Cyber Security Headlines

Follow Cyber Security Headlines
Share on
Copy link to clipboard

Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.

CISO Series


    • Jun 20, 2025 LATEST EPISODE
    • weekdays NEW EPISODES
    • 10m AVG DURATION
    • 1,457 EPISODES


    Search for episodes from Cyber Security Headlines with a specific topic:

    Latest episodes from Cyber Security Headlines

    Week in Review: ClickFake deepfake scam, Krispy Kreme breach, NIST ZTA guidance

    Play Episode Listen Later Jun 20, 2025 32:50


     Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Howard Holton, COO and industry analyst, GigaOm Thanks to our show sponsor, Adaptive Security As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com. All links and the video of this episode can be found on CISO Series.com  

    Cisco, Atlassian fixes, Ryuk member arrested, Viasat Typhoon attack

    Play Episode Listen Later Jun 20, 2025 8:57


    Cisco, Atlassian fix high-severity vulnerabilities Alleged Ryuk ransomware gang member arrested and extradited Telecom company Viasat attacked by Salt Typhoon Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.

    Episource Breach, Predatory Sparrow strikes again, Swiss banks data leak

    Play Episode Listen Later Jun 19, 2025 7:30


    Over 5 million impacted by Episource breach Predatory Sparrow strikes Iran again Data leak at Swiss banks  Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com.

    Hackers exploit Langflow flaw, TP-Link routers still vulnerable, Russia detects SuperCard malware attacks

    Play Episode Listen Later Jun 18, 2025 8:52


    Hackers exploit critical Langflow flaw to unleash Flodrix botnet Organizations warned of vulnerability exploited against discontinued TP-Link routers Russia detects first SuperCard malware attacks skimming bank data via NFC Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com.

    2FA middleman, Archetyp seized, Zoomcar hacked

    Play Episode Listen Later Jun 17, 2025 7:35


    Beware the SMS 2FA middleman Police seize Archetyp Market Zoomcar hack impacts 8.4 million users Huge thanks to our sponsor, Adaptive Security As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com.

    Washington Post hacked, WestJet suffers cyberattack, Texas DoT breach

    Play Episode Listen Later Jun 16, 2025 8:25


    Washington Post investigates hacking incident on journalists' emails Canadian airline WestJet is containing a cyberattack Crash records stolen from Texas DOT Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.  

    Week in Review: Google and Cloudflare outages, Copilot Zero-Click, Cloudflare's Claude flair

    Play Episode Listen Later Jun 13, 2025 25:20


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Christina Shannon, CIO, KIK Consumer Products Thanks to our show sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines. All links and the video of this episode can be found on CISO Series.com

    Microsoft Entra attack, Thursday's Cloud outages, Mark Green retires

    Play Episode Listen Later Jun 13, 2025 8:10


    Hackers attacks target Microsoft Entra ID accounts using pentesting tool Google Cloud and Cloudflare outages reported House Homeland Chairman Mark Green announces his departure Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at  Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.

    CoPilot zero-click, Operation Secure, FIN6 targets recruiters

    Play Episode Listen Later Jun 12, 2025 7:43


    Zero-click data leak flaw in Copilot Operation Secure targets infostealer operations FIN6 targets recruiters Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta.  With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information.  The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive.  Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines.

    40K IoT cameras stream secrets to browsers, Marks & Spencer taking online orders post-cyberattack, PoC Code escalates Roundcube Vuln threat

    Play Episode Listen Later Jun 11, 2025 8:04


    CISA, Microsoft warn of Windows zero-day used in attack on ‘major' Turkish defense org 40K IoT cameras worldwide stream secrets to anyone with a browser Marks & Spencer begins taking online orders again, out for seven weeks due to cyberattack Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta.  With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information.  The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive.  Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines.

    Cybersecurity News: Brute forcing Google accounts, Guardian's Secure Messaging, UNFI cyberattack

    Play Episode Listen Later Jun 10, 2025 8:13


    Brute forcing phone numbers linked to Google accounts The Guardian launches Secure Messaging service United Natural Foods hit by cyberattack Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta.  With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information.  The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive.  Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines.

