Cyber Security Headlines

Follow Cyber Security Headlines
Share on
Copy link to clipboard

Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.

CISO Series


    • Jul 10, 2025 LATEST EPISODE
    • weekdays NEW EPISODES
    • 10m AVG DURATION
    • 1,472 EPISODES


    Search for episodes from Cyber Security Headlines with a specific topic:

    Latest episodes from Cyber Security Headlines

    AMD has CPU meltdown, Mozilla Thunderbird has vulnerabilities, Indian defense sector attacked

    Play Episode Listen Later Jul 10, 2025 7:46


    AMD warns of new Meltdown, Spectre-like bugs affecting CPUs Multiple vulnerabilities in Mozilla Thunderbird could allow for arbitrary code execution Bitcoin Depot breach exposes data of nearly 27,000 crypto users, More than $40 million stolen from GMX crypto platform Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

    Rubio Spoofed, RondoDox Botnet, Batavia Spyware

    Play Episode Listen Later Jul 9, 2025 8:43


    Four members of President Trump's cabinet impersonated Is this some kind of a game? Batavia attacks Russian industrial companies Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

    Call of Duty game pulled, U.S. military gets cybersecurity boost, Bank employee helped hackers

    Play Episode Listen Later Jul 8, 2025 8:33


    Call of Duty game pulled from PC store after reported exploit U.S. military gets cybersecurity boost Bank employee helped hackers steal $100M Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

    Ingram Micro cyberattack, Telefonica possible breach, LLM URL recommendation problem

    Play Episode Listen Later Jul 7, 2025 8:08


    Ingram Micro suffers ransomware attack Hacker leaks Telefónica data allegedly from new breach ChatGPT prone to recommending wrong URLs, creating a new phishing opportunity Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.    

    Undetectable Android spyware is detectable, Hunters ransomware quits, Salt Typhoon dormant

    Play Episode Listen Later Jul 4, 2025 9:09


    Undetectable Android spyware leaks user logins Hunters ransomware group shuts doors Medical device company Surmodics reports cyberattack Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response Find the stories behind the headlines at CISOseries.com.

    Columbia hack, hunger relief ransomware, Qantas breach

    Play Episode Listen Later Jul 3, 2025 7:27


    Student data lost in Columbia University hack German hunger relief charity hit by ransomware Qantas contact center breached Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response

    Google issues Chrome security update, ICC targeted by new attack, Microsoft nixes Authenticator password management

    Play Episode Listen Later Jul 2, 2025 7:23


    Chrome Zero-Day CVE-2025-6554 under active attack — Google issues security update International Criminal Court targeted by new ‘sophisticated' attack Kelly Benefits says 2024 data breach impacts 550,000 customers, Esse Health says recent data breach affects over 263,000 patients Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response

    New Iran warning, Chinese surveillance company banned, CISA names new executive director

    Play Episode Listen Later Jul 1, 2025 8:04


    U.S. agencies issue urgent warning over Iran threat Canada bans Chinese surveillance company CISA names new executive director Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response

    Hawaiian Airlines cyberattack, United Natural Foods update, Russia throttles Cloudflare

    Play Episode Listen Later Jun 30, 2025 8:12


    Hawaiian Airlines suffers cyberattack United Natural Foods says cyber incident will impact quarterly income Russia throttles Cloudflare making sites inaccessible Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response Find the stories behind the headlines at CISOseries.com.

