Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
FCC bans foreign routers Drone activity disrupts AWS region Crunchyroll confirmed data leak Check out our show notes for all story links: https://cisoseries.com/cybersecurity-news-fcc-router-ban-drone-hit-aws-crunchroll-leak/ Huge thanks to our sponsor, ThreatLocker Least privilege isn't about distrusting users — it's about limiting blast radius. Many attacks succeed because malware inherits excessive permissions. Enforcing least privilege helps ensure that even if something goes wrong, attackers can't easily escalate access or move laterally across the environment. Learn more at ThreatLocker.com
New DarkSword exploit hits GitHub Gemini AI agents scour the dark web Trivy supply chain attack expands Check out our show notes for all story links: https://cisoseries.com/cybersecurity-news-darksword-exploit-hits-github-gemini-ai-agents-scour-dark-web-trivy-supply-chain-attack-expands/ Huge thanks to our sponsor, ThreatLocker Ransomware doesn't need to be sophisticated if it's allowed to execute. A growing number of security teams are shifting focus from detecting ransomware to preventing execution in the first place — controlling applications, scripts, and installers so unauthorized code never gets the chance to run. Learn more at ThreatLocker.com
Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Bil Harmer, CISO, Supabase, and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, ThreatLocker Many security strategies still assume everything is allowed until proven malicious. Attackers understand that model well. That's why more organizations are rethinking endpoint security — shifting from detection-first tools to control-first approaches that reduce attack surface before an incident occurs. Learn more at ThreatLocker.com All links and the video of this episode can be found on CISO Series.com
Law enforcement seizes botnet infrastructure California city and LA transit agency report cybersecurity issues Microsoft Azure Monitor alerts used for callback phishing attacks Check out our show notes for all story links: https://cisoseries.com/cybersecurity-news-cybersecurity-news-international-botnet-takedown-california-city-ransomed-azure-monitor-phishing/ Huge thanks to our sponsor, ThreatLocker Most breaches don't start with a zero-day — they start because something unexpected was allowed to run. One way organizations reduce risk is by shrinking the attack surface: deciding what software should be allowed to execute and blocking everything else by default. Fewer unknowns means fewer opportunities for attackers. Learn more at ThreatLocker.com
Critical Microsoft SharePoint flaw now exploited in attacks 1stProtect reveals endpoint security platform intended to prevent cyberattacks in real time CISA urges U.S. organizations to secure Microsoft Intune systems following Stryker breach Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-critical-sharepoint-flaw-real-time-cyberattack-prevention-cisas-intune-warning/ Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Picture a "new hire" who interviews well… except they're synthetic: AI video, AI voice, AI backstory. Once they're in, they go after payroll, internal docs, and access. That's the new reality: the attack surface is trust itself. Adaptive fights back with realistic deepfake simulations and training that actually sticks. Learn more at adaptivesecurity.com.
DarkSword emerges from suspected Russian hackers "ShieldGuard" dismantled after malware discovery North Korea's fake IT worker army rakes in $500M/year Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-darksword-emerges-shieldguard-dismantled-nk-it-worker-army-rakes-in-money/ Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Picture a "new hire" who interviews well… except they're synthetic: AI video, AI voice, AI backstory. Once they're in, they go after payroll, internal docs, and access. That's the new reality: the attack surface is trust itself. Adaptive fights back with realistic deepfake simulations and training that actually sticks. Learn more at adaptivesecurity.com.
Energy Department to release first cyber strategy Tech giants sign on to fight scammers Font-rendering hides malicious commands from AI in plain sight Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-energy-strategy-scammer-accord-font-rendering-attack/ Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Attackers don't need malware anymore; they need trust. Tip: set a simple passphrase for high-risk actions, like wire requests or "urgent" account recovery – especially within finance teams and families. If the caller can't answer it, pause and verify. Adaptive runs deepfake and vishing simulations so employees practice this before it's real. Learn more at adaptivesecurity.com.
Stryker hospital tools safe, digital ordering services down Models apply to be the face of AI scams Cybercrime up 245% since Iran conflict Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-stryker-hospital-tools-safe-models-apply-to-power-ai-scams-cybercrime-up-245/ Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Today's phishing doesn't just hit inboxes — it can sound like your CFO or look like your CEO on Zoom. AI voices, video, and deepfakes are turning trust into the attack surface. Adaptive fights back with AI-driven risk scoring, deepfake simulations featuring your own executives, and interactive training your team will actually remember. Take a three-minute tour or request a CEO deepfake demo at adaptivesecurity.com.
Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Jonathan Waldrop, CISO, Acoustic, and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Deepfakes aren't science fiction anymore; they're a daily threat. Quick tip: if your voicemail greeting is your real voice, switch it to the default robot voice. A few seconds of audio can be enough to clone you. Adaptive helps teams spot and stop these AI-powered social engineering attacks. Learn more at adaptivesecurity.com. All links and the video of this episode can be found on CISO Series.com
Payload Ransomware group claims breached of Royal Bahrain Hospital Canadian food retailer Loblaw confirms data breach New York cyber regulations for water organizations launch in 2027 Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-royal-bahrain-hospital-breach-canadas-loblaw-breached-new-york-water-laws/ Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Deepfakes aren't science fiction anymore; they're a daily threat. Quick tip: if your voicemail greeting is your real voice, switch it to the default robot voice. A few seconds of audio can be enough to clone you. Adaptive helps teams spot and stop these AI-powered social engineering attacks. Learn more at adaptivesecurity.com.
Iran boosts cyberattacks VENON targets Brazilian banks England Hockey investigates breach Get links to all the stories in our show notes: https://cisoseries.com/cybersecurity-news-iran-boosts-cyberattacks-venon-targets-brazilian-banks-england-hockey-investigates-breach/ Huge thanks to our sponsor, Dropzone AI If you are heading to RSAC next week, here are three things worth seeing at the Dropzone AI Diner. Booth 455, South Expo Hall. One: watch their AI SOC agents investigate real alerts live, with every reasoning step exposed. Two: meet the AI Threat Hunter, the newest agent joining the team. Three: enter the investigation competition and go head to head against the AI. Schedule your stop at dropzone.ai/rsa-2026-ai-diner.
Meta apps offer new scam protection Google's Wiz acquisition finalized China curbs state-run OpenClaw use Get links to all the stories in our show notes: https://cisoseries.com/cybersecurity-news-meta-offers-scam-protection-googles-wiz-acquisition-finalized-china-curbs-openclaw-use/ Huge thanks to our sponsor, Dropzone AI Here is something worth asking any AI security vendor you meet at RSAC. Can you show me exactly what your AI did? Not just the verdict. The reasoning. Every tool it queried, every piece of evidence, every step it took to get there. Most cannot. Dropzone AI can. Every investigation is fully transparent. You do not have to trust the AI. You can verify it. See it for yourself at Booth 455. dropzone.ai/rsa-2026-ai-diner
NSA and Cyber Command head confirmed Russians targeting encrypted messaging app users OpenAI rolls out vulnerability scanner Get links to all the stories in our show notes: https://cisoseries.com/cybersecurity-news-march-11-2026/ Huge thanks to our sponsor, Dropzone AI Remember yesterday's 3 AM threat intel? Here is how it plays out with Dropzone AI. The intelligence drops. Dropzone picks it up, turns it into a threat hunt, and runs it across your SIEM, EDR, and cloud data while your team sleeps. By morning, your analysts have answers, not a backlog. That is the AI Threat Hunter, the newest agent on the team, debuting at RSAC. Booth 455, South Expo Hall. dropzone.ai/rsa-2026-ai-diner
InstallFix attacks spread fake Claude code sites UNC4899 breaches crypto firm via trojanized file UK launches cyber-fraud crackdown unit Get links to all the stories in our show notes: https://cisoseries.com/cybersecurity-news-installfix-spreads-fake-claude-sites-unc4899-breaches-crypto-uk-cyber-fraud-crackdown/ Huge thanks to our sponsor, Dropzone AI It is 3 AM. New threat intelligence drops. An attack pattern targeting your industry. Your threat hunting team is four people, all on day shift, and already behind on last week's hunts. By the time someone gets to it, the window for early detection has closed. The attacker is already inside. Tomorrow, I will tell you what Dropzone AI is bringing to RSAC to solve exactly this problem. If you cannot wait, head to dropzone.ai/rsa-2026-ai-diner.
Link to episode page This week's Department of Know is hosted by Sarah Lane with guests John Barrow, CISO, JB Poindexter & Co., and Derek Fisher, Director of the Cyber Defense and Information Assurance Program, Temple University Thanks to our show sponsor, Dropzone AI Here is a number worth knowing before RSAC. The average enterprise SOC sees tens of thousands of alerts a day. Most get triaged. A fraction get thoroughly investigated. The rest sit in the queue or get auto-closed. Dropzone AI puts AI SOC agents on every one of those alerts. Every alert investigated, end to end, across your full tool stack, around the clock. Over 300 deployments in production today. They are at RSAC this year. Booth 455. dropzone.ai/rsa-2026-ai-diner All links and the video of this episode can be found on CISO Series.com
FBI investigates suspicious activities on agency network Over 100 GitHub repositories distributing BoryptGrab stealer Hackers abuse .arpa DNS and ipv6 to evade phishing defenses Get links to all the stories in our show notes: https://cisoseries.com/cybersecurity-news-fbi-network-breach-github-distributes-stealer-hackers-abuse-arpa/ Huge thanks to our sponsor, Dropzone AI Here is a number worth knowing before RSAC. The average enterprise SOC sees tens of thousands of alerts a day. Most get triaged. A fraction get thoroughly investigated. The rest sit in the queue or get auto-closed. Dropzone AI puts AI SOC agents on every one of those alerts. Every alert investigated, end to end, across your full tool stack, around the clock. Over 300 deployments in production today. They are at RSAC this year. Booth 455. dropzone.ai/rsa-2026-ai-diner
Apple blocks ByteDance Chinese apps Google says 90 zero-days were exploited in attacks last year Iran intelligence backdoored U.S. bank, airport, software outfit networks Get the show notes here: https://cisoseries.com/cybersecurity-news-apple-blocks-bytedance-googles-90-zero-days-iran-backdoors-u-s-organizations/ Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Security training fails when it's generic. Adaptive's platform personalizes training and runs deepfake simulations across email, SMS, voice, and video. And with Adaptive's AI Content Creator, you can drop in a breaking threat or compliance doc and instantly turn it into interactive, multilingual training – no designers, no delays. Learn more at adaptivesecurity.com.
Possible iPhone-hacking toolkit used by spies Hacker mass-mails HungerRush extortion emails Tycoon 2FA phishing platform dismantled Get the show notes here: https://cisoseries.com/cybersecurity-news-iphone-hacking-toolkit-used-by-spies-hungerrush-extortion-emails-tycoon-phishing-platform-dismantled/ Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Picture a "new hire" who interviews well… except they're synthetic: AI video, AI voice, AI backstory. Once they're in, they go after payroll, internal docs, and access. That's the new reality: the attack surface is trust itself. Adaptive fights back with realistic deepfake simulations and training that actually sticks. adaptivesecurity.com.
Quantum decryption gets theoretically easier OpenAI alters the deal with the Pentagon South Korea leaks crypto keys for all to see Get the show notes here: https://cisoseries.com/cybersecurity-news-quantum-decryption-openais-deal-south-korea-leaks-crypto-keys/ Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Attackers don't need malware anymore; they need trust. Tip: set a simple passphrase for high-risk actions, like wire requests or "urgent" account recovery – especially within finance teams and families. If the caller can't answer it, pause and verify. Adaptive runs deepfake and vishing simulations so employees practice this before it's real. adaptivesecurity.com.
Chrome unveils quantum-safe certificates Vulnerability allowed hijacking Gemini Live UK warns of Iranian cyberattack risks Get the show notes here: https://cisoseries.com/cybersecurity-news-chrome-quantum-safe-certificates-gemini-live-vulnerability-uk-warns-of-iranian-cyberattacks/ Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Today's phishing doesn't just hit inboxes — it can sound like your CFO or look like your CEO on Zoom. AI voices, video, and deepfakes are turning trust into the attack surface. Adaptive fights back with AI-driven risk scoring, deepfake simulations featuring your own executives, and interactive training your team will actually remember. Take a three-minute tour or request a CEO deepfake demo at adaptivesecurity.com.
Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Dan Holden, CISO, Commerce, and Mark Eggleston, CISO, CSC Thanks to our show sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. AI is rewriting the cybersecurity rulebook, because attackers can now scale persuasion as easily as they scale code. The real target isn't just your systems anymore; it's human trust. If you aren't actively testing your organization against AI-driven phishing, vishing, and deepfakes, you're leaving a gap criminals will exploit. Adaptive runs realistic simulations and delivers tailored, engaging training so teams respond correctly when it counts. Learn more at adaptivesecurity.com. All links and the video of this episode can be found on CISO Series.com
Gottumukkala ousted as CISA Director Ron Wyden blocks Rudd confirmation to lead Cyber Command, NSA Hackers Weaponize Claude Code in Mexican government cyberattack Get the show notes here: https://cisoseries.com/cybersecurity-news-gottumukkala-ousted-wyden-blocks-rudd-hackers-weaponize-claude/ Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Deepfakes aren't science fiction anymore; they're a daily threat. Quick tip: if your voicemail greeting is your real voice, switch it to the default robot voice. A few seconds of audio can be enough to clone you. Adaptive helps teams spot and stop these AI-powered social engineering attacks. Learn more at adaptivesecurity.com.
iPhone and iPad cleared for classified NATO work U.S. Education and Healthcare targeted with Dohdoor backdoor Trend Micro warns of critical Apex One code execution flaws Get links to all of today's news in our show notes here: https://cisoseries.com/cybersecurity-news-nato-adopts-apple-education-and-healthcare-backdoor-apex-one-flaws/ Thanks to today's episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Security training fails when it's generic. Adaptive's platform personalizes training and runs deepfake simulations across email, SMS, voice, and video. And with Adaptive's AI Content Creator, you can drop in a breaking threat or compliance doc and instantly turn it into interactive, multilingual training – no designers, no delays. Learn more at adaptivesecurity.com.
Google disrupts UNC2814 3M+ impacted by TriZetto breach Cisco bug exploited since 2023 Get links to all of today's news in our show notes here: Thanks to today's episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Picture a "new hire" who interviews well… except they're synthetic: AI video, AI voice, AI backstory. Once they're in, they go after payroll, internal docs, and access. That's the new reality: the attack surface is trust itself. Adaptive fights back with realistic deepfake simulations and training that actually sticks. adaptivesecurity.com.
Threat actors break out in under 30 minutes Claude allegedly hit with distillation attacks DeFi platform shutting down after crypto theft Get links to all of today's news in our show notes here: https://cisoseries.com/cybersecurity-news-hacked-in-30-minutes-claude-distillation-defi-shutdown-after-attack/ Thanks to today's episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Attackers don't need malware anymore; they need trust. Tip: set a simple passphrase for high-risk actions, like wire requests or "urgent" account recovery – especially within finance teams and families. If the caller can't answer it, pause and verify. Adaptive runs deepfake and vishing simulations so employees practice this before it's real. adaptivesecurity.com.
140k affected by US healthcare breach Data advocates warn against replicating humans Shai-Hulud-like worm targets developers Get links to all of today's news in our show notes here: https://cisoseries.com/cybersecurity-news-us-healthcare-breach-affects-140k-experts-warn-against-replicating-humans-shai-hulud-like-worm-targets-devs/ Thanks to today's episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Today's phishing doesn't just hit inboxes — it can sound like your CFO or look like your CEO on Zoom. AI voices, video, and deepfakes are turning trust into the attack surface. Adaptive fights back with AI-driven risk scoring, deepfake simulations featuring your own executives, and interactive training your team will actually remember. Take a three-minute tour or request a CEO deepfake demo at adaptivesecurity.com.
Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Montez Fitzpatrick, CISO, Navvis, and Peter Gregory, author. Thanks to our show sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. AI is changing phishing, because persuasion now scales like code. And it's not just email anymore; attackers hit SMS, voice calls, and multi-step scams that jump channels. Adaptive runs AI-powered phishing simulations across email, SMS, and voice, including OSINT-based spearphishing and BEC-style scenarios, so employees practice what attacks look like. Learn more at adaptivesecurity.com. All links and the video of this episode can be found on CISO Series.com
Arkanix Stealer – the new AI info-stealer experiment AI-assisted hacker breached 600 Fortinet firewalls in 5 weeks Russia stepping up hybrid attacks, preparing for confrontation with West Get links to all of today's news in our show notes here: https://cisoseries.com/cybersecurity-news-arkanix-was-poc-600-fortinet-firewalls-breach-russia-heightens-tension/ Thanks to today's episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Deepfakes aren't science fiction anymore; they're a daily threat. Quick tip: if your voicemail greeting is your real voice, switch it to the default robot voice. A few seconds of audio can be enough to clone you. Adaptive helps teams spot and stop these AI-powered social engineering attacks. Learn more at adaptivesecurity.com.
CISA orders urgent patch of Dell flaw Android malware uses Gemini to navigate infected devices Half of all cyberattacks start in the browser, says Palo Alto Networks Get the full show notes here: https://cisoseries.com/cybersecurity-news-cisas-dell-order-android-ai-malware-browsers-as-weak-link/ Huge thanks to our sponsor, Conveyor Most of what Conveyor automates is boring. Like really boring. Security questionnaires. Customer requests for things like your SOC 2. All of their follow-up questions. Answering tickets from your sales team. You know what's not boring? Alteryx using Conveyor to support over half a billion dollars in enterprise deals with a small 4 person team. All they did was set up an AI trust center and use Conveyor's AI agent to complete questionnaires. Learn more at conveyor.com.
Microsoft Copilot summarizes confidential emails ShinyHunters takes CarGurus records Texas sues TP-Link over router hack Get the full show notes here: https://cisoseries.com/cybersecurity-news-copilot-summarizes-confidential-emails-shinyhunters-targets-cargurus-texas-sues-tp-link/ Huge thanks to our sponsor, Conveyor Every fast-growing company hits this one moment. Sales wants to close bigger enterprise deals, but this means the security team is buried in security questionnaires. Alteryx avoided the deluge of questionnaires by using Conveyor to automate their customer security reviews.The result? AI completes questionnaires, 40% more customers are supported through a self-serve trust center, and over half a billion dollars in security influenced revenue. If you're trying to scale without adding headcount, take a look at Conveyor at conveyor.com.
Hackers target anti-government protestors UK launches "lock the door" cybersecurity campaign Cellebrite linked to phone hack on Kenyan politician Get the full show notes here: https://cisoseries.com/cybersecurity-news-hacking-protestors-uk-locks-the-door-kenyan-politician-phone-cracked/ Huge thanks to our sponsor, Conveyor Most of what Conveyor automates is boring. Like really boring. Security questionnaires. Customer requests for things like your SOC 2. All of their follow-up questions. Answering tickets from your sales team. You know what's not boring? Alteryx using Conveyor to support over half a billion dollars in enterprise deals with a small 4 person team. All they did was set up an AI trust center and use Conveyor's AI agent to complete questionnaires. Learn more at conveyor.com.
Eurail stolen traveler data now up for sale EU Parliament blocks AI features Japan's Washington Hotel discloses ransomware hit Get the full show notes here: Huge thanks to our sponsor, Conveyor Here's a fun question. Would you rather support more enterprise deals… or answer fewer security questionnaires? Moving upmarket usually means more scrutiny and more security questions. Instead of hiring more people or slowing sales, Alteryx used Conveyor's AI to automate customer security reviews like questionnaires, SOC 2 requests, and all the back-and-forth. They supported 200% growth and over half a billion dollars in pipeline with a 4 person team. If you're tired of choosing between growth and sanity, check out Conveyor at conveyor.com.
Link to episode page This week's Department of Know is hosted by Sarah Lane with guests Jon Collins, Field CTO, GigaOm, and Adam Palmer, CISO, First Hawaiian Bank Thanks to our show sponsor, Conveyor Ever dream of giving customers instant answers to their security questions without ever filling out another questionnaire? Meet Conveyor's new Trust Center Agent. The Agent lives in your Conveyor Trust Center and answers every customer question, surfaces documents and even completes full questionnaires instantly so customers can finish their review and be on their way. Top tech companies like Atlassian, Zapier, and more are using Conveyor to automate away tedious work. Learn more at www. conveyor.com. All links and the video of this episode can be found on CISO Series.com
One threat actor responsible for 83% of recent Ivanti RCE attacks Google's AI search overviews manipulated by scammers Microsoft warns of DNS-based ClickFix attack that uses Nslookup Get the full show notes here: https://cisoseries.com/cybersecurity-news-ivanti-actor-identified-search-overviews-manipulated-clickfix-leverages-nslookup/ Huge thanks to our sponsor, Conveyor I'll tell you two things Conveyor can't help you with. Conveyor will not make security questionnaires fun and it will not make your sales team stop asking you questions. But it did help Alteryx support half a billion dollars in enterprise deals with the same 4 person team. All they did was get an AI trust center and use Conveyor's AI agent to complete questionnaires. If that's enough, you know where to go. www. conveyor.com.
Hackers abuse Gemini AI for all attack stages, says Google Apple patches decade-old possibly exploited iOS zero-day Acting CISA chief critiques potential DHS funding lapse Get the show notes here: https://cisoseries.com/cybersecurity-news-hackers-abuse-gemini-apple-patches-ancient-bug-cisa-criticizes-shutdown/ Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.
Crazy gang abuses employee monitoring tool Nevada unveils new data classification Georgia healthcare breach impacts more than 620,000 Get the show notes here: https://cisoseries.com/cybersecurity-news-google-gets-eu-wiz-approval-microsoft-secures-secure-boot-certificates-north-korean-hackers-target-crypto-exec/ Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.
EU grants Google approval for Wiz Microsoft rolls out Secure Boot certificates before expiration North Korean hackers target crypto exec Get the show notes here: https://cisoseries.com/cybersecurity-news-google-gets-eu-wiz-approval-microsoft-secures-secure-boot-certificates-north-korean-hackers-target-crypto-exec/ Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.
UNC3886 targets Singapore telecom sector VoidLink exhibits multi-cloud capabilities and AI code 135,000+ OpenClaw instances exposed to internet Get the show notes here: https://cisoseries.com/cybersecurity-news-february-10-2026/ Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.
Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Nick Ryan, former CISO, and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. All links and the video of this episode can be found on CISO Series.com
OpenClaw turns to VirusTotal to boost security CISA gives federal agencies one year to remove end-of-life devices Payments platform BridgePay confirms ransomware attack Get the show notes here: https://cisoseries.com/cybersecurity-news-openclaw-embraces-virustotal-cisa-eol-deadline-ransomware-hits-bridgepay/ Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.
Substack admits data breach Russian attacks target Winter Olympics GitHub Codespaces enable RCE Get the show notes here: Huge thanks to our sponsor, Strike48 It's no secret that AI is only as good as the data available to it. Strike48 unifies agentic AI with unmatched log visibility while avoiding the typical hefty price tag. Build and deploy agents for phishing detection, alert triage, threat correlation and more. Queries existing logs where they currently live, so you can keep the technology you already have. Learn more at Strike48.com.
Ukraine tightens controls on Starlink terminals VMware ESXi flaw now exploited SolarWinds Web Help Desk bug under attack Get the show notes here: https://cisoseries.com/cybersecurity-news-ukraine-tightens-controls-on-starlink-terminals-vmware-esxi-flaw-now-exploited-solarwinds-web-help-desk-bug-under-attack/ Huge thanks to our sponsor, Strike48 Strike48 is the Agentic Log Intelligence Platform that actually puts AI agents to work, maximizing log visibility without blowing your budget. Find threats your siloed tools miss. Get started today with pre-built AI agents and workflows that investigate, detect, and respond 24/7 or build your own at strike48.com/security.
React Native Metro bug impacts thousands of servers Greece and Spain set to ban social media for kids Moltbook shows the dangers of vibe coding Get the show notes here: https://cisoseries.com/cybersecurity-news-metro-bug-more-social-bans-leaky-moltbook/ Huge thanks to our sponsor, Strike48 Security teams are stretched. Attack surfaces and threat volumes keep growing, meanwhile SOC budgets stay flat and glorified chatbots with hallucination problems aren't helping. Strike48 is different. Agents scale independently, running investigations across your logs while your team can concentrate on the highest priority tasks that require human judgment and decision making. Try it today at Strike48.com/security.
OpenClaw targets ClawHub users Notepad++ update delivers malware APT28 attackers abuse Microsoft Office zero-day Get the show notes here: https://cisoseries.com/cybersecurity-news-openclaw-targets-clawhub-users-notepad-update-delivers-malware-apt28-attackers-abuse-microsoft-office-zero-day/ Huge thanks to our sponsor, Strike48 It's no secret that AI is only as good as the data available to it. Strike48 unifies agentic AI with unmatched log visibility while avoiding the typical hefty price tag. Build and deploy agents for phishing detection, alert triage, threat correlation and more. Queries existing logs where they currently live, so you can keep the technology you already have. Learn more at Strike48.com.
Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Steve Zalewski, co-host, Defense in Depth, and Nick Espinosa, host, The Deep Dive Radio Show Thanks to our show sponsor, Devo/Strike 48 Strike48 is the Agentic Log Intelligence Platform that actually puts AI agents to work, maximizing log visibility without blowing your budget. Find threats your siloed tools miss. Get started today with pre-built AI agents and workflows that investigate, detect, and respond 24/7 or build your own at strike48.com/security. All links and the video of this episode can be found on CISO Series.com
Coupang CEO questioned by police regarding data breach probe Cyberattack on large Russian bread factory disrupts deliveries Real estate agents in Australia use apps that leave lease documents at risk Get the show notes here: https://cisoseries.com/cybersecurity-news-police-question-coupang-ceo-russia-bakery-cyberattack-australian-real-estate-scandal/ Huge thanks to our sponsor, Strike48 Strike48 is the Agentic Log Intelligence Platform that actually puts AI agents to work, maximizing log visibility without blowing your budget. Find threats your siloed tools miss. Get started today with pre-built AI agents and workflows that investigate, detect, and respond 24/7 or build your own at strike48.com/security.
France fines unemployment agency €5 million over data breach Microsoft Teams addition will allow for suspicious calls to be reported UK leaders warned about absorbing cyberattacks without offensive deterrence Check out the show notes here: Huge thanks to our episode sponsor, Conveyor Want to hear a horror story? An infosec manager found out that their sales rep had filled in a customer security questionnaire themselves and sent it back to the customer without review. Which led to dozens of follow up questions. With Conveyor's Trust Center AI Agent, you can avoid all of that. The Agent lives in your Conveyor hosted Trust Center and answers every customer question, surfaces documents and even completes full questionnaires instantly so customers can finish their review and be on their way. Learn more at Conveyor.com Find the stories behind the headlines at https://cisoseries.com/cybersecurity-news-france-fines-unemployment-agency-teams-flags-calls-uk-pushes-deterrence/
Sandbox flaw exposes n8n instances Fake Moltbot assistant drops malware PeckBirdy takes flight for cross-platform attacks Check out the show notes here: https://cisoseries.com/cybersecurity-news-sandbox-flaw-exposes-n8n-instances-fake-moltbot-assistant-drops-malware-peckbirdy-takes-flight-for-cross-platform-attacks/ Huge thanks to our episode sponsor, Conveyor Another security questionnaire hits your desk. Ever wish it could magically disappear? You already have the answers that customers should self-serve, but they can't find the info in your Trust Center. That's why Conveyor built the first truly agentic Trust Center. An AI Agent lives inside it, answering customer questions, sharing documents, and even completing full questionnaires instantly. Customers get what they need fast. it's magical, touchless, and extremely accurate. Join teams at Atlassian, Zapier, and more at conveyor.com.
US cyber chief uploaded sensitive files into public ChatGPT Vibe-coded 'Sicarii' ransomware can't be decrypted WhatsApp account feature combats spyware Check out the show notes here: https://cisoseries.com/cybersecurity-news-us-cyber-chief-uploaded-sensitive-files-into-public-chatgpt-vibe-coded-sicarii-ransomware-cant-be-decrypted-whatsapp-account-feature-combats-spyware/ Huge thanks to our episode sponsor, Conveyor Ever dream of giving customers instant answers to their security questions without ever filling out another questionnaire? Meet Conveyor's new Trust Center Agent. The Agent lives in your Conveyor Trust Center and answers every customer question, surfaces documents and even completes full questionnaires instantly so customers can finish their review and be on their way. Top tech companies like Atlassian, Zapier, and more are using Conveyor to automate away tedious work. Learn more at conveyor.com.
Microsoft patches Office zero-day vulnerability Indian users targeted by Blackmoon Konni targets blockchain developers Huge thanks to our episode sponsor, Conveyor True story, an infosec team had to give customers MapQuest style directions just to navigate their Trust Center. Spoiler: it didn't reduce follow-up questions and created even more work for everyone involved. With Conveyor's new Trust Center AI Agent, customers get answers instantly and can even upload questionnaires for the Agent to complete. This way, customers find what they need and keep moving, without your team needing to intervene. Learn more at conveyor.com
Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Krista Arndt, associate CISO, St. Luke's University Health Network, and Jason Shockey, CISO, Cenlar FSB Thanks to our show sponsor, Conveyor Ever dream of giving customers instant answers to their security questions without ever filling out another questionnaire? Meet Conveyor's new Trust Center Agent. The Agent lives in your Conveyor Trust Center and answers every customer question, surfaces documents and even completes full questionnaires instantly so customers can finish their review and be on their way. Top tech companies like Atlassian, Zapier, and more are using Conveyor to automate away tedious work. Learn more at conveyor.com. All links and the video of this episode can be found on CISO Series.com
© 2020-2026 Ivy Podcast Discovery LLC