    Cyber executive order, Neuberger's infrastructure warning, Mirai botnet warning

    Play Episode Listen Later Jun 9, 2025 8:42


    Presidential cyber executive order signed Neuberger warns of U.S. infrastructure's cyberattack weakness Mirai botnet infects TBK DVR devices Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at  Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.

    Week in Review: Senators' CSRB bid, Deepfakes dodge detection, Microsoft-CrowdStrike collaboration

    Play Episode Listen Later Jun 6, 2025 27:43


    Link to episode page This week's Cyber Security Headlines - Week in Review is hosted by Rich Stroffolino with guest Rusty Waldron, chief business security officer, ADP Thanks to our show sponsor, Conveyor Let me guess, another security questionnaire just landed in your inbox. Which means all the follow up tasks you don't have time for are close behind. What are you going to do? Here's a better question: what would Sue do? Sue is Conveyor's new AI Agent for Customer Trust. She handles the entire security review process like answering every customer request from sales, completing every questionnaire or executing every communications and coordination task in-between. No more manual work. Just a quick review when she's done. Ready to let Sue take the reins? Learn more at www.conveyor.com. All links and the video of this episode can be found on CISO Series.com

    Kettering data published, Reddit sues Anthropic, North Face breached

    Play Episode Listen Later Jun 6, 2025 7:27


    Stolen Kettering Health data published Reddit sues Anthropic for scraping North Face website customer accounts breached Huge thanks to our sponsor, Conveyor Let me guess, another security questionnaire just landed in your inbox. Which means all the follow up tasks you don't have time for are close behind.  What are you going to do? Here's a better question: what would Sue do? Sue is Conveyor's new AI Agent for Customer Trust. She handles the entire security review process like answering every customer request from sales, completing every questionnaire or executing every communications and coordination task in-between.  No more manual work. Just a quick review when she's done. Ready to let Sue take the reins? Learn more at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.

    Russian bomber maker popped, vishing targets Salesforce, MS helps out governments

    Play Episode Listen Later Jun 5, 2025 7:28


    Ukraine claims cyberattack on Russian bomber maker Vishing campaign targets Salesforce Microsoft lends a hand to European governments Huge thanks to our sponsor, Conveyor Ever wish you had a teammate that could handle the most annoying parts of customer security reviews? You know, chasing down SMEs for answers, updating systems, coordinating across teams—all the grunt work nobody wants to do.  Plus, having to finish the dang questionnaire itself.  Well. That teammate exists—Conveyor just launched Sue, the first AI Agent for Customer Trust. Sue really is the dream teammate. She never misses a deadline, answers every customer request from sales, completes every questionnaire and knocks out all the coordination in-between. Sue handles it all so you don't have to. Learn more at www.conveyor.com.

    Meta, Yandex take heat on browsing identifiers, Acreed malware makes gains, HPE warns of critical auth bypass

    Play Episode Listen Later Jun 4, 2025 7:52


    Meta and Yandex are de-anonymizing Android users' web browsing identifiers LummaC2 fractures as Acreed malware becomes top dog Hewlett Packard Enterprise warns of critical StoreOnce auth bypass Huge thanks to our sponsor, Conveyor Tired of herding cats to complete customer security questionnaires?  Your team probably spends hours daily juggling the back and forth of completing these security requests. That's why Conveyor created Sue, the first AI Agent for Customer Trust. Sue doesn't just handle completing security questionnaires and sending SOC 2 to prospects – she manages all the communication and follow-up too.  You simply get notified when everything's done so you can do a quick review.  Stop wrangling cats and see what Sue can do for you at www.conveyor.com.  

    MS and CrowdStrike partner, Qualcomm bugs exploited, new CISA cut details

    Play Episode Listen Later Jun 3, 2025 7:30


    Microsoft and CrowdStrike partner to link threat actor names Qualcomm sees Adreno bugs under active exploitation New details on proposed CISA cuts Huge thanks to our sponsor, Conveyor Does trying to get the security questionnaire done and back to your customer ever feel like you're herding cats? It's not answering questions - most of you have automation software for that. It's all of the manual back and forth that becomes a slog like communicating between teams, tracking people down to get their review, updating sources and updating systems. Conveyor just launched an AI agent, Sue, to do all of these things and more for you. Learn about Sue at www.conveyor.com.

    Cisco IOS XE exploit, Senators' CSRB request, Australia ransomware law

    Play Episode Listen Later Jun 2, 2025 8:06


    Exploit for maximum severity Cisco IOS XE flaw now public Senators as for reinstatement of cyber review board to work on Salt Typhoon investigation Australian ransomware victims now must report their payments Huge thanks to our sponsor, Conveyor Conveyor launched the first AI Agent for Customer Trust. So wtf does that mean? It means the AI agent goes beyond just sharing NDA-gated documents like a SOC 2 with customers or answering security questionnaires. Conveyor's AI Agent, Sue, handles the entire security review process from start to finish.  She answers every customer request from sales, completes every questionnaire and executes every communications and coordination task in-between. It's perfect for B2B infosec teams sick of manual security review work. Check it out at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.  

    Week in Review: Chrome password replacer, Luna Moth exploits, ChatGPT declines shutdown command

    Play Episode Listen Later May 30, 2025 26:09


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Steve Knight, former CISO, Hyundai Capital America Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. All links and the video of this episode can be found on CISO Series.com    

    Windows startup failures, Victoria's Secret cyberattack, stolen cookie threat

    Play Episode Listen Later May 30, 2025 7:21


    Windows 11 might fail to start after installing KB5058405, says Microsoft Victoria's Secret website goes offline following cyberattack Billions of stolen cookies available, worrying security experts Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Microsoft updates Update, LexisNexis leak, cyber insurance premiums

    Play Episode Listen Later May 29, 2025 7:58


    Microsoft wants to update all the things LexisNexis breach impacts 364,000 people Cyber insurance premium volume expected to double Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    MathWorks confirms ransomware attack, Adidas has data breach, Dutch intelligence warns of cyberattack

    Play Episode Listen Later May 28, 2025 6:32


    MathWorks, Creator of MATLAB, Confirms Ransomware Attack Adidas warns of data breach after customer service provider hack Dutch Intelligence Agencies Say Russian Hackers Stole Police Data in Cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    Malicious npm codes, Nova Scotia cyberattack, ChatGPT refuses shutdown command

    Play Episode Listen Later May 27, 2025 7:19


    Malicious npm and VS Code packages stealing data Nova Scotia Power confirms ransomware attack Researchers claim ChatGPT o3 bypassed shutdown in controlled test Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.  

    CISA's Commvault warning, updated Killnet returns, fake VPN malware

    Play Episode Listen Later May 26, 2025 9:13


    CISA warns Commvault clients of campaign targeting cloud applications Russian hacker group Killnet returns with slightly adjusted mandate Fake VPN and browser NSIS installers used to deliver Winos 4.0 malware Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Week in Review: Disabling Microsoft Defender, corrupted power inverters, bipartisan training bill

    Play Episode Listen Later May 23, 2025 24:49


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest George Finney, CISO, The University of Texas System – check out George's new book plus all his other achievements at his website, WellAwareSecurity. Thanks to our show sponsor, Conveyor Still spending hours maintaining a massive spreadsheet of Q&A pairs or using RFP tools to answer security questionnaires? Conveyor's AI doesn't need hand-holding and gets you accurate answers every time with limited knowledge base maintenance. It reads directly from your connected sources—documents, wikis, websites, Confluence, Google drive, and even your Conveyor trust center. You don't maintain a knowledge base. You connect to one. And our AI does the rest for you. See what real auto-fill magic looks like at www.conveyor.com All links and the video of this episode can be found on CISO Series.com      