    Week in Review: Qilin adds lawyers, Iranian spearphishing campaign, Microsoft Direct Send hack

    Play Episode Listen Later Jun 27, 2025 25:11


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Bil Harmer, operating partner and CISO, Craft Ventures. Check out Bil's page, KillSwitchAdvisory. Thanks to our show sponsor, ThreatLocker Alert fatigue, false positives, analyst burnout—you know the drill. What if you could stop threats before they run? ThreatLocker gives CISOs what they've been asking for: real control at the execution layer. Only approved apps, scripts, and executables run. Period. Known-good is enforced. Everything else? Denied by default. Ringfencing and storage control keep even trusted tools in their lane—so PowerShell doesn't become a weapon. And yes—it works at scale. Granular policies. Fast rollout. Built for modern infrastructure. You don't need more alerts. You need fewer chances for malware to make a move. ThreatLocker helps you flip the model—from detect-and-respond… to deny-and-verify. Go to ThreatLocker.com/CISO to schedule your free demo and close the last gap in your Zero Trust strategy, before it's exploited. All links and the video of this episode can be found on CISO Series.com  

    Iranian-backed spearphishing campaign, Microsoft Outlook fix, Glasgow suffers cyberattack

    Play Episode Listen Later Jun 27, 2025 8:38


    Iranian-backed spearphishing campaign seeks out cybersecurity experts Microsoft fixes Outlook bug causing crashes when opening emails Glasgow City Council suffers cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Patient death linked to ransomware, BreachForums busted again, nOAuth vulnerability

    Play Episode Listen Later Jun 26, 2025 8:29


    NHS confirms patient death linked to ransomware attack BreachForums busted again Thousands of SaaS apps still vulnerable to nOAuth Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    70 Microsoft Exchange servers targeted, Apple, Netflix, Microsoft sites hacked, data breach hits Aflac

    Play Episode Listen Later Jun 25, 2025 7:34


    Hackers target over 70 Microsoft Exchange servers to steal credentials via keyloggers Apple, Netflix, Microsoft sites ‘hacked' for tech support scams The 2022 initiative by Cloudflare, CrowdStrike and Ping Identity provided cybersecurity support to critical infrastructure sectors seen as potential targets of Russia-linked attacks Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    Retaliatory Iranian cyberattacks, steel giant confirms breach, ransomware hits healthcare system again

    Play Episode Listen Later Jun 24, 2025 8:31


    DHS warns of retaliatory Iranian cyberattacks Steel giant Nucor confirms breach Ransomware hits healthcare system again Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    CMS retailer report, Aflac investigates activity, Russian dairy cyberattack

    Play Episode Listen Later Jun 23, 2025 7:10


    CMC officially points finger at Scattered Spider for Marks & Spencer and Co-op attacks Aflac investigating suspicious activity on its U.S. network Russian dairy producers suffer cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Week in Review: ClickFake deepfake scam, Krispy Kreme breach, NIST ZTA guidance

    Play Episode Listen Later Jun 20, 2025 32:50


     Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Howard Holton, COO and industry analyst, GigaOm Thanks to our show sponsor, Adaptive Security As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com. All links and the video of this episode can be found on CISO Series.com  

    Cisco, Atlassian fixes, Ryuk member arrested, Viasat Typhoon attack

    Play Episode Listen Later Jun 20, 2025 8:57


    Cisco, Atlassian fix high-severity vulnerabilities Alleged Ryuk ransomware gang member arrested and extradited Telecom company Viasat attacked by Salt Typhoon Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.

    Episource Breach, Predatory Sparrow strikes again, Swiss banks data leak

    Play Episode Listen Later Jun 19, 2025 7:30


    Over 5 million impacted by Episource breach Predatory Sparrow strikes Iran again Data leak at Swiss banks  Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com.

    Hackers exploit Langflow flaw, TP-Link routers still vulnerable, Russia detects SuperCard malware attacks

    Play Episode Listen Later Jun 18, 2025 8:52


    Hackers exploit critical Langflow flaw to unleash Flodrix botnet Organizations warned of vulnerability exploited against discontinued TP-Link routers Russia detects first SuperCard malware attacks skimming bank data via NFC Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com.

    2FA middleman, Archetyp seized, Zoomcar hacked

    Play Episode Listen Later Jun 17, 2025 7:35


    Beware the SMS 2FA middleman Police seize Archetyp Market Zoomcar hack impacts 8.4 million users Huge thanks to our sponsor, Adaptive Security As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com.

    Washington Post hacked, WestJet suffers cyberattack, Texas DoT breach

    Play Episode Listen Later Jun 16, 2025 8:25


    Washington Post investigates hacking incident on journalists' emails Canadian airline WestJet is containing a cyberattack Crash records stolen from Texas DOT Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.  

    Week in Review: Google and Cloudflare outages, Copilot Zero-Click, Cloudflare's Claude flair

    Play Episode Listen Later Jun 13, 2025 25:20


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Christina Shannon, CIO, KIK Consumer Products Thanks to our show sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines. All links and the video of this episode can be found on CISO Series.com

    Microsoft Entra attack, Thursday's Cloud outages, Mark Green retires

    Play Episode Listen Later Jun 13, 2025 8:10


    Hackers attacks target Microsoft Entra ID accounts using pentesting tool Google Cloud and Cloudflare outages reported House Homeland Chairman Mark Green announces his departure Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at  Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.

    CoPilot zero-click, Operation Secure, FIN6 targets recruiters

    Play Episode Listen Later Jun 12, 2025 7:43


    Zero-click data leak flaw in Copilot Operation Secure targets infostealer operations FIN6 targets recruiters Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta.  With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information.  The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive.  Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines.

    40K IoT cameras stream secrets to browsers, Marks & Spencer taking online orders post-cyberattack, PoC Code escalates Roundcube Vuln threat

    Play Episode Listen Later Jun 11, 2025 8:04


    CISA, Microsoft warn of Windows zero-day used in attack on ‘major' Turkish defense org 40K IoT cameras worldwide stream secrets to anyone with a browser Marks & Spencer begins taking online orders again, out for seven weeks due to cyberattack Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta.  With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information.  The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive.  Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines.

    Cybersecurity News: Brute forcing Google accounts, Guardian's Secure Messaging, UNFI cyberattack

    Play Episode Listen Later Jun 10, 2025 8:13


    Brute forcing phone numbers linked to Google accounts The Guardian launches Secure Messaging service United Natural Foods hit by cyberattack Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta.  With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information.  The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive.  Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines.

    Cyber executive order, Neuberger's infrastructure warning, Mirai botnet warning

    Play Episode Listen Later Jun 9, 2025 8:42


    Presidential cyber executive order signed Neuberger warns of U.S. infrastructure's cyberattack weakness Mirai botnet infects TBK DVR devices Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at  Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.

    Week in Review: Senators' CSRB bid, Deepfakes dodge detection, Microsoft-CrowdStrike collaboration

    Play Episode Listen Later Jun 6, 2025 27:43


    Link to episode page This week's Cyber Security Headlines - Week in Review is hosted by Rich Stroffolino with guest Rusty Waldron, chief business security officer, ADP Thanks to our show sponsor, Conveyor Let me guess, another security questionnaire just landed in your inbox. Which means all the follow up tasks you don't have time for are close behind. What are you going to do? Here's a better question: what would Sue do? Sue is Conveyor's new AI Agent for Customer Trust. She handles the entire security review process like answering every customer request from sales, completing every questionnaire or executing every communications and coordination task in-between. No more manual work. Just a quick review when she's done. Ready to let Sue take the reins? Learn more at www.conveyor.com. All links and the video of this episode can be found on CISO Series.com

    Kettering data published, Reddit sues Anthropic, North Face breached

    Play Episode Listen Later Jun 6, 2025 7:27


    Stolen Kettering Health data published Reddit sues Anthropic for scraping North Face website customer accounts breached Huge thanks to our sponsor, Conveyor Let me guess, another security questionnaire just landed in your inbox. Which means all the follow up tasks you don't have time for are close behind.  What are you going to do? Here's a better question: what would Sue do? Sue is Conveyor's new AI Agent for Customer Trust. She handles the entire security review process like answering every customer request from sales, completing every questionnaire or executing every communications and coordination task in-between.  No more manual work. Just a quick review when she's done. Ready to let Sue take the reins? Learn more at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.

    Russian bomber maker popped, vishing targets Salesforce, MS helps out governments

    Play Episode Listen Later Jun 5, 2025 7:28


    Ukraine claims cyberattack on Russian bomber maker Vishing campaign targets Salesforce Microsoft lends a hand to European governments Huge thanks to our sponsor, Conveyor Ever wish you had a teammate that could handle the most annoying parts of customer security reviews? You know, chasing down SMEs for answers, updating systems, coordinating across teams—all the grunt work nobody wants to do.  Plus, having to finish the dang questionnaire itself.  Well. That teammate exists—Conveyor just launched Sue, the first AI Agent for Customer Trust. Sue really is the dream teammate. She never misses a deadline, answers every customer request from sales, completes every questionnaire and knocks out all the coordination in-between. Sue handles it all so you don't have to. Learn more at www.conveyor.com.

    Meta, Yandex take heat on browsing identifiers, Acreed malware makes gains, HPE warns of critical auth bypass

    Play Episode Listen Later Jun 4, 2025 7:52


    Meta and Yandex are de-anonymizing Android users' web browsing identifiers LummaC2 fractures as Acreed malware becomes top dog Hewlett Packard Enterprise warns of critical StoreOnce auth bypass Huge thanks to our sponsor, Conveyor Tired of herding cats to complete customer security questionnaires?  Your team probably spends hours daily juggling the back and forth of completing these security requests. That's why Conveyor created Sue, the first AI Agent for Customer Trust. Sue doesn't just handle completing security questionnaires and sending SOC 2 to prospects – she manages all the communication and follow-up too.  You simply get notified when everything's done so you can do a quick review.  Stop wrangling cats and see what Sue can do for you at www.conveyor.com.  

    MS and CrowdStrike partner, Qualcomm bugs exploited, new CISA cut details

    Play Episode Listen Later Jun 3, 2025 7:30


    Microsoft and CrowdStrike partner to link threat actor names Qualcomm sees Adreno bugs under active exploitation New details on proposed CISA cuts Huge thanks to our sponsor, Conveyor Does trying to get the security questionnaire done and back to your customer ever feel like you're herding cats? It's not answering questions - most of you have automation software for that. It's all of the manual back and forth that becomes a slog like communicating between teams, tracking people down to get their review, updating sources and updating systems. Conveyor just launched an AI agent, Sue, to do all of these things and more for you. Learn about Sue at www.conveyor.com.

    Cisco IOS XE exploit, Senators' CSRB request, Australia ransomware law

    Play Episode Listen Later Jun 2, 2025 8:06


    Exploit for maximum severity Cisco IOS XE flaw now public Senators as for reinstatement of cyber review board to work on Salt Typhoon investigation Australian ransomware victims now must report their payments Huge thanks to our sponsor, Conveyor Conveyor launched the first AI Agent for Customer Trust. So wtf does that mean? It means the AI agent goes beyond just sharing NDA-gated documents like a SOC 2 with customers or answering security questionnaires. Conveyor's AI Agent, Sue, handles the entire security review process from start to finish.  She answers every customer request from sales, completes every questionnaire and executes every communications and coordination task in-between. It's perfect for B2B infosec teams sick of manual security review work. Check it out at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.  

    Week in Review: Chrome password replacer, Luna Moth exploits, ChatGPT declines shutdown command

    Play Episode Listen Later May 30, 2025 26:09


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Steve Knight, former CISO, Hyundai Capital America Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. All links and the video of this episode can be found on CISO Series.com    

    Windows startup failures, Victoria's Secret cyberattack, stolen cookie threat

    Play Episode Listen Later May 30, 2025 7:21


    Windows 11 might fail to start after installing KB5058405, says Microsoft Victoria's Secret website goes offline following cyberattack Billions of stolen cookies available, worrying security experts Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Microsoft updates Update, LexisNexis leak, cyber insurance premiums

    Play Episode Listen Later May 29, 2025 7:58


    Microsoft wants to update all the things LexisNexis breach impacts 364,000 people Cyber insurance premium volume expected to double Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    MathWorks confirms ransomware attack, Adidas has data breach, Dutch intelligence warns of cyberattack

    Play Episode Listen Later May 28, 2025 6:32


    MathWorks, Creator of MATLAB, Confirms Ransomware Attack Adidas warns of data breach after customer service provider hack Dutch Intelligence Agencies Say Russian Hackers Stole Police Data in Cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    Malicious npm codes, Nova Scotia cyberattack, ChatGPT refuses shutdown command

    Play Episode Listen Later May 27, 2025 7:19


    Malicious npm and VS Code packages stealing data Nova Scotia Power confirms ransomware attack Researchers claim ChatGPT o3 bypassed shutdown in controlled test Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.  

    CISA's Commvault warning, updated Killnet returns, fake VPN malware

    Play Episode Listen Later May 26, 2025 9:13


    CISA warns Commvault clients of campaign targeting cloud applications Russian hacker group Killnet returns with slightly adjusted mandate Fake VPN and browser NSIS installers used to deliver Winos 4.0 malware Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Week in Review: Disabling Microsoft Defender, corrupted power inverters, bipartisan training bill

    Play Episode Listen Later May 23, 2025 24:49


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest George Finney, CISO, The University of Texas System – check out George's new book plus all his other achievements at his website, WellAwareSecurity. Thanks to our show sponsor, Conveyor Still spending hours maintaining a massive spreadsheet of Q&A pairs or using RFP tools to answer security questionnaires? Conveyor's AI doesn't need hand-holding and gets you accurate answers every time with limited knowledge base maintenance. It reads directly from your connected sources—documents, wikis, websites, Confluence, Google drive, and even your Conveyor trust center. You don't maintain a knowledge base. You connect to one. And our AI does the rest for you. See what real auto-fill magic looks like at www.conveyor.com All links and the video of this episode can be found on CISO Series.com      

    Signal shutters Recall, Windows Server vulnerability, pathology lab breach

    Play Episode Listen Later May 23, 2025 8:33


    Signal adds Recall blocker Critical Windows Server 2025 dMSA vulnerability warning Pathology lab suffers data breach Huge thanks to our sponsor, Conveyor Still spending hours maintaining a massive spreadsheet of Q&A pairs or using RFP tools to answer security questionnaires? Conveyor's AI doesn't need hand-holding and gets you accurate answers every time with limited knowledge base maintenance. It reads directly from your connected sources—documents, wikis, websites, Confluence, Google drive, and even your Conveyor trust center. You don't maintain a knowledge base. You connect to one. And our AI does the rest for you. See what real auto-fill magic looks like at www.conveyor.com Find the stories behind the headlines at CISOseries.com.

    Kettering Health outage, Lumma disrupted, Opexus "major lapse"

    Play Episode Listen Later May 22, 2025 7:18


    Ransomware attack knocks out Kettering Health Lumma malware operation disrupted Federal agencies impacted by “major lapse” at Opexus Huge thanks to our sponsor, Conveyor Half-baked AI answers to security questionnaires are worse than no answer at all. Conveyor's AI gets it right the first time—with market-leading accuracy rates and full citations for every response. Because “good enough” doesn't cut it when you're filling in questionnaires daily. Accuracy isn't just a feature—it's the foundation. Because we know that when AI gets it wrong, you're stuck with more work.  If AI isn't living up to its promise with other tools, check out Conveyor at www.conveyor.com

    DOJ investigates Coinbase attack, Dutch cyber-espionage law passes, VanHelsing ransomeware leaked

    Play Episode Listen Later May 21, 2025 6:43


    US DOJ opens investigation into Coinbase's recent cyberattack Dutch government passes law to criminalize cyber-espionage Ransomware attack on food distributor spells more pain for UK supermarkets Huge thanks to our sponsor, Conveyor What if your sales team could answer security questions themselves—without blowing up your Slack or email every 10 minutes? With Conveyor, they can. Conveyor is the trust center and security questionnaire automation tool your infosec friends love to use. Whether through Slack or the Conveyor app, sales and presales teams can easily get AI-generated answers to any customer security question, with your pre-set rules and reviews in place. Free up your team and keep deals moving at www.conveyor.com

    Legal Aid breached, patients at risk from cyberattacks, 23andMe buyer

    Play Episode Listen Later May 20, 2025 7:19


    UK's Legal Aid Agency breached NHS patients put at risk from cyberattacks 23andMe has a buyer Huge thanks to our sponsor, Conveyor Ever spent an hour in a clunky portal questionnaire with UI from 1999 just to lose your work because it timed out? Conveyor's got you. Our browser extension completes questionnaires in the most tedious portals for you by auto-importing all the questions and generating AI answers. For popular portals, it can go full autopilot and fill in reviewed answers into the portal on one click. You shouldn't have to fight a portal just to prove your security posture.  Learn more at www.conveyor.com.

    UK retailer update, Microsoft Defender disabler, deepfakes target officials

    Play Episode Listen Later May 19, 2025 8:10


    Scattered Spider facilitates UK retail hacks and is moving to the U.S. Defendnot tool can disable Microsoft Defender FBI warns government officials about new waves of deepfakes Huge thanks to our sponsor, Conveyor Are you dealing with security questionnaire chaos this week? If so, get Conveyor's AI to knock them out for you. Connect Conveyor to any source, easily upload any format of questionnaire or use the browser extension for portals and their AI handles the rest—from parsing the questions to generating answers and auto-tagging collaborators. Let Conveyor do the work for you. Learn more at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.

    Week in Review: Hackers pump stocks, Microsoft stops screenshots, AI encrypts cybersecurity

    Play Episode Listen Later May 16, 2025 29:05


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Nick Espinosa, host, The Deep Dive Radio Show. Here's where you can find him: Daily Podcast on SoundCloud | YouTube | Forbes | Twitter/X | Facebook | BlueSky | Mastodon Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. All links and the video of this episode can be found on CISO Series.com      

    Coinbase hackers bribe staff, Windows 11 hacked at Pwn2Own, Telegram purges black market group

    Play Episode Listen Later May 16, 2025 8:08


    Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom Windows 11 and Red Hat Linux hacked on first day of Pwn2Own The Internet's biggest-ever black market just shut down amid a Telegram purge  Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines.

    Attack on steel producer, EUVD online, CISA advisory overhaul

    Play Episode Listen Later May 15, 2025 8:01


    Steel producer disrupted by cyberattack European Vulnerability Database (EUVD) is online CISA pauses advisory overhaul  Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines.

    Radware clarifies patch, retailer data stolen, Alabama suffers cyberattack

    Play Episode Listen Later May 14, 2025 8:49


    Radware says recently WAF bypasses were patched in 2023 Marks & Spencer confirms data stolen in ransomware attack Alabama suffers cybersecurity event  Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com

    GlobalX breach, Google settles lawsuits, UK software security guidelines

    Play Episode Listen Later May 13, 2025 7:52


    Global Crossing Airlines Group confirms cyberattack Google settles privacy lawsuits UK launches software security guidelines  Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines.

    Japan finance hacks, Pearson suffers cyberattack, Teams blocks screen captures

    Play Episode Listen Later May 12, 2025 8:28


    Hackers hijack Japanese financial accounts to conduct billions in trades Education giant Pearson hit by cyberattack exposing customer data Microsoft Teams will soon block screen capture during meetings  Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.  

    Claim Cyber Security Headlines

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel