Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Nick Espinosa, nationally syndicated host of The Deep Dive Radio Show, with guest Steve Zalewski, co-host, Defense in Depth Thanks to our show sponsor, Nudge Security Here's the thing: your employees are signing up for new apps, sharing data, and connecting tools together, often without anyone knowing. And, AI adoption is accelerating this trend. What if you could continuously discover when people start using new apps or sharing data, then prompt them with security guidance right when and where they are working? At Nudge Security, we call that securing the Workforce Edge. Instead of trying to control everything (which, let's face it, is impossible), we give IT and security teams the visibility they need and automation to guide employees toward secure behaviors. The result? Your workforce stays productive, your data stays secure, and you can finally get some sleep at night. Learn more at nudgesecurity.com/workforceedge All links and the video of this episode can be found on CISO Series.com
Government shutdown furloughs most CISA staff Microsoft Defender bug triggers erroneous BIOS update alerts Motility RV software company suffers cyberattack Huge thanks to our sponsor, Nudge Security Here's the thing: your employees are signing up for new apps, sharing data, and connecting tools together, often without anyone knowing. And, AI adoption is accelerating this trend. What if you could continuously discover when people start using new apps or sharing data, then prompt them with security guidance right when and where they are working? At Nudge Security, we call that securing the Workforce Edge. Instead of trying to control everything (which, let's face it, is impossible), we give IT and security teams the visibility they need and automation to guide employees toward secure behaviors. The result? Your workforce stays productive, your data stays secure, and you can finally get some sleep at night. Learn more at nudgesecurity.com/workforceedge Find the stories behind the headlines at CISOseries.com.
Breach notification letters set to flood North America's mailboxes New bug in classic Outlook only fixed via Microsoft support Air Force admits SharePoint privacy issue over breach Huge thanks to our sponsor, Nudge Security AI notetakers like Otter AI spread fast. In fact, one Nudge Security customer discovered 800 new accounts created in only 90 days. Viral AI notetakers introduce a slew of data privacy risks by gaining access to calendars and adding themselves to every meeting. Nudge Security can help. Within minutes of starting a free trial, you'll see every AI app, account, and integration, even those created in the past. And, smart automation helps you clean up unwanted accounts and guide users towards approved alternatives. See how you can regain control today at nudgesecurity.com/stopotter
China-Linked Group Hits Governments With Stealth Malware Chinese hackers exploit VMware zero-day since October 2024 Apple's iOS fixes a bevy of glitches Huge thanks to our sponsor, Nudge Security The SaaS supply chain is a hot mesh. As your workforce introduces new SaaS apps and integrations, hidden pathways are created that attackers can exploit to gain access to core business systems. That's exactly what happened in the Drift breach, and it will happen again. But, all is not lost. Nudge Security gives you the visibility and control you need to stop these attacks. Within minutes of starting a free trial, you'll discover every SaaS app and integration in your environment, map your SaaS supply chain, and identify risky OAuth grants that could be exploited. The best part? Nudge Security alerts you of breaches impacting your 3rd and 4th party SaaS providers. That's right, even 4th party! So, you can take action quickly to limit the ripple effects. Learn how Nudge can help you secure your entire SaaS ecosystem at nudgesecurity.com/supplychain
AI-generated code used in phishing campaign blocked by Microsoft WestJet notifies American consumers of data breach Ukrainian cops spoofed in fileless phishing attacks on Kyiv Huge thanks to our sponsor, Nudge Security AI tools have spread to every corner of your tech stack, which is great for innovation, but not so great for data governance. That's where Nudge Security comes in. Nudge discovers shadow AI across your org - chatbots, MCP integrations, AI in the supply chain, and more. And, Nudge delivers guardrails to employees to help you stop data leakage before it even starts. The best part? You'll have a full inventory of AI assets on Day One of your free trial, even those introduced before you started using Nudge. No time machine required. Gain visibility and control of AI use. Get started at nudgesecurity.com/genai
Dutch teenagers arrested for attempted espionage for Russia DoD announces replacement for risk management framework Fake Microsoft Teams installers deliver Oyster malware Huge thanks to our sponsor, Nudge Security Here's the thing: your employees are signing up for new apps, sharing data, and connecting tools together, often without anyone knowing. And, AI adoption is accelerating this trend. What if you could continuously discover when people start using new apps or sharing data, then prompt them with security guidance right when and where they are working? At Nudge Security, we call that securing the Workforce Edge. Instead of trying to control everything (which, let's face it, is impossible), we give IT and security teams the visibility they need and automation to guide employees toward secure behaviors. The result? Your workforce stays productive, your data stays secure, and you can finally get some sleep at night. Learn more at nudgesecurity.com/workforceedge Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by David Spark with guests Brett Conlon, CISO, American Century Investments, and TC Niedzialkowski, Head of Security & IT, OpenDoor Thanks to our show sponsor, Conveyor Still stuck in security review chaos week after week? You're not the only one. But with Conveyor, teams finally get to a place of Questionnaire Zen. Our AI auto-fills answers across any format of questionnaire, even portals, and an enterprise-ready trust center keeps documents and policies ready for instant sharing. No more manual copy-pasting. No more last-minute scrambles. Just calm, clear security reviews that keep deals moving. Find your Zen with Conveyor at www.conveyor.com. All links and the video of this episode can be found on CISO Series.com
Microsoft to offer free Windows 10 security updates in Europe Teenage Vegas casino hacker released to parents Boyd Gaming hacked, employee data stolen Huge thanks to our sponsor, Conveyor Logging into yet another security questionnaire portal on a Friday at 3pm? Yeah, that's chaos. Conveyor AI is your fast path to calm. It finds every question no matter the format and fills in the answers—across portals, spreadsheets, PDFs, you name it. So instead of grinding through copy-paste, you get a first pass of accurate answers in minutes. Find your Friday Zen at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.