    Signal shutters Recall, Windows Server vulnerability, pathology lab breach

    Play Episode Listen Later May 23, 2025 8:33


    Signal adds Recall blocker Critical Windows Server 2025 dMSA vulnerability warning Pathology lab suffers data breach Huge thanks to our sponsor, Conveyor Still spending hours maintaining a massive spreadsheet of Q&A pairs or using RFP tools to answer security questionnaires? Conveyor's AI doesn't need hand-holding and gets you accurate answers every time with limited knowledge base maintenance. It reads directly from your connected sources—documents, wikis, websites, Confluence, Google drive, and even your Conveyor trust center. You don't maintain a knowledge base. You connect to one. And our AI does the rest for you. See what real auto-fill magic looks like at www.conveyor.com Find the stories behind the headlines at CISOseries.com.

    Kettering Health outage, Lumma disrupted, Opexus "major lapse"

    Play Episode Listen Later May 22, 2025 7:18


    Ransomware attack knocks out Kettering Health Lumma malware operation disrupted Federal agencies impacted by “major lapse” at Opexus Huge thanks to our sponsor, Conveyor Half-baked AI answers to security questionnaires are worse than no answer at all. Conveyor's AI gets it right the first time—with market-leading accuracy rates and full citations for every response. Because “good enough” doesn't cut it when you're filling in questionnaires daily. Accuracy isn't just a feature—it's the foundation. Because we know that when AI gets it wrong, you're stuck with more work.  If AI isn't living up to its promise with other tools, check out Conveyor at www.conveyor.com

    DOJ investigates Coinbase attack, Dutch cyber-espionage law passes, VanHelsing ransomeware leaked

    Play Episode Listen Later May 21, 2025 6:43


    US DOJ opens investigation into Coinbase's recent cyberattack Dutch government passes law to criminalize cyber-espionage Ransomware attack on food distributor spells more pain for UK supermarkets Huge thanks to our sponsor, Conveyor What if your sales team could answer security questions themselves—without blowing up your Slack or email every 10 minutes? With Conveyor, they can. Conveyor is the trust center and security questionnaire automation tool your infosec friends love to use. Whether through Slack or the Conveyor app, sales and presales teams can easily get AI-generated answers to any customer security question, with your pre-set rules and reviews in place. Free up your team and keep deals moving at www.conveyor.com

    Legal Aid breached, patients at risk from cyberattacks, 23andMe buyer

    Play Episode Listen Later May 20, 2025 7:19


    UK's Legal Aid Agency breached NHS patients put at risk from cyberattacks 23andMe has a buyer Huge thanks to our sponsor, Conveyor Ever spent an hour in a clunky portal questionnaire with UI from 1999 just to lose your work because it timed out? Conveyor's got you. Our browser extension completes questionnaires in the most tedious portals for you by auto-importing all the questions and generating AI answers. For popular portals, it can go full autopilot and fill in reviewed answers into the portal on one click. You shouldn't have to fight a portal just to prove your security posture.  Learn more at www.conveyor.com.

    UK retailer update, Microsoft Defender disabler, deepfakes target officials

    Play Episode Listen Later May 19, 2025 8:10


    Scattered Spider facilitates UK retail hacks and is moving to the U.S. Defendnot tool can disable Microsoft Defender FBI warns government officials about new waves of deepfakes Huge thanks to our sponsor, Conveyor Are you dealing with security questionnaire chaos this week? If so, get Conveyor's AI to knock them out for you. Connect Conveyor to any source, easily upload any format of questionnaire or use the browser extension for portals and their AI handles the rest—from parsing the questions to generating answers and auto-tagging collaborators. Let Conveyor do the work for you. Learn more at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.

    Week in Review: Hackers pump stocks, Microsoft stops screenshots, AI encrypts cybersecurity

    Play Episode Listen Later May 16, 2025 29:05


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Nick Espinosa, host, The Deep Dive Radio Show. Here's where you can find him: Daily Podcast on SoundCloud | YouTube | Forbes | Twitter/X | Facebook | BlueSky | Mastodon Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. All links and the video of this episode can be found on CISO Series.com      

    Coinbase hackers bribe staff, Windows 11 hacked at Pwn2Own, Telegram purges black market group

    Play Episode Listen Later May 16, 2025 8:08


    Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom Windows 11 and Red Hat Linux hacked on first day of Pwn2Own The Internet's biggest-ever black market just shut down amid a Telegram purge  Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines.

    Attack on steel producer, EUVD online, CISA advisory overhaul

    Play Episode Listen Later May 15, 2025 8:01


    Steel producer disrupted by cyberattack European Vulnerability Database (EUVD) is online CISA pauses advisory overhaul  Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines.

    Radware clarifies patch, retailer data stolen, Alabama suffers cyberattack

    Play Episode Listen Later May 14, 2025 8:49


    Radware says recently WAF bypasses were patched in 2023 Marks & Spencer confirms data stolen in ransomware attack Alabama suffers cybersecurity event  Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com

    GlobalX breach, Google settles lawsuits, UK software security guidelines

    Play Episode Listen Later May 13, 2025 7:52


    Global Crossing Airlines Group confirms cyberattack Google settles privacy lawsuits UK launches software security guidelines  Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines.

    Japan finance hacks, Pearson suffers cyberattack, Teams blocks screen captures

    Play Episode Listen Later May 12, 2025 8:28


    Hackers hijack Japanese financial accounts to conduct billions in trades Education giant Pearson hit by cyberattack exposing customer data Microsoft Teams will soon block screen capture during meetings  Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.  

    Week in Review: Agriculture ransomware increase, Congress challenges CISA cuts, Disney's slacker hacker

    Play Episode Listen Later May 9, 2025 29:37


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Dan Holden, CISO, BigCommerce Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. All links and the video of this episode can be found on CISO Series.com        

    Cisco IOS XE vulnerability, Pentagon CIO nomination, new SonicWall vulnerability

    Play Episode Listen Later May 9, 2025 8:45


    Cisco patches a level 10 vulnerability in IOS XE President nominates former Unilever CISO to be Pentagon CIO SonicWall patches a new zero-day vulnerability Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Europol shuts down DDoS-for-hire services, CrowdStrike lays off 500 workers, GOV.UK embraces passkeys

    Play Episode Listen Later May 8, 2025 7:28


    Europol shuts down six DDoS-for-hire services used in global attacks CrowdStrike says it will lay off 500 workers Passkeys set to protect GOV.UK accounts against cyber-attacks Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Congress challenges CISA cuts, Texas school breached, NSO pays WhatsApp

    Play Episode Listen Later May 7, 2025 8:32


    Congress challenges Noem over proposed CISA cuts Texas school district breach impacts over 47,000 people NSO Group to pay WhatsApp $167 million in damages Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.  

    Signal clones, easyjson warning, UK retail hacker

    Play Episode Listen Later May 6, 2025 7:37


    Signal clone gets hacked Sounding the alarm on easyjson Ransomware group takes credit for UK retail attacks Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Microsoft Authenticator passkeys, StealC malware upgraded, CISA budget slashed

    Play Episode Listen Later May 5, 2025 8:02


    Microsoft ends Authenticator password autofill in favor of Edge StealC malware enhanced with stealth upgrades and data theft White House proposes cutting $491M from CISA budget Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Week in Review: Cybersecurity CEO busted, Cloudflare's DDoS increase, FBI's help request

    Play Episode Listen Later May 2, 2025 31:36


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest DJ Schleen, Head of Security, Boats Group Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. All links and the video of this episode can be found on CISO Series.com  

    UK's Co-op cyberattack, LabHost domains released, NSO WhatsApp damages

    Play Episode Listen Later May 2, 2025 7:55


    UK retailer Co-Op suffers cyberattack FBI shares list of 42,000 LabHost phishing domains NSO group looking at hefty damages in WhatsApp case Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Scattered Spider extradition, Telecom hack warnings, Impersonation scammer takedown

    Play Episode Listen Later May 1, 2025 9:10


    Alleged ‘Scattered Spider' member extradited to U.S. Experts see little progress after major Chinese telecom hack Polish police take down impersonation scammers Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. For the stories behind the headlines, visit CISOseries.com.

    Apple Airplay-Enabled Devices Can Be Hacked, Google tracked 75 zero days, France ties Russian APT28 hackers to 12 cyberattacks

    Play Episode Listen Later Apr 30, 2025 8:06


    Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi Google tracked 75 zero days exploited in the wild in 2024 France ties Russian APT28 hackers to 12 cyberattacks on French orgs   Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    Uyghur software malware, DDoS jumps, 4chan back

    Play Episode Listen Later Apr 29, 2025 7:37


    Uyghur Language Software Hijacked to Deliver Malware Cloudflare sees a big jump in DDoS attacks 4chan back online Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    SAP zero-day active, another OAuth exploit, cybersecurity CEO arrested

    Play Episode Listen Later Apr 28, 2025 7:21


    SAP zero-day vulnerability under widespread active exploitation Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts Cybersecurity firm CEO charged with installing malware on hospital systems Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Week in Review: Secure by Design departure, Microsoft's security report, LLMs outrace vulnerabilities

    Play Episode Listen Later Apr 25, 2025 30:25


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Bethany De Lude, CISO emeritus, The Carlyle Group Thanks to our show sponsor, Dropzone AI Alert investigation is eating up your security team's day—30 to 40 minutes per alert adds up fast. Dropzone AI‘s SOC Analyst transforms this reality by investigating every alert with expert-level thoroughness at machine speed. Our AI SOC Analyst gathers evidence, connects the dots across your security tools, and delivers clear reports with recommended actions—all in minutes. No playbooks to build, no code to write. Just consistent, high-quality investigations that free your team to focus on what matters: stopping actual threats. Meet us at RSA Booth ESE-60. All links and the video of this episode can be found on CISO Series.com

    Russian army map malware, edge tech attack report, Commvault flaw

    Play Episode Listen Later Apr 25, 2025 8:12


    Russian army targeted by Android malware hidden in mapping app Attackers hit security device defects hard in 2024 Critical Commvault Command Center flaw warning Huge thanks to our sponsor, Dropzone AI Alert investigation is eating up your security team's day—30 to 40 minutes per alert adds up fast. Dropzone AI's SOC Analyst transforms this reality by investigating every alert with expert-level thoroughness at machine speed. Our AI SOC Analyst gathers evidence, connects the dots across your security tools, and delivers clear reports with recommended actions—all in minutes. No playbooks to build, no code to write. Just consistent, high-quality investigations that free your team to focus on what matters: stopping actual threats. Meet us at RSA Booth ESE-60. Find the stories behind the headlines at CISOseries.com.

    Blue Shield of California shared private data,FBI IC3 report, Ex-Army sergeant jailed

    Play Episode Listen Later Apr 24, 2025 9:43


    Blue Shield of California shared private health data of millions with Google The FBI issues its 2024 IC3 report Ex-Army sergeant jailed for selling military secrets Huge thanks to our sponsor, Dropzone AI Security analysts need practical experience to build investigation skills, but getting expert guidance for every alert is impossible. That's why Dropzone AI created COACH—a free Chrome extension that serves as an AI security mentor for SOC analysts at any level. COACH reads alerts across all major security platforms, explains their context, provides alternative hypotheses, and guides analysts through industry-standard investigation methodologies. Unlike our AI SOC Analyst product, COACH doesn't do the work for you—it teaches you how to think through investigations yourself. It supplements human mentoring with always-available guidance that respects your data with zero retention. Develop your security team's skills at Dropzone.ai/coach. For the stories behind the headlines, head to CISOseries.com.

    Claim Cyber Security Headlines

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel