AI-generated code used in phishing campaign blocked by Microsoft WestJet notifies American consumers of data breach Ukrainian cops spoofed in fileless phishing attacks on Kyiv Huge thanks to our sponsor, Nudge Security AI tools have spread to every corner of your tech stack, which is great for innovation, but not so great for data governance. That's where Nudge Security comes in. Nudge discovers shadow AI across your org - chatbots, MCP integrations, AI in the supply chain, and more. And, Nudge ...
Sep 30, 2025•8 min
Dutch teenagers arrested for attempted espionage for Russia DoD announces replacement for risk management framework Fake Microsoft Teams installers deliver Oyster malware Huge thanks to our sponsor, Nudge Security Here's the thing: your employees are signing up for new apps, sharing data, and connecting tools together, often without anyone knowing. And, AI adoption is accelerating this trend. What if you could continuously discover when people start using new apps or sharing data, then prompt th...
Sep 29, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by David Spark with guests Brett Conlon , CISO, American Century Investments , and TC Niedzialkowski, Head of Security & IT, OpenDoor Thanks to our show sponsor, Conveyor Still stuck in security review chaos week after week? You're not the only one. But with Conveyor, teams finally get to a place of Questionnaire Zen. Our AI auto-fills answers across any format of questionnaire, even portals, and an enterpri...
Sep 26, 2025•27 min
Microsoft to offer free Windows 10 security updates in Europe Teenage Vegas casino hacker released to parents Boyd Gaming hacked, employee data stolen Huge thanks to our sponsor, Conveyor Logging into yet another security questionnaire portal on a Friday at 3pm? Yeah, that's chaos. Conveyor AI is your fast path to calm. It finds every question no matter the format and fills in the answers—across portals, spreadsheets, PDFs, you name it. So instead of grinding through copy-paste, you get a first ...
Sep 26, 2025•9 min
Person arrested in connection with airport attack Record-breaking DDoS attack hits new highs China-linked attackers use 'BRICKSTORM' backdoor to steal IP Huge thanks to our sponsor, Conveyor Security reviews don't have to feel like a hurricane. Most teams are buried in back-and-forth emails and never-ending customer requests for documentation or answers. But Conveyor takes all that chaos and turns it into calm. AI fills in the questionnaires, your trust center is always ready, and sales cycles m...
Sep 25, 2025•8 min
European airports restoring services after system breach CISA deals with GeoServer exploit App for outing Charlie Kirk's critics leaks personal data Huge thanks to our sponsor, Conveyor Have you been personally victimized by a questionnaire this week? The queue never ends. But Conveyor can change that story. With AI that answers questionnaires of any format, and a trust center that handles document sharing, security reviews get done without the stress. Feel calm in the chaos with Conveyor. Learn...
Sep 24, 2025•7 min
EDR-Freeze tool suspends security software DeepMind updates Frontier Safety Framework Major vendors withdraw from MITRE EDR Evaluations Huge thanks to our sponsor, Conveyor Security reviews don't have to feel like a hurricane. Most teams are buried in back-and-forth emails and never-ending customer requests for documentation or answers. But Conveyor takes all that chaos and turns it into calm. AI fills in the questionnaires, your trust center is always ready, and sales cycles move without stalls...
Sep 23, 2025•8 min
European airport disruption due to cyberattack check-in and baggage software SMS scammers now using mobile fake cell towers GPT-4-powered MalTerminal malware creates ransomware and Reverse Shell Huge thanks to our sponsor, Conveyor If security questionnaires make you feel like you're drowning in chaos, you're not alone. Endless spreadsheets, portals, and questions—always when you least expect them. Conveyor brings calm to the storm. With AI that auto-fills questionnaires and a trust center that ...
Sep 22, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Jack Kufahl , CISO, Michigan Medicine , and Nick Espinosa , host, The Deep Dive Radio Show Thanks to our show sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, c...
Sep 19, 2025•36 min
Google patches sixth Chrome zero-day exploited in attacks this year Microsoft to force install the Microsoft 365 Copilot app in October Two more Scattered Spider teen suspects arrested Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and poli...
Sep 19, 2025•8 min
Insight Partners warns thousands after ransomware breach Scattered Spider gang feigns retirement, breaks into bank instead Consumer Reports calls Microsoft 'hypocritical' Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-...
Sep 18, 2025•8 min
House lawmakers move to extend two key cyber programs Apple 0-day likely used in spy attacks affected older devices Reuters crafts phishing scam with AI chatbot help Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-power...
Sep 17, 2025•7 min
Android moving to "risk-based" security updates CISA accused of Cyber Incentive mismanagement How security practitioners use LLMs Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast t...
Sep 16, 2025•8 min
ShinyHunters hits Vietnam National Credit Information Center HybridPetya is a Petya/NotPetya copycat with UEFI Secure Boot bypass CISA seeks control over CVE Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Quest...
Sep 15, 2025•9 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Rob Teel , CTO, Oklahoma Department of Commerce and Howard Holton , CEO, GigaOm Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility int...
Sep 12, 2025•37 min
SonicWall SSL VPN flaws now being actively exploited Acting federal cyber chief outlines his priorities U.S. based investors in spyware firms nearly tripled in 2024 Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . ...
Sep 12, 2025•8 min
The npm incident: nothing to fret about? Cursor Autorun flaw lets repositories execute code without consent Senator Wyden urges FTC to probe Microsoft over Ascension hack Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Va...
Sep 11, 2025•8 min
Thousands had data leaked in blood center ransomware attack UK Electoral Commission recovers, 3 years after China hack Npm packages with 2 billion weekly downloads targeted in supply chain attack Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility in...
Sep 10, 2025•7 min
GhostAction campaign targets GitHub Scam centers see huge growth in Myanmar GPUGate targets IT firms Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings automation to evidence collection across over 35 fr...
Sep 09, 2025•8 min
New malware phishing campaign hidden in SVG files Anthropic agrees to pay $1.5bn in book piracy lawsuit Qantas penalizes executives for cyberattack Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta . Vanta brings auto...
Sep 08, 2025•9 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Ray Espinoza , vp of information security, Elite Technology Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities....
Sep 05, 2025•28 min
France fines Google and Shein over cookie misconduct CISA adds more TP-Link routers flaws to its KEV catalog World's largest sports piracy site shut down Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and sta...
Sep 05, 2025•9 min
Fintech foils bank heist NotDoor backdoor Salesloft-Drift impact continues drifting Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO . Find the stories beh...
Sep 04, 2025•8 min
'2.5 billion Gmail users at risk'? Entirely false, says Google Cloudflare blocks largest recorded DDoS attack peaking at 11.5 Tbps Jaguar Land Rover says cyberattack 'severely disrupted' production Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential ...
Sep 03, 2025•7 min
LegalPwn technique hides LLMs prompts inside contract legalese Maryland Transit investigating cyberattack Hacker attempts to forge his way into Spanish university Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn mor...
Sep 02, 2025•8 min
Velociraptor forensic tool used for C2 tunneling City of Baltimore gets socially engineered to the tune of $1.5 million Ransomware gang takedowns create more smaller groups Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To...
Sep 01, 2025•8 min
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Johna Till Johnson , CEO and founder, Nemertes Thanks to our show sponsor, Prophet Security Ever feel like your security team is stuck in a loop of alert fatigue and manual investigations? Meet Prophet Security. Their Agentic AI SOC Platform automates the tedious stuff: triaging, investigating, and responding to alerts - so your analysts can focus on real threats. Think 10x faster ...
Aug 29, 2025•28 min
Malicious nx Packages leak GitHub, Cloud, and AI Credentials North Korean remote worker scheme boosted by generative AI The Netherlands announces Salt Typhoon penetration Huge thanks to our sponsor, Prophet Security Security teams are drowning in alerts - many companies generate upwards of 1000 or more alerts a day, and nearly half go ignored. That's where Prophet Security comes in. Their AI SOC platform automatically triages and investigates alerts, so your team can focus on real threats instea...
Aug 29, 2025•9 min
FBI warns of expanded Chinese hacking campaign AI-powered ransomware is a thing now Anthropic warns about "vibe-hacking" Huge thanks to our sponsor, Prophet Security SOC analyst burnout is real - repetitive tasks, poor tooling, and constant alert noise are driving them out. Prophet Security fixes this. Their Agentic AI Analyst handles alert triage and investigation - work that 69% of cybersecurity leaders say is the best use for AI in the SOC. Say goodbye to burnout, and hello to efficiency. Che...
Aug 28, 2025•8 min
DOGE Put Critical Social Security Data at Risk, Whistle-Blower Says CISA warns of actively exploited Git code execution flaw Alleged mastermind behind K-Pop celebrity stock heist extradited to South Korea Huge thanks to our sponsor, Prophet Security Your security analysts didn't sign up to chase false alarms all day. With Prophet Security 's AI SOC platform, they won't have to. It works like a tireless teammate—triaging and investigating alerts around the clock. Less burnout. Better coverage. An...
Aug 27, 2025•7 min