Person arrested in connection with airport attack Record-breaking DDoS attack hits new highs China-linked attackers use ‘BRICKSTORM' backdoor to steal IP Huge thanks to our sponsor, Conveyor Security reviews don't have to feel like a hurricane. Most teams are buried in back-and-forth emails and never-ending customer requests for documentation or answers. But Conveyor takes all that chaos and turns it into calm. AI fills in the questionnaires, your trust center is always ready, and sales cycles move without stalls. Breathe easier—check out Conveyor at www.conveyor.com.
European airports restoring services after system breach CISA deals with GeoServer exploit App for outing Charlie Kirk's critics leaks personal data Huge thanks to our sponsor, Conveyor Have you been personally victimized by a questionnaire this week? The queue never ends. But Conveyor can change that story. With AI that answers questionnaires of any format, and a trust center that handles document sharing, security reviews get done without the stress. Feel calm in the chaos with Conveyor. Learn more at www.conveyor.com.
EDR-Freeze tool suspends security software DeepMind updates Frontier Safety Framework Major vendors withdraw from MITRE EDR Evaluations Huge thanks to our sponsor, Conveyor Security reviews don't have to feel like a hurricane. Most teams are buried in back-and-forth emails and never-ending customer requests for documentation or answers. But Conveyor takes all that chaos and turns it into calm. AI fills in the questionnaires, your trust center is always ready, and sales cycles move without stalls. Breathe easier—check out Conveyor at www.conveyor.com.
European airport disruption due to cyberattack check-in and baggage software SMS scammers now using mobile fake cell towers GPT-4-powered MalTerminal malware creates ransomware and Reverse Shell Huge thanks to our sponsor, Conveyor If security questionnaires make you feel like you're drowning in chaos, you're not alone. Endless spreadsheets, portals, and questions—always when you least expect them. Conveyor brings calm to the storm. With AI that auto-fills questionnaires and a trust center that shares all your docs in one place, you'll feel peace where there used to be panic. Find your security review zen at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Jack Kufahl, CISO, Michigan Medicine, and Nick Espinosa, host, The Deep Dive Radio Show Thanks to our show sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io. All links and the video of this episode can be found on CISO Series.com
Google patches sixth Chrome zero-day exploited in attacks this year Microsoft to force install the Microsoft 365 Copilot app in October Two more Scattered Spider teen suspects arrested Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io. Find the stories behind the headlines at CISOseries.com.
Insight Partners warns thousands after ransomware breach Scattered Spider gang feigns retirement, breaks into bank instead Consumer Reports calls Microsoft 'hypocritical' Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io.
House lawmakers move to extend two key cyber programs Apple 0-day likely used in spy attacks affected older devices Reuters crafts phishing scam with AI chatbot help Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io.
Android moving to “risk-based” security updates CISA accused of Cyber Incentive mismanagement How security practitioners use LLMs Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io.
ShinyHunters hits Vietnam National Credit Information Center HybridPetya is a Petya/NotPetya copycat with UEFI Secure Boot bypass CISA seeks control over CVE Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Rob Teel, CTO, Oklahoma Department of Commerce and Howard Holton, CEO, GigaOm Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta.Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. All links and the video of this episode can be found on CISO Series.com
SonicWall SSL VPN flaws now being actively exploited Acting federal cyber chief outlines his priorities U.S. based investors in spyware firms nearly tripled in 2024 Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.
The npm incident: nothing to fret about? Cursor Autorun flaw lets repositories execute code without consent Senator Wyden urges FTC to probe Microsoft over Ascension hack Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines.
Thousands had data leaked in blood center ransomware attack UK Electoral Commission recovers, 3 years after China hack Npm packages with 2 billion weekly downloads targeted in supply chain attack Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines.
GhostAction campaign targets GitHub Scam centers see huge growth in Myanmar GPUGate targets IT firms Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines.
New malware phishing campaign hidden in SVG files Anthropic agrees to pay $1.5bn in book piracy lawsuit Qantas penalizes executives for cyberattack Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Ray Espinoza, vp of information security, Elite Technology Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. All links and the video of this episode can be found on CISO Series.com
France fines Google and Shein over cookie misconduct CISA adds more TP-Link routers flaws to its KEV catalog World's largest sports piracy site shut down Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Fintech foils bank heist NotDoor backdoor Salesloft-Drift impact continues drifting Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
'2.5 billion Gmail users at risk'? Entirely false, says Google Cloudflare blocks largest recorded DDoS attack peaking at 11.5 Tbps Jaguar Land Rover says cyberattack ‘severely disrupted' production Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.
LegalPwn technique hides LLMs prompts inside contract legalese Maryland Transit investigating cyberattack Hacker attempts to forge his way into Spanish university Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Velociraptor forensic tool used for C2 tunneling City of Baltimore gets socially engineered to the tune of $1.5 million Ransomware gang takedowns create more smaller groups Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Johna Till Johnson, CEO and founder, Nemertes Thanks to our show sponsor, Prophet Security Ever feel like your security team is stuck in a loop of alert fatigue and manual investigations? Meet Prophet Security. Their Agentic AI SOC Platform automates the tedious stuff: triaging, investigating, and responding to alerts - so your analysts can focus on real threats. Think 10x faster response times and a smarter way to secure your business. Learn more at prophetsecurity.ai. All links and the video of this episode can be found on CISO Series.com
Malicious nx Packages leak GitHub, Cloud, and AI Credentials North Korean remote worker scheme boosted by generative AI The Netherlands announces Salt Typhoon penetration Huge thanks to our sponsor, Prophet Security Security teams are drowning in alerts - many companies generate upwards of 1000 or more alerts a day, and nearly half go ignored. That's where Prophet Security comes in. Their AI SOC platform automatically triages and investigates alerts, so your team can focus on real threats instead of busywork. Faster response, less burnout, and lower risk to your business. Learn more at prophetsecurity.ai. Find the stories behind the headlines at CISOseries.com.
FBI warns of expanded Chinese hacking campaign AI-powered ransomware is a thing now Anthropic warns about “vibe-hacking” Huge thanks to our sponsor, Prophet Security SOC analyst burnout is real - repetitive tasks, poor tooling, and constant alert noise are driving them out. Prophet Security fixes this. Their Agentic AI Analyst handles alert triage and investigation - work that 69% of cybersecurity leaders say is the best use for AI in the SOC. Say goodbye to burnout, and hello to efficiency. Check out prophetsecurity.ai.
DOGE Put Critical Social Security Data at Risk, Whistle-Blower Says CISA warns of actively exploited Git code execution flaw Alleged mastermind behind K-Pop celebrity stock heist extradited to South Korea Huge thanks to our sponsor, Prophet Security Your security analysts didn't sign up to chase false alarms all day. With Prophet Security's AI SOC platform, they won't have to. It works like a tireless teammate—triaging and investigating alerts around the clock. Less burnout. Better coverage. And more time for meaningful work. Learn more atprophetsecurity.ai.
If Salesforce flutters its wings in San Francisco... How is this still tricking people? From tagging to bagging Huge thanks to our sponsor, Prophet Security Security teams are drowning in alerts - many companies generate upwards of 1000 or more alerts a day, and nearly half go ignored. That's where Prophet Security comes in. Their AI SOC platform automatically triages and investigates alerts, so your team can focus on real threats instead of busywork. Faster response, less burnout, and lower risk to your business. Learn more atprophetsecurity.ai.
Malicious Go module steals credentials via Telegram Mirai-based botnet resurfaces targeting systems globally Silk Typhoon hackers exploit cloud trust to hack downstream customers Huge thanks to our sponsor, Prophet Security Ever feel like your security team is stuck in a loop of alert fatigue and manual investigations? Meet Prophet Security. Their Agentic AI SOC Platform automates the tedious stuff: triaging, investigating, and responding to alerts - so your analysts can focus on real threats. Think 10x faster response times and a smarter way to secure your business. Learn more at prophetsecurity.ai. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino. This is our milestone edition, celebrating five years of the daily Cyber Security Headlines news podcast. Our guests today will be the CSH reporters themselves, reflecting on some stories from this week as well as their favorite stories from the past few years. Joining Rich live will be Hadas Cassorla and Steve Prentice, with videos from Sarah Lane and Lauren Verno. Thanks to our show sponsor, Conveyor Does logging into a portal security questionnaire feel like punishment? We get it. Other solutions offer browser extensions that require you to do all the copy-pasting. It's slow, tedious, and frustrating. Conveyor takes care of it for you. Our AI auto-scrolls, finds every question, and fills in accurate answers—all automatically. Oh, and our AI completes security questionnaires of any format, not just portals. Visit www.conveyor.com to learn more. All links and the video of this episode can be found on CISO Series.com
Apple urges iPhone, iPad and Mac update ASAP Scattered Spider operative gets 10 years and a big fine Microsoft seeks customer feedback on SSD failure issues Huge thanks to our sponsor, Conveyor Does logging into a portal security questionnaire feel like punishment? We get it. Other solutions offer browser extensions that require you to do all the copy-pasting. It's slow, tedious, and frustrating. Conveyor takes care of it for you. Our AI auto-scrolls, finds every question, and fills in accurate answers—all automatically. Oh, and our AI completes security questionnaires of any format, not just portals. Visit www.conveyor.com to learn more. Find the stories behind the headlines at CISOseries.com.
A patch today keeps the zero-day away Jailbreaking ChatGPT-5 Pro The thing about vulnerabilities is they stay vulnerable Huge thanks to our sponsor, Conveyor It's Thursday. Have you been personally victimized by a portal security questionnaire this week? Most solutions just give you a browser extension to copy and paste answers in, still leaving hours of manual work. With Conveyor, you don't have to slog through it yourself. Just open the portal and Conveyor's AI will scroll through each page, find the questions, and fill in answers for you—start to finish. See how at www.conveyor.com Find the stories behind the headlines at CISOseries.com.
UK agrees to drop 'backdoor' mandate for Apple devices Massive Allianz Life data breach impacts 1.1M people Speed cameras knocked out after cyber attack Huge thanks to our sponsor, Conveyor If portal questionnaires were a person, you'd block them by now. Endless clicks, bad navigation, and expanding questions stacked like russian nesting dolls, all add up to hours of your life you'll never get back. Conveyor's AI browser extension auto-completes any portal questionnaire without the copy and paste like those other browser extensions on the market. Spend less time battling portals and more time on work that matters. Learn more at www.conveyor.com.
Workday confirms data breach An alliance to unify post-quantum cryptography New Chinese threat actor targeting Taiwan Huge thanks to our sponsor, Conveyor If the thought of logging into a portal questionnaire makes you want to throw your laptop away, you're not alone. Most solutions just give you a browser extension to copy and paste answers, still leaving hours of manual work. With Conveyor, you don't have to slog through it yourself. Just open the portal and Conveyor's AI will scroll through each page, find the questions, and fill in answers for you—start to finish. Spend less time battling portals and more time on work that matters. Learn more at www.conveyor.com.
Cisco warns of maximum-severity defect in firewall software UK's Colt Telecom suffers cyberattack CISA implores OT environments to lock down critical infrastructure Huge thanks to our sponsor, Conveyor Have you been personally victimized by portal security questionnaires? Conveyor is here to help. Endless clicks, bad navigation, and expanding questions stacked like Russian nesting dolls, all add up to hours of your life you'll never get back. With Conveyor's AI-powered browser extension, you can open a portal questionnaire, scan for questions, and watch it auto-populate your answers back into the portal without the copy and paste. See how at www.conveyor.com Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Steve Zalewski, co-host, Defense in Depth Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines All links and the video of this episode can be found on CISO Series.com
New wave of NFC relay fraud, call hijacking, and root exploits in banking sector Canada's House of Commons suffers cyberattack Zoom fixes critical Windows client flaw that could enable privilege escalation Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.
Hack of federal court filing system exploited security flaws known since 2020 Pennsylvania attorney general says cyberattack knocked phone, email systems offline Spike in Fortinet VPN brute-force attacks raises zero-day concerns Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines
The hits just keep on coming Where's the Little Dutch Boy when you need him? I felt the ransomware down in Africa Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com
North Korean crypto theft Microsoft rolls out PC back up during attack U.S. charges four in $100M global fraud scheme Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines
DARPA awards $4 million prize for AI code review at DEF CON North Korea ScarCruft group adds ransomware to its activities Columbia University hack affects over 860,000 Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Montez Fitzpatrick, CISO, Navvis Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO All links and the video of this episode can be found on CISO Series.com
Microsoft warns of high-severity flaw in hybrid Exchange deployments France's third-largest mobile operator suffers breach Dialysis company's April attack affects 900,000 people Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Hackers hijacked Google's Gemini AI with a poisoned calendar invite to take over a smart home Nvidia rejects US demand for backdoors in AI chips Google says hackers stole its customers' data by breaching its Salesforce database Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.
© 2020-2025 Ivy Podcast Discovery LLC
