Cyber Security Headlines

Follow Cyber Security Headlines
Share on
Copy link to clipboard

Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.

CISO Series


    • Aug 15, 2025 LATEST EPISODE
    • weekdays NEW EPISODES
    • 10m AVG DURATION
    • 1,504 EPISODES


    Search for episodes from Cyber Security Headlines with a specific topic:

    Latest episodes from Cyber Security Headlines

    Week in Review: ShinyHunters-Scattered Spider merge, DARPA AI prize, Water infrastructure volunteers

    Play Episode Listen Later Aug 15, 2025 30:29


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Steve Zalewski, co-host, Defense in Depth Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines All links and the video of this episode can be found on CISO Series.com    

    NFC fraud reappears, Canada government breach, Zoom's critical flaw

    Play Episode Listen Later Aug 15, 2025 8:08


    New wave of NFC relay fraud, call hijacking, and root exploits in banking sector Canada's House of Commons suffers cyberattack Zoom fixes critical Windows client flaw that could enable privilege escalation Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.

    Court filing system hack explained, PA AG weighs in on attack, Fortinet attacks raise concerns

    Play Episode Listen Later Aug 14, 2025 7:22


    Hack of federal court filing system exploited security flaws known since 2020 Pennsylvania attorney general says cyberattack knocked phone, email systems offline Spike in Fortinet VPN brute-force attacks raises zero-day concerns Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

    Fortinet SSL VPNs getting hammered, The Netherlands critical infrastructure compromise, Africa the most targeted for cyber attacks

    Play Episode Listen Later Aug 13, 2025 7:26


    The hits just keep on coming Where's the Little Dutch Boy when you need him? I felt the ransomware down in Africa Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com

    North Korean crypto theft, Microsoft rolls out back up, four charged in global scheme

    Play Episode Listen Later Aug 12, 2025 9:07


    North Korean crypto theft Microsoft rolls out PC back up during attack U.S. charges four in $100M global fraud scheme Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

    DARPA code prize, ScarCruft adds ransomware, Columbia breach tally

    Play Episode Listen Later Aug 11, 2025 8:21


    DARPA awards $4 million prize for AI code review at DEF CON North Korea ScarCruft group adds ransomware to its activities Columbia University hack affects over 860,000 Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.  

    Week in Review: UK LegalAid collapse, public ransomware approval, Salesforce breach impact

    Play Episode Listen Later Aug 8, 2025 30:03


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Montez Fitzpatrick, CISO, Navvis Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO All links and the video of this episode can be found on CISO Series.com  

    Hybrid Exchange flaw, France telecom breach, Dialysis company attack

    Play Episode Listen Later Aug 8, 2025 7:44


    Microsoft warns of high-severity flaw in hybrid Exchange deployments France's third-largest mobile operator suffers breach Dialysis company's April attack affects 900,000 people Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Gemini AI hijacked, Nvidia rejects AI chip backdoors, phishers abuse Microsoft 365

    Play Episode Listen Later Aug 7, 2025 6:23


    Hackers hijacked Google's Gemini AI with a poisoned calendar invite to take over a smart home Nvidia rejects US demand for backdoors in AI chips Google says hackers stole its customers' data by breaching its Salesforce database Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    PBS confirms data breach, TSMC fires engineers over theft, Cloudflare: Perplexity is web scraping

    Play Episode Listen Later Aug 6, 2025 7:04


    PBS confirms data breach after employee info leaked on Discord servers TSMC fires engineers over suspected semiconductor secrets theft Cloudflare on Perplexity web scraping techniques to avoid robot.txt and network blocks Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    Microsoft & Google lead zero day exploits, Plague Linux malware maintains SSH access, panel to create US Cyber Force

    Play Episode Listen Later Aug 5, 2025 8:20


    Microsoft and Google among most affected as zero day exploits jump 46% Vietnamese hackers use PXA Stealer, hit 4,000 IPs and steal 200,000 passwords globally New Plague Linux malware stealthily maintains SSH access Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    Akira's SonicWall zero-day, UK Legal-Aid suffers, Luxembourg 5G attack

    Play Episode Listen Later Aug 4, 2025 8:50


      Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Week in Review: Surveillance camera vulnerabilities, data sovereignty conundrum, French submarine cyberattack

    Play Episode Listen Later Aug 1, 2025 30:47


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Derek Fisher, Director of the Cyber Defense and Information Assurance Program, Temple University – also check out Derek's substack. Thanks to our show sponsor, Dropzone AI Security teams everywhere are drowning in alerts. That's why companies like Zapier and CBTS turned to Dropzone AI—the leader in autonomous alert investigation. Their AI investigates everything, giving your analysts time back for real security work. No more 40-minute rabbit holes. If you're at BlackHat, find them in Startup City. Otherwise, check out their self-guided demo at dropzone.ai. This is how modern SOCs are scaling without burning out. All links and the video of this episode can be found on CISO Series.com    

    ATM Raspberry Pi breach, Easterly West Point cancellation, Chinese company-hacker link

    Play Episode Listen Later Aug 1, 2025 8:53


    NATM network breached and attacked through 4G Raspberry Pi Easterly's appointment to West Point rescinded Report links Chinese companies to tools used by state-sponsored hackers Huge thanks to our sponsor, Dropzone AI Security teams everywhere are drowning in alerts. That's why companies like Zapier and CBTS turned to Dropzone AI—the leader in autonomous alert investigation. Their AI investigates everything, giving your analysts time back for real security work. No more 40-minute rabbit holes. If you're at BlackHat, find them in Startup City. Otherwise, check out their self-guided demo at dropzone.ai. This is how modern SOCs are scaling without burning out. Find the stories behind the headlines at CISOseries.com.

    Oh No! Lenovo, French submarine data breach, Russian pharmacy cyberattack

    Play Episode Listen Later Jul 31, 2025 7:51


    Oh No! Lenovo You sunk my battleship! Or did you? Russians unable to get a taste of their own medicine Huge thanks to our sponsor, Dropzone AI Security teams everywhere are drowning in alerts. That's why companies like Zapier and CBTS turned to Dropzone AI—the leader in autonomous alert investigation. Their AI investigates everything, giving your analysts time back for real security work. No more 40-minute rabbit holes. If you're at BlackHat, find them in Startup City. Otherwise, check out their self-guided demo at dropzone.ai. This is how modern SOCs are scaling without burning out.   Find the stories behind the headlines at CISOseries.com.  

    Telecom Orange hacked, $2.4M Bitcoin seized from Chaos, Scattered Spider's tactics evolve

    Play Episode Listen Later Jul 30, 2025 6:43


    Critical Authentication Flaw Identified in Base44 Vibe Coding Platform French telecom giant Orange discloses cyberattack FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation Huge thanks to our sponsor, Dropzone AI What if your SOC could investigate every single alert without burning out your team? That's exactly what Dropzone AI does. They're the leader in autonomous security investigations, and companies like Zapier and Fortune 500s are already on board. Their AI works alongside your analysts, handling the routine so humans can be strategic. See them at BlackHat in Startup City, booth 6427. Or experience it yourself—dropzone.ai has a self-guided demo ready for you.  

    Russian flights grounded, Naval group breach, dating app exposed

    Play Episode Listen Later Jul 29, 2025 8:07


    Hacktivist attack grounds Russian flights Naval group denies breach, hackers beg to differ  Dating app breach exposes thousands of women's pictures Huge thanks to our sponsor, Dropzone AI Let me tell you about Dropzone AI—they're revolutionizing how security teams work. Companies like CBTS and Zapier use their AI to investigate alerts automatically, freeing up analysts for the work that really matters. We're talking 40-minute investigations done in 3 minutes. You can meet the Dropzone team at BlackHat in Startup City, or just head to dropzone.ai for a self-guided demo. Trust me, this is the future of security operations.

    NASCAR announces breach, Plankey for CISA, 365 Admin outage

    Play Episode Listen Later Jul 28, 2025 8:25


    NASCAR announces data breach following March cyberattack Plankey appears to be on track to lead CISA Microsoft investigates another outage affecting 365 admin center Huge thanks to our sponsor, Dropzone AI Today's sponsor is Dropzone AI, the leader in AI-powered SOC automation. Major companies like Zapier and UiPath are using Dropzone to give their security teams superpowers. Imagine your analysts focusing on real threats while AI handles every routine investigation—in minutes, not hours. If you're heading to BlackHat, stop by their booth in Startup City. But you don't have to wait—check out their self-guided demo at dropzone.ai and see why Fortune 500s are making the switch. Find the stories behind the headlines at CISOseries.com.

