanks to our sponsor, Dropzone AI Today's sponsor is Dropzone AI , the leader in AI-powered SOC automation. Major companies like Zapier and UiPath are using Dropzone to give their security teams superpowers. Imagine your analysts focusing on real threats while AI handles every routine investigation—in minutes, not hours. If yo...
Jul 28, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Nick Espinosa , host, The Deep Dive Radio Show Thanks to our show sponsor, Nudge Security Nudge Security discovers new apps, accounts, and data-sharing in real-time and helps guide employees toward secure behaviors. Instead of trying to control everything, we give IT and security teams the visibility and automation they need to secure the Workforce Edge. All links and the video of ...
Jul 25, 2025•30 min
SonicWall announces SMA 100 patches FBI warns about The Com Compromised Amazon Q extension deletes everything Huge thanks to our sponsor, Nudge Security Nudge Security discovers new apps, accounts, and data-sharing in real-time and helps guide employees toward secure behaviors. Instead of trying to control everything, we give IT and security teams the visibility and automation they need to secure the Workforce Edge. Find the stories behind the headlines at CISOseries.com ....
Jul 25, 2025•9 min
Goodbye toha, or as they say in Russian, Прощай "Trust the AI," they said. "What could go wrong?" they said Adobe apps advisory activated Huge thanks to our sponsor, Nudge Security Trying to squeeze a few more items into your budget? Nudge Security can help by discovering up to TWO YEARS of historical SaaS spend along with usage insights so you can eliminate wasted spend. In fact, Nudge Security customer KarmaCheck was able to recoup 150% of their investment in Nudge within the first 6 months. S...
Jul 24, 2025•9 min
Microsoft links Sharepoint ToolShell attacks to Chinese hackers Russian threat actors target NGOs with new OAuth phishing tactics Silicon Valley engineer admits theft of US missile tech secrets Huge thanks to our sponsor, Nudge Security Nudge Security discovers every SaaS app used in your org, secures configurations, enforces MFA, and manages app-to-app access so you can prevent identity based attacks. Start a free 14-day trial today at NudgeSecurity.com...
Jul 23, 2025•7 min