    Week in Review: Aruba's hardcoded passwords, Clorox wipes supplier's mess, AI tool deletes everything

    Play Episode Listen Later Jul 25, 2025 29:32


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Nick Espinosa, host, The Deep Dive Radio Show Thanks to our show sponsor, Nudge Security Nudge Security discovers new apps, accounts, and data-sharing in real-time and helps guide employees toward secure behaviors. Instead of trying to control everything, we give IT and security teams the visibility and automation they need to secure the Workforce Edge. All links and the video of this episode can be found on CISO Series.com          

    SonicWall releases patches, The Com warning, Compromised Amazon Q extension

    Play Episode Listen Later Jul 25, 2025 8:34


    SonicWall announces SMA 100 patches FBI warns about The Com Compromised Amazon Q extension deletes everything Huge thanks to our sponsor, Nudge Security Nudge Security discovers new apps, accounts, and data-sharing in real-time and helps guide employees toward secure behaviors. Instead of trying to control everything, we give IT and security teams the visibility and automation they need to secure the Workforce Edge. Find the stories behind the headlines at CISOseries.com.

    Goodbye toha, AI deletes live data, Adobe apps advisory activated

    Play Episode Listen Later Jul 24, 2025 8:37


    Goodbye toha, or as they say in Russian, Прощай “Trust the AI," they said. “What could go wrong?” they said Adobe apps advisory activated Huge thanks to our sponsor, Nudge Security Trying to squeeze a few more items into your budget? Nudge Security can help by discovering up to TWO YEARS of historical SaaS spend along with usage insights so you can eliminate wasted spend. In fact, Nudge Security customer KarmaCheck was able to recoup 150% of their investment in Nudge within the first 6 months. See where you can save money by starting a free trial at nudgesecurity.com/spend.

    Sharepoint hack linked to Chinese groups, NGOs targeted with phishing tactics, engineer admits US missile theft

    Play Episode Listen Later Jul 23, 2025 6:49


    Microsoft links Sharepoint ToolShell attacks to Chinese hackers Russian threat actors target NGOs with new OAuth phishing tactics Silicon Valley engineer admits theft of US missile tech secrets Huge thanks to our sponsor, Nudge Security Nudge Security discovers every SaaS app used in your org, secures configurations, enforces MFA, and manages app-to-app access so you can prevent identity based attacks. Start a free 14-day trial today at NudgeSecurity.com

    SharePoint patched, World Leaks hits Dell, $44 million crypto theft

    Play Episode Listen Later Jul 22, 2025 8:10


    SharePoint RCE flaws patched and exploited from China Dell acknowledges World Leaks data breach $44 million stolen from crypto exchange  Huge thanks to our sponsor, Nudge Security Nudge Security discovers every GenAI tool ever used in your org, even those you've never heard of. For each tool, you'll see who introduced it, who else is using it, where it's integrated into other tools, and a vendor security profile. Get your free GenAI inventory today at NudgeSecurity.com. 

    Aruba password warning, SharePoint zero day, Russian vodka maker attacked

    Play Episode Listen Later Jul 21, 2025 8:06


    Hewlett Packard warns of hardcoded passwords in Aruba access points SharePoint zero-day exploited via RCE, no patch available Russian vodka producer suffers ransomware attack Huge thanks to our sponsor, Nudge Security Discover every SaaS account ever created by anyone in your org within minutes of starting a free trial. Harden configs, enforce MFA, revoke risky app-to-app access, and more. Learn more at NudgeSecurity.com Find the stories behind the headlines at CISOseries.com.  

    Week in Review: Pentagon's Chinese Engineers, Gemini's email phish, 20-year-old railroad flaw persists

    Play Episode Listen Later Jul 18, 2025 32:12


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Cyrus Tibbs, CISO, PennyMac Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. All links and the video of this episode can be found on CISO Series.com

    Taiwan semiconductor sector hacked, Salt Typhoon breaches National Guard, Congress ponders Stuxnet

    Play Episode Listen Later Jul 18, 2025 9:03


    Chinese hackers use Cobalt Strike on Taiwan's semiconductor sector Salt Typhoon breaches National Guard and steals network configurations Congress considers Stuxnet to manage OT threats Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Google's AI tool finds bugs, Europol disrupts hacktivist group, SquidLoader targets Hong Kong

    Play Episode Listen Later Jul 17, 2025 6:29


    Google says ‘Big Sleep' AI tool found bug hackers planned to use Google fixes actively exploited sandbox escape zero day in Chrome China's cyber sector amplifies Beijing's hacking of U.S. targets Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    Chinese engineers at Pentagon, HazyBeacon malware, MITRE framework: AADAPT

    Play Episode Listen Later Jul 16, 2025 8:06


    Pentagon welcomes Chinese engineers into its environment HazyBeacon: It's not a beer, but it leaves a bitter aftertaste What the world needs now is another framework Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    EU age verification, train brakes vulnerability, Grok-4 jailbroken

    Play Episode Listen Later Jul 15, 2025 8:26


    EU states to test age verification app  (Reuters) AAR pledges to start fixing 20-year old vulnerability next year (Security Week) Grok-4 jailbroken in two days (Infosecurity Magazine) DoD awards contracts for agentic AI (Reuters) eSIM vulnerability exposes billions of IoT devices (Infosecurity Magazine) UK launches Vulnerability Research Initiative (Bleeping Computer) Interlock ransomware using FileFix for malware (Bleeping Computer) Disinformation groups spoofs European journalists (The Record) Elmo gets hacked (AP News) Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    CitrixBleed2 urgent fix, Gemini email flaw, Louis Vuitton cyberattack

    Play Episode Listen Later Jul 14, 2025 8:47


    CISA gives one day for Citrix Bleed 2 fix Google Gemini flaw hijacks email summaries for phishing Louis Vuitton says UK customer data stolen in cyber-attack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Week in Review: ChatGPT URL vulnerability, McDonald's password problem, Perfekt Bluetooth blunder

    Play Episode Listen Later Jul 11, 2025 25:21


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Jim Bowie, vp, CISO, Tampa General Hospital Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines All links and the video of this episode can be found on CISO Series.com  

    Outlook outage continues, Iranian APT activity, Russian ransomware arrest

    Play Episode Listen Later Jul 11, 2025 9:47


    Look Out! Another Outlook Outage Iranian APTs increased activity against U.S. industries in late spring Russian basketball player arrested in France over alleged ransomware ties Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.

    AMD has CPU meltdown, Mozilla Thunderbird has vulnerabilities, Indian defense sector attacked

    Play Episode Listen Later Jul 10, 2025 7:46


    AMD warns of new Meltdown, Spectre-like bugs affecting CPUs Multiple vulnerabilities in Mozilla Thunderbird could allow for arbitrary code execution Bitcoin Depot breach exposes data of nearly 27,000 crypto users, More than $40 million stolen from GMX crypto platform Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

    Rubio Spoofed, RondoDox Botnet, Batavia Spyware

    Play Episode Listen Later Jul 9, 2025 8:43


    Four members of President Trump's cabinet impersonated Is this some kind of a game? Batavia attacks Russian industrial companies Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

    Call of Duty game pulled, U.S. military gets cybersecurity boost, Bank employee helped hackers

    Play Episode Listen Later Jul 8, 2025 8:33


    Call of Duty game pulled from PC store after reported exploit U.S. military gets cybersecurity boost Bank employee helped hackers steal $100M Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

    Ingram Micro cyberattack, Telefonica possible breach, LLM URL recommendation problem

    Play Episode Listen Later Jul 7, 2025 8:08


    Ingram Micro suffers ransomware attack Hacker leaks Telefónica data allegedly from new breach ChatGPT prone to recommending wrong URLs, creating a new phishing opportunity Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.    

    Undetectable Android spyware is detectable, Hunters ransomware quits, Salt Typhoon dormant

    Play Episode Listen Later Jul 4, 2025 9:09


    Undetectable Android spyware leaks user logins Hunters ransomware group shuts doors Medical device company Surmodics reports cyberattack Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response Find the stories behind the headlines at CISOseries.com.

    Columbia hack, hunger relief ransomware, Qantas breach

    Play Episode Listen Later Jul 3, 2025 7:27


    Student data lost in Columbia University hack German hunger relief charity hit by ransomware Qantas contact center breached Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response

    Google issues Chrome security update, ICC targeted by new attack, Microsoft nixes Authenticator password management

    Play Episode Listen Later Jul 2, 2025 7:23


    Chrome Zero-Day CVE-2025-6554 under active attack — Google issues security update International Criminal Court targeted by new ‘sophisticated' attack Kelly Benefits says 2024 data breach impacts 550,000 customers, Esse Health says recent data breach affects over 263,000 patients Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response

    New Iran warning, Chinese surveillance company banned, CISA names new executive director

    Play Episode Listen Later Jul 1, 2025 8:04


    U.S. agencies issue urgent warning over Iran threat Canada bans Chinese surveillance company CISA names new executive director Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response

    Hawaiian Airlines cyberattack, United Natural Foods update, Russia throttles Cloudflare

    Play Episode Listen Later Jun 30, 2025 8:12


    Hawaiian Airlines suffers cyberattack United Natural Foods says cyber incident will impact quarterly income Russia throttles Cloudflare making sites inaccessible Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response Find the stories behind the headlines at CISOseries.com.

    Week in Review: Qilin adds lawyers, Iranian spearphishing campaign, Microsoft Direct Send hack

    Play Episode Listen Later Jun 27, 2025 25:11


    Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Bil Harmer, operating partner and CISO, Craft Ventures. Check out Bil's page, KillSwitchAdvisory. Thanks to our show sponsor, ThreatLocker Alert fatigue, false positives, analyst burnout—you know the drill. What if you could stop threats before they run? ThreatLocker gives CISOs what they've been asking for: real control at the execution layer. Only approved apps, scripts, and executables run. Period. Known-good is enforced. Everything else? Denied by default. Ringfencing and storage control keep even trusted tools in their lane—so PowerShell doesn't become a weapon. And yes—it works at scale. Granular policies. Fast rollout. Built for modern infrastructure. You don't need more alerts. You need fewer chances for malware to make a move. ThreatLocker helps you flip the model—from detect-and-respond… to deny-and-verify. Go to ThreatLocker.com/CISO to schedule your free demo and close the last gap in your Zero Trust strategy, before it's exploited. All links and the video of this episode can be found on CISO Series.com  

    Iranian-backed spearphishing campaign, Microsoft Outlook fix, Glasgow suffers cyberattack

    Play Episode Listen Later Jun 27, 2025 8:38


    Iranian-backed spearphishing campaign seeks out cybersecurity experts Microsoft fixes Outlook bug causing crashes when opening emails Glasgow City Council suffers cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Patient death linked to ransomware, BreachForums busted again, nOAuth vulnerability

    Play Episode Listen Later Jun 26, 2025 8:29


    NHS confirms patient death linked to ransomware attack BreachForums busted again Thousands of SaaS apps still vulnerable to nOAuth Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    70 Microsoft Exchange servers targeted, Apple, Netflix, Microsoft sites hacked, data breach hits Aflac

    Play Episode Listen Later Jun 25, 2025 7:34


    Hackers target over 70 Microsoft Exchange servers to steal credentials via keyloggers Apple, Netflix, Microsoft sites ‘hacked' for tech support scams The 2022 initiative by Cloudflare, CrowdStrike and Ping Identity provided cybersecurity support to critical infrastructure sectors seen as potential targets of Russia-linked attacks Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    Retaliatory Iranian cyberattacks, steel giant confirms breach, ransomware hits healthcare system again

    Play Episode Listen Later Jun 24, 2025 8:31


    DHS warns of retaliatory Iranian cyberattacks Steel giant Nucor confirms breach Ransomware hits healthcare system again Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

    CMS retailer report, Aflac investigates activity, Russian dairy cyberattack

    Play Episode Listen Later Jun 23, 2025 7:10


    CMC officially points finger at Scattered Spider for Marks & Spencer and Co-op attacks Aflac investigating suspicious activity on its U.S. network Russian dairy producers suffer cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

    Week in Review: ClickFake deepfake scam, Krispy Kreme breach, NIST ZTA guidance

    Play Episode Listen Later Jun 20, 2025 32:50


     Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Howard Holton, COO and industry analyst, GigaOm Thanks to our show sponsor, Adaptive Security As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com. All links and the video of this episode can be found on CISO Series.com  

    Cisco, Atlassian fixes, Ryuk member arrested, Viasat Typhoon attack

    Play Episode Listen Later Jun 20, 2025 8:57


    Cisco, Atlassian fix high-severity vulnerabilities Alleged Ryuk ransomware gang member arrested and extradited Telecom company Viasat attacked by Salt Typhoon Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.

    Episource Breach, Predatory Sparrow strikes again, Swiss banks data leak

    Play Episode Listen Later Jun 19, 2025 7:30


    Over 5 million impacted by Episource breach Predatory Sparrow strikes Iran again Data leak at Swiss banks  Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com.

    Hackers exploit Langflow flaw, TP-Link routers still vulnerable, Russia detects SuperCard malware attacks

    Play Episode Listen Later Jun 18, 2025 8:52


    Hackers exploit critical Langflow flaw to unleash Flodrix botnet Organizations warned of vulnerability exploited against discontinued TP-Link routers Russia detects first SuperCard malware attacks skimming bank data via NFC Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com.

    Claim Cyber Security Headlines

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel