CISO Headlines

This CISO Daily Update covers:This episode highlights recent cybersecurity threats and vulnerabilities across various sectors. Several organizations, including Casio, ADT, and the Superior Court of California, have been victims of cyberattacks, resulting in data breaches and disruptions. The text also discusses the exploitation of vulnerabilities in software and hardware, such as those found in Ivanti's CSA and Qualcomm's DSP service. The increasing prevalence of ransomware attacks is addressed, with 31 new groups joining the cybercrime ecosystem in the past year. Today's podcast concludes by emphasizing the need for organizations to prioritize cloud security, given that 38% of companies face critical security exposures in their cloud environments. Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers:This episode highlights a range of cyberattacks and vulnerabilities affecting various sectors. One source focuses on the cyberattack against American Water, the largest U.S. water utility, which disrupted online services but did not affect water supply. The podcast details a reported hack against U.S. broadband providers, potentially compromising systems used for government wiretapping. Other sources discuss data breaches at Universal Music Group and the EigenLayer Ethereum restaking protocol, along with vulnerabilities in various software applications and systems, including Apache Avro, Okta, and Visual Studio. This episode explores the growing threat of botnet attacks, emphasizing the financial impact of insecure APIs and bot attacks on businesses. Today's episode examines the challenges faced by security operations center (SOC) teams in navigating overwhelming alert volumes and the increasing reliance on AI-powered security tools. Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers:This episode explores various recent cyberattacks and vulnerabilities, highlighting the rising threat to businesses, individuals, and critical infrastructure. Covering incidents targeting specific companies like Comcast and Truist Bank, as well as widespread attacks affecting healthcare institutions, online retailers, and cryptocurrency exchanges. The podcast discusses vulnerabilities in software like WordPress plugins and iOS, and the growing use of ransomware and phishing scams. The episode emphasizes the importance of robust cybersecurity measures to prevent future attacks and protect sensitive information. Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers:The episode details various cybersecurity incidents, vulnerabilities, and trends. One source reports a ransomware attack affecting Wayne County, Michigan, while another describes Microsoft disrupting a Russian cyber group's activities. Several points focus on vulnerabilities and exploits targeting software and hardware, including Ivanti Endpoint Manager, Chrome, Firefox, and Cisco products. The news also covers fraudulent activities like fake trading apps and iPhone scams. In addition, the articles discuss growing cybersecurity spending and concerns about the increasing attack surface due to AI and cloud technologies. The podcast also highlights security risks associated with the use of unsanctioned GenAI tools and inadequate router security measures. CISA emphasizes the robust security measures implemented to protect the upcoming U.S. election from foreign interference. Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers:The podcast highlights a series of cybersecurity threats and vulnerabilities impacting various organizations and industries. From individual hackers exploiting Office365 accounts to nation-state actors like APT45, the sources detail various methods employed by threat actors to gain unauthorized access and cause harm. Furthermore, the episode addresses vulnerabilities in commonly used software like Zimbra and Adobe Commerce, along with critical flaws in network infrastructure devices like DrayTek routers and Optigo Network switches. Additionally, today highlights the challenges faced by cybersecurity professionals, including increasing stress levels due to a complex threat landscape and understaffed teams. The podcast also covers the work of organizations like CISA and NIST in identifying and mitigating vulnerabilities, underscoring the importance of proactive security measures to combat evolving cyber threats.Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers:This episode highlight various cyber security threats facing businesses and individuals, covering ransomware attacks, data breaches, phishing campaigns, and software vulnerabilities. Ransomware attacks targeted a major hospital and continue to plague businesses. Data breaches exposed private information on online forums and from mobile carriers, while phishing attacks leveraged free tools to steal user credentials. Exploited vulnerabilities in popular software and hardware products put users at risk, and the lack of threat sharing among organizations weakens cybersecurity efforts. Law enforcement agencies are actively targeting cybercrime gangs through arrests and sanctions. Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers:This podcast is a collection of news articles that highlight the growing threat of cyberattacks and data breaches across various industries. The articles cover a wide range of cyber security incidents, from ransomware attacks targeting credit unions and healthcare organizations to data leaks from facial DNA providers and vulnerabilities in common software systems like CUPS and PHP. The episode also examines the challenges faced by cybersecurity professionals, including inadequate funding for state CISOs and the continued reliance on less secure authentication methods like username and password logins. Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers:Explore various cyber threats and security vulnerabilities impacting individuals, businesses, and governments worldwide. One article discusses the increasing prevalence of ransomware attacks and the formation of new gangs targeting specific sectors. Another article highlights the growing capabilities of AI bots, now capable of bypassing CAPTCHA security measures, posing a challenge to human identification systems. Additionally, the text details efforts to combat cybercrime, including investigations into money laundering schemes and election interference attempts. The article also addresses emerging vulnerabilities in AI systems and software, emphasizing the need for proactive security measures to protect against potential threats. Finally, the article highlights the importance of strengthening security protocols for undersea cables, vital to global communications and data transmission, in an increasingly complex geopolitical landscape. Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Hurricane Helene Prompts CISA Fraud Warning00:35 Data Breach at MC2 Data Leaves 100 Million at Risk of Fraud01:25 China-Linked Attackers Salt Typhoon Infiltrate US Internet Service Providers02:06 Victims Lose $70K to One Single Wallet-Draining App on Google’s Play Store02:50 Transport, Logistics Orgs Hit by Stealthy Phishing Gambit03:35 Automattic Blocks WP Engine’s Access to WordPress Resources04:15 Doomsday ‘9.9 RCE Bug’ Might Hit Every Linux System04:52 Remote Code Execution, DoS Vulnerabilities Patched in OpenPLC05:37 Critical Nvidia Container Flaw Exposes Cloud AI Systems to Host Takeover06:16 HPE Aruba Networking Fixes Critical Flaws Impacting Access Points07:03 Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates07:47 Hackers Allegedly Claim Sale of 1-Day Magento RCE Vulnerability08:24 Over a Third of Employees Secretly Sharing Work Info with AI09:13 NIST Scraps Passwords Complexity and Mandatory Changes in New Guidelines09:51 Ransomware Incidents Hit 117 Countries in 2023, Task Force Says10:30 Companies Mentioned on the Dark Web at Higher Risk for Cyber Attacks Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Dell Hit by Third Data Leak in a Week Amid “grep” Cyberattacks00:34 RansomHub Genius Tries to Put the Squeeze on Delaware Libraries01:09 U.S. Govt Agency CMS Says Data Breach Impacted 3.1 Million People01:49 Thousands of US Congress Emails Exposed to Takeover02:23 Hackers Hiding Malware in Fake “Deleted Diddy Files”02:57 CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns03:39 ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function04:22 PoC for Critical SolarWinds Web Help Desk Vulnerability Released (CVE-2024-28987)04:54 TeamViewer for Windows Vulnerability Let Attackers Escalate Privileges05:26 Google Sees 68% Drop in Android Memory Safety Flaws Over 5 Years06:04 82% of Phishing Sites Now Target Mobile Devices Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 MoneyGram Says Cyber Incident Causing Network Outages00:31 Ransomware Attack on Kansas County Exposed Sensitive Info of Nearly 30,000 Residents01:06 Cybersecurity Incident Affects Arkansas City Water Treatment Facility01:43 Twilio Purportedly Breached, Nearly 12K Call Records Compromised02:13 Kaspersky Users Shocked by Automatic Antivirus Replacement Without Explicit Permission02:54 AI-Generated Malware Found in the Wild03:31 Telegram Will Provide User Data to Law Enforcement in Response to Legal Requests04:08 Cyberthreats to Railroads Loom as Industry and TSA Grow an Uneasy Partnership04:45 Apache Tomcat Vulnerability Lets Attackers Trigger Dos Attack05:16 Critical Unauthenticated RCE Flaw Impacts all GNU/Linux systems05:52 Researcher Details Cisco Smart Licensing that Lets Attacker Control Device06:28 10 Nasty Software Bugs Put Thousands of Fuel Storage Tanks at Risk of Cyberattacks07:10 MFA Bypass Becomes a Critical Security Issue as Ransomware Tactics Advance07:53 65% of Websites Are Unprotected Against Simple Bot Attacks08:35 14 Million Patients Impacted by US Healthcare Data Breaches in 2024 Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Hackers Posed as Google Support to Steal $243 Million in Crypto00:41 Man Scams $4M From Mostly Elderly Victims01:19 Android Malware ‘Necro’ Infects 11 Million Devices via Google Play01:56 Fragmented Cybersecurity Standards Leave Ohio Cities Exposed02:37 Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk03:12 ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products03:59 Versa Networks Patches Vulnerability Exposing Authentication Tokens04:41 Paid Open-Source Maintainers Spend More Time on Security05:17 Microsoft Names Deputy CISOs, Flushes Dead Accounts as Part of Internal Security Overhaul Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 One-Third of the US Population’s Background Info Is Now Public00:38 Dell Investigates Data Breach Claims After Hacker Leaks Employee Info01:17 Disney Ditching Slack After Massive July Data Breach01:52 Ascension’s Financial Comeback Stalled by Costly Cyberattack, Resulting in $1.8 Billion Loss02:43 Threat Actor IntelBroker Allegedly Claims Leak of Deloitte Internal Communications03:10 Hertz Car Rental Platform Leaks 60,000 Insurance Claim Reports03:49 Walmart Customers Accused of Drug Trafficking in a Google Ads Scam04:22 1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam05:00 0-Click RCE Vulnerability in MediaTek Wi-Fi Chipsets Allows Remote Exploitation05:41 CISA Releases Six Advisories for Industrial Control Systems06:31 US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities07:17 Cybersecurity Skills Gap Leaves Cloud Environments Vulnerable Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 U.S. Taxpayer Data at Risk? LockBit Ransomware Claims Attack on IRS-Authorized eFile00:35 Hackers Demand $6 Million for Files Stolen From Seattle Airport Operator in Cyberattack01:10 Attention Travelers! Beware of Booking.com Themed Phishing Attacks01:50 Microsoft: Vanilla Tempest Hackers Hit Healthcare With INC Ransomware02:24 Suspects Behind $230 Million Cryptocurrency Theft Arrested in Miami03:00 Patch This Critical Auth Bypass Flaw (CVE-2024-45488)03:42 GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions04:20 Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd04:57 CISA Adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server Bugs to Its Known Exploited Vulnerabilities Catalog05:43 Ivanti Warns of Another Critical CSA Flaw Exploited in Attacks06:24 Security Leaders Consider Banning AI Coding Due to Security Risks06:57 DOJ, FBI Need Better Metrics for Tracking Ransomware Disruption Efforts, Audit Finds07:47 Insecure APIs and Bot Attacks Cost Global Firms $186bn Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Hackers Breaching Construction Firms via Specialized Accounting Software00:59 New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide01:33 Chrome Extension Hides Malware to Steal Crypto: New Operation Uncovered02:06 Think Twice Before You Click: This Captcha Might Steal Your Money 02:34 Google Street View Images Used For Extortion Scams03:10 AT&T Reaches $13 Million FCC Settlement Over Massive 2023 Data Breach03:46 California Enacts Laws Regulating Use of Deepfakes in Election Ads04:24 Suffolk County Ransomware Attack Linked to Lack of Planning, Ignored Warnings05:03 Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution05:49 Chrome 129 Patches High-Severity Vulnerability in V8 Engine06:23 Microsoft Warns Of Windows Kernel Vulnerability Exploitation06:53 0.0.0.0 Day Vulnerability Puts Millions of Local Networks at Risk07:30 Windows MiniFilter Hack: Easily Bypass EDR Security08:07 The Proliferation of Non-Human Identities08:41 Critical Infrastructure at Risk From Email Security Breaches09:19 Infostealers: An Early Warning for Ransomware Attacks Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Owner of Only US Platinum Mine Confirms Data Breach After Ransomware Claims00:48 1,000+ ServiceNow Instances Leaking Corporate Data Via Knowledge Bases01:26 Chinese Hacker Targeted NASA, U.S. Military to Steal Critical Software02:01 Ransomware Gangs Now Abuse Microsoft Azure Tool for Data Theft02:41 CISA Urges Software Devs to Weed Out XSS Vulnerabilities03:21 Apple iOS 18 Released with Fixes for 32 Security Vulnerabilities03:54 U.S. CISA Adds Microsoft Windows MSHTML Platform and Progress WhatsUp Gold to Its Known Exploited Vulnerabilities Catalog04:46 PKfail Secure Boot Bypass Remains a Significant Risk Two Months Later05:30 Hospitals Need “Tribal Approach” to Protect Against Hackers, Says Expert06:10 CVE Backlog Update: The NVD Struggles as Attackers Change Tactics Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 88,000 Impacted by Access Sports Data Breach Resulting From Ransomware Attack00:36 DeltaPrime Suffers $5.98M Loss as Hacker Exploits Admin Key on Arbitrum01:13 Advanced Phishing Attacks Put X Accounts at Risk01:49 US Cracks Down on Spyware Vendor Intellexa With More Sanctions02:25 Prison Just Got Rougher as Band of Heinously Violent Cybercrims Sentenced to Lengthy Stints03:07 Medusa Ransomware Exploiting Fortinet Flaw For Sophisticated Attacks03:50 Azure API Management Vulnerability Let Users Escalate Privileges04:27 Google Fixes GCP Composer Flaw That Could've Led to Remote Code Execution05:04 Microsoft Confirms Second 0-Day Exploited by Void Banshee Apt (CVE-2024-43461)05:45 SolarWinds Fixed Critical RCE CVE-2024-28991 in Access Rights Manager06:22 D-Link Fixes Critical RCE, Hardcoded Password Flaws in WiFi 6 Routers06:57 Trends and Dangers in Open-Source Software Dependencies Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Tennessee School District Loses $3.4 Million to a Fake Curriculum Vendor00:47 Port of Seattle Confirms August Cyberattack by Rhysida Ransomware01:25 Microsoft Vows to Prevent Future CrowdStrike-Like Outages02:02 FBI Tells Public to Ignore False Claims of Hacked Voter Data02:39 23andMe Pledges $30 Million to the 6.4 Million People Affected by Data Breach03:20 Apple Suddenly Drops NSO Group Spyware Lawsuit03:58 Ivanti Cloud Service Appliance Flaw Is Being Actively Exploited in the Wild04:37 Citrix Workspace App Vulnerabilities Allow Privilege Escalation Attacks05:23 Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers06:05 Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw06:46 Stolen Account Info Still Chief Risk for Federal Agencies, Annual CISA Audit Finds07:30 Organizations Still Don’t Know How to Handle Non-Human Identities08:12 Cyber Insurance Set for Explosive Growth Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Fortinet Confirms Data Breach After Hacker Claims to Steal 440GB of Files00:46 Chinese-Made Port Cranes in US Included ‘Backdoor’ Modems, House Report Says01:23 Beware: New Vo1d Malware Infects 1.3 Million Android TV Boxes Worldwide02:01 Healthcare Giant to Pay $65M Settlement After Crooks Stole and Leaked Nude Patient Pics02:43 Hacker Tricks ChatGPT Into Giving Out Detailed Instructions for Making Homemade Bombs03:19 Feds Seize 350 Websites Trafficking Counterfeit Glock Silencers From China04:01 GitLab Warns of Critical Pipeline Execution Vulnerability04:47 Palo Alto Networks Patches Dozens of Vulnerabilities05:28 Cisco Patches High-Severity Vulnerabilities in Network Operating System06:12 Schools Face Million-Dollar Bills as Ransomware Rises06:52 US Utilities Facing Escalating Cyberattacks07:32 Open Source Updates Have 75% Chance of Breaking Apps Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Columbus City Cyberattack: Feds Lead Probe as Council Vows Transparency00:43 Data Breach at Golf Course Management Firm KemperSports Impacts 62,00001:24 Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware02:11 Hackers Use Fake Domains to Trick Trump Supporters in Trading Card Scam02:52 Intel Informs Customers About Over a Dozen Processor Vulnerabilities03:33 Chrome 128 Update Resolves High-Severity Vulnerabilities04:16 ICS Patch Tuesday: Advisories Published by Siemens, Schneider, ABB, CISA05:00 Researchers Hacked EV Car Chargers To Execute Arbitrary Code05:45 Rogue WHOIS Server Gives Researcher Superpowers No One Should Ever Have06:24 Cybernews Business Digital Index Reveals Major Shortcomings in Corporate Customer Data Security07:07 So You Paid a Ransom Demand … and Now the Decryptor Doesn’t Work Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Data Leak Exposes 14,000 US Medical Professionals: What We Know So Far00:50 Threat Actors Allegedly Claiming Leak of Capgemini Data01:17 DoJ Distributes $18.5m to Western Union Fraud Victims01:56 New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers02:38 NoName Ransomware Gang Deploying RansomHub Malware in Recent Attacks03:18 Ivanti Fixes Maximum Severity RCE Bug in Endpoint Management Software03:58 U.S. CISA Adds SonicWall SonicOS, ImageMagick and Linux Kernel Bugs to Its Known Exploited Vulnerabilities Catalog04:41 Gallup Poll Bugs Open Door to Election Misinformation05:24 SAP Releases 16 New Security Notes on September 2024 Patch Day06:14 Adobe Patches Critical, Code Execution Flaws in Multiple Products06:57 Microsoft September 2024 Patch Tuesday Fixes 79 Flaws, Including 4 Zero-Days07:43 Massive Spike in Crypto Fraud: FBI Reports Over $5.6 Billion Losses in 202308:28 Study Finds Excessive Use of Remote Access Tools in OT Environments09:14 2024 U.S. Election: CISA Releases Cyber and Physical Security Guidelines for Officials Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Cyber-Attack on Payment Gateway Exposes 1.7 Million Credit Card Details00:39 Highline Public Schools Hit by Cyberattack, Classes Canceled01:13 Nearly 1 Million Wisconsin Medicare Users Had Information Leaked in MOVEit Breach01:48 In Latest Check-In, Spy Agencies Describe ‘Ramp Up’ in Election Influence02:30 Two Arrested by FBI for Credit Card Fraud Could Face 20 Years in Prison03:07 U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks03:44 Progress Software Fixed a Maximum Severity Flaw in LoadMaster04:26 Critical Vulnerabilities Disclosed in IBM webMethods Integration Server05:02 Kibana Vulnerabilities Let Attackers Execute Arbitrary Code05:34 Akira Ransomware Actively Exploiting SonicWall Firewall RCE Vulnerability06:19 End of an Era: Security Budget Growth Slows Down06:58 DDoS Attacks Double With Governments Most Targeted Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Car Rental Company Avis Discloses a Data Breach00:43 Exposed: Russian Military Unit 29155 Does Digital Sabotage, Espionage01:24 Lowe’s Home Warehouse Employees Targeted in Google Ad Phish02:01 Sextortion Scam Now Use Your “Cheating” Spouse’s Name as a Lure02:39 New Rambo Attack Steals Data Using RAM in Air-Gapped Computers03:20 New Malware Shakes macOS Security Paradigm – Hackers Eying iPhones Next03:57 West Virginia Law Enforcement Sues Data Broker for Publishing Personal Information Online04:39 U.S. CISA Adds Draytek VigorConnect and Kingsoft WPS Office Bugs to Its Known Exploited Vulnerabilities Catalog05:25 A Flaw in WordPress LiteSpeed Cache Plugin Allows Account Takeover06:09 SonicWall Warns That SonicOS Bug Exploited in Attacks06:48 CISA Flags ICS Bugs in Baxter, Mitsubishi Products07:34 Apache OFBiz Team Patches Critical RCE Vulnerability (CVE-2024-45195)08:16 Veeam Security Bulletin Fixes Critical Vulnerabilities for Backup & Replication, Veeam ONE and More08:59 GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware09:44 83% of Organizations Experienced at Least One Ransomware Attack in the Last Year Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Microchip Technology Confirms Theft of Employee Data00:44 Planned Parenthood May Have Been Breached By RansomHub Group01:14 North Carolina Man Swindles $10M in AI Music Scheme01:48 Two Nigerians Sentenced to Prison in US for BEC Fraud02:22 US Indicts Two RT Employees for Alleged Russian Disinformation Effort03:09 US Targets Russian Election Influence Operation With Charges, Sanctions, Domain Seizures03:50 Cisco Warns of Critical Vulnerabilities in Smart Licensing Utility04:26 DrayTek Vulnerabilities Added to CISA KEV Catalog Exploited in Global Campaign05:06 Cisco Systems Manager for Windows Vulnerability Let Attackers Escalate Privilege05:45 Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues06:26 LiteSpeed Cache Bug Exposes 6 Million WordPress Sites to Takeover Attacks07:05 Security Budgets Come Under Pressure as “Hypergrowth” Ends07:42 The AI Wild West: Unraveling the Security and Privacy Risks of GenAI Apps Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 FBI: North Korea Aggressively Hacking Cryptocurrency Firms00:49 The Government Isn’t Ready for Cyber Chaos in the Food and Agriculture Sector01:29 Indicted Pair of Foreign Nationals Were Behind Swatting Attack on CISA Director01:58 CEO's Arrest Will Likely Not Dampen Cybercriminal Interest in Telegram02:36 Spamouflage Trolls Pretend to Be American Patriots on X, TikTok Ahead of US Presidential Election03:13 Revival Hijack Supply-Chain Attack Threatens 22,000 PyPI Packages03:53 Cicada Ransomware May Be a BlackCat/ALPHV Rebrand and Upgrade04:35 Vulnerability Allows Yubico Security Keys to Be Cloned05:13 Android’s September 2024 Update Patches Exploited Vulnerability05:53 PoC Exploit Released for 0-Day Windows Kernel Privilege Escalation Vulnerability06:28 RomCom Hackers Exploit Microsoft Office Zero-Day to Spread Ransomware07:04 Initial Access Brokers Target $2bn Revenue Companies07:25 White House Addresses BGP Vulnerabilities in New Internet Routing Security Roadmap Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Cyberattack Hits Shoshone-Bannock Tribes: Key Services Unaffected, Recovery in Progress00:49 Leaked Docs Expose Media Giant’s Secret Listening Software01:29 Oil Titan Halliburton Confirms Data Was Stolen in Cyberattack02:04 Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt02:49 New Cyberattack Targets Industrial Automation Sector with Malware03:35 Beware of New Phishing Attack That Mimics ScreenConnect and Zoom Chrome 128 Updates Patch High-Severity Vulnerabilities04:15 Chrome 128 Updates Patch High-Severity Vulnerabilities04:57 VMware Patches High-Severity Code Execution Flaw in Fusion05:41 D-Link Says It Is Not Fixing Four RCE Flaws in DIR-846W Routers06:20 Canonical Addresses Critical Linux Kernel AWS Vulnerabilities with New Patches06:56 Vulnerabilities in Microsoft Apps for macOS Allow Stealing Permissions07:44 A Third of Organizations Suffered a SaaS Data Breach This Year08:16 Active Ransomware Groups Surge by 56% in 2024 Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Freight Forwarder JAS Worldwide Restores Operations After Cyberattack00:34 Business Services Giant CBIZ Discloses Customer Data Breach01:06 Tracelo Location Tracker Data Breach: 1.4 Million Users’ Data Dumped Online01:36 Verkada Facing $3m Penalty After Hackers Viewed Sensitive Video Footage02:28 Hackers Poison Google Search Results by Spreading Malware as Spoofed VPN Solution03:06 CrowdStrike Faces Onslaught of Legal Action From Faulty Software Update03:44 New ManticoraLoader Malware Targeting Citrix Users to Steal Data04:25 Hacktivist Group Exploit WinRAR Vulnerability to Encrypt Windows & Linux05:07 Godzilla Fileless Backdoor Exploits Atlassian Confluence Vulnerability CVE-2023-2252705:51 Keeping Up With Automated Threats Is Becoming Harder06:32 Ransomware Crisis Deepens as Attacks and Payouts Rise Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 US Agencies Warn Against Ransomware Group Behind Hundreds of Attacks in Recent Months00:54 GitHub Comments Abused to Push Password Stealing Malware Masked as Fixes01:34 Researcher Sued for Sharing Data With Media That Ransomware Stole02:15 New Voldemort Malware Uses Google Sheets to Target Key Sectors Globally02:48 Intel Claps Back at Report of SGX Key Theft03:24 Chase Bank “Glitch” Leaves Customers with Negative Balances04:02 North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit04:46 Critical Vulnerabilities in Progress Software’s WhatsUp Gold Expose Systems to Severe Risks05:31 Fortra Patches Critical Vulnerability in FileCatalyst Workflow06:14 An Air Transport Security System Flaw Allowed Bypass of Airport Security Screenings06:59 Published Vulnerabilities Surge by 43%07:35 Cyber Threats That Shaped the First Half of 2024 Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 IT Engineer Charged For Attempting to Extort Former Employer00:54 Hackers Calling Employees to Steal VPN Credentials from US Firms01:34 Intel Officials Say They Anticipate More Hacking Attempts as US Election Nears02:08 Telegram CEO Pavel Durov Charged in France for Facilitating Criminal Activities03:05 California Passes Landmark Bill Requiring Easier Data Sharing Opt Outs for Consumers03:48 Unpatched CCTV Cameras Exploited to Spread Mirai Variant04:28 Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack05:18 Proof-of-Concept Code Released for Zero-Click Critical Windows Vuln05:58 Cisco NX-OS Software Vulnerability Let Attackers Trigger DoS Condition06:45 Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking07:32 Surge in New Scams as Pig Butchering Dominates08:10 Cybersecurity Spending to Surge by 15% to $212 Bn in 2025 Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 DICK’s Sporting Goods Says Confidential Data Exposed in Cyberattack00:45 Play Ransomware Hackers Claim Attack on US Manufacturer Microchip Technology01:28 Almost a Million Affected by Young Consulting Breach, BlackSuit Ransomware Claims Responsibility02:13 Seattle-Tacoma Intl Airport Cyberattack Triggers Handwritten Boarding Passes02:47 Muted Applause: Leading Software Testing Firm Leaves Credentials Vulnerable03:28 US Marshals Say Data Posted by Ransomware Gang Not From ‘New or Undisclosed Incident’04:09 Woman Uses AirTags to Nab Alleged Parcel-Pinching Scum04:43 US Offers $2.5M Reward for Belarusian Man Involved in Mass Malware Distribution05:31 U.S. CISA Adds Apache OFBiz Bug to Its Known Exploited Vulnerabilities Catalog06:15 Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability07:05 BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave07:46 Apple, TikTok, Google, and Facebook Give Your Data to Law Enforcement Up to 80% of the Time08:32 Cybercriminals Capitalize on Travel Industry’s Peak Season09:12 Old Methods, New Technologies Drive Fraud Losses Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Illinois County Leaked Over 470K Critical Voter Documents00:42 Microsoft Sway Abused in Massive QR Code Phishing Campaign01:26 Chinese Government Hackers Targeted US Internet Providers With Zero-Day Exploit, Researchers Say02:13 Cybercriminals Tap Greasy Opal to Create 750M Fake Microsoft Accounts02:49 Identity of Notorious Hacker USDoD Revealed03:34 Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot04:08 Code Execution Vulnerability Found in WPML Plugin Installed on 1M WordPress Sites04:48 Apache Vulnerability Let Attackers Steal Sensitive Data from Unix Systems05:35 When Convenience Costs: CISOs Struggle With SaaS Security Oversight06:20 Lateral Movement: Clearest Sign of Unfolding Ransomware Attack Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Seattle-Tacoma Airport It Systems Down Due to a Cyberattack00:40 2 TB of Sensitive “ServiceBridge” Records Exposed in Cloud Misconfiguration01:22 Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data02:01 500k Impacted by Texas Dow Employees Credit Union Data Breach02:37 AMD Internal Data Reportedly Offered for Sale03:15 Researchers Warn of Text Scams That Send Drivers Fake Bills for Highway Tolls03:59 SonicWall Warns of Critical Access Control Flaw in SonicOS04:37 Hillstone WAF Flaw Allows Dangerous Command Injection Attacks05:02 Critical Flaws in Traccar GPS System Expose Users to Remote Attack05:50 Google Tags a Tenth Chrome Zero-Day as Exploited This Year06:31 NSA Releases Guide to Combat Living Off the Land Attacks07:13 Adversaries Love Bots, Short-Lived IP Addresses, Out-of-Band Domains07:47 GenAI Buzz Fading Among Senior Executives Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Halliburton Forced to Take Systems Offline to Contain Cyberattack00:42 U.S. Department of Justice Alleges Cybersecurity Failings By Georgia Tech01:13 Audit Finds Notable Security Gaps in FBI’s Storage Media Management01:52 Qilin Ransomware Upgrades and Now Steals Google Chrome Credentials02:21 Microsoft to Host Security Summit After CrowdStrike Disaster03:01 American Radio Relay League Confirms $1 Million Ransom Payment03:36 Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures04:03 U.S. CISA Adds Versa Director Bug to Its Known Exploited Vulnerabilities Catalog04:43 Dell Power Manager Vulnerability Allow Attackers Gain Unauthorized Access – Patch Now!05:21 Fraud Tactics and the Growing Prevalence of AI Scams05:58 The Changing Dynamics of Ransomware as Law Enforcement Strikes Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Oil Industry Giant Halliburton Confirms ‘Issue’ Following Reported Cyberattack00:46 Google Cloud Leak Linked to Shark Tank Contestant Exposes 83,00001:27 Financial Firm Fined $850K for Violating SEC Cyber Rules02:16 U.S. Charges Karakurt Extortion Gang’s “Cold Case” Negotiator03:00 This Uni Thought It Would Be a Good Idea to Do a Phishing Test With a Fake Ebola Scare03:37 SolarWinds Fixes Hardcoded Credentials Flaw in Web Help Desk04:20 Microsoft Confirms August Updates Break Linux Boot in Dual-Boot Systems05:01 Security Flaws in Dahua Cameras Being Actively Exploited, CISA Warns05:34 Google Addressed the Ninth Actively Exploited Chrome Zero-Day This Year06:23 Slack Patches AI Bug That Let Attackers Steal Data From Private Channels07:03 Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide07:40 Cisco Patches High-Severity Vulnerability Reported by NSA08:17 Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira08:58 Over 3400 High and Critical Cyber Alerts Recorded in First Half of 202409:41 GenAI Models Are Easily Compromised10:24 Ransomware Batters Critical Industries, but Takedowns Hint at Relief Additional Resources: Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 CannonDesign Hit by Data Breach: Client and Employee Information Compromised00:50 Microchip Technology Says IT Incident Impacted Operations01:27 Arden Claims Service Reports Data Breach, 139,000 Affected02:16 Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue02:46 Styx Stealer Creator's OPSEC Fail Leaks Client List and Profit Details03:26 Man Who Hacked Hawaii State Registry to Forge His Own Death Certificate Sentenced to 81 Months03:58 Microsoft Copilot Studio Vulnerability Led to Information Disclosure04:39 GitHub Enterprise Server Vulnerable to Critical Auth Bypass Flaw05:26 LiteSpeed Cache Used in 5 Million Sites Allows Unauthenticated Admin Access06:11 Critical Vulnerability In OpenBMCs For Servers, Leads To Full Compromise06:52 Most Ransomware Attacks Now Happen at Night07:27 Healthcare Hit by a Fifth of Ransomware Incidents08:13 Average DDoS Attack Costs $6,000 Per Minute Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Cybercriminals Siphon Credit Card Numbers From Oregon Zoo Website00:46 Columbus Officials Warn Victims, Witnesses After Ransomware Leak of Prosecutor Files01:21 Carespring Data Breach Exposes Personal and Medical Information of Nearly 77,000 Patients01:54 Jewish Home Lifecare Notifies 100,000 Victims of Ransomware Breach02:35 FBI Investigation Confirms that Iran Hackers Behind Trump Campaign Hack03:17 Digital Wallets Can Allow Purchases With Stolen Credit Cards03:55 Critical WordPress Plugin RCE Vulnerability Impacts 100k+ Sites04:37 CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks05:24 F5 Patches High-Severity Vulnerabilities in BIG-IP, NGINX Plus06:10 Oracle Netsuite Misconfiguration Could Lead to Data Exposure06:52 Organizations Turn to Biometrics to Counter Deepfakes07:29 Cybercriminals Exploit File Sharing Services to Advance Phishing Attacks08:11 Data for Sale: 75% of US House Members Exposed by People Search Sites Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Toyota Allegedly Breached – 240 GB of Data Leaked Online00:37 Unicoin Staff Locked Out of G-Suite in Mystery Attack01:21 Computer Engineer Hacks Own Employer, Demands $750K Ransom02:04 FlightAware Configuration Error Leaked User Data for Years02:39 National Public Data Tells Officials ‘Only’ 1.3M People Affected by Intrusion03:16 Microsoft Patches Zero-Day Flaw Exploited by North Korea's Lazarus Group03:59 Vulnerabilities in Microsoft’s macOS Apps Could Help Hackers Access Microphones and Cameras04:41 Experts Warn of Exploit Attempt for Ivanti vTM Bug05:15 New Kubernetes Vulnerability Allows Attackers to Access Clusters Remotely05:49 Ransomware Rakes In Record-Breaking $450 Million in First Half of 2024 Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Ransomware Attack on Flint Affecting City Services as FBI Investigates Incident00:50 US Bipartisan Committee Urges Investigation Into Chinese Wi-Fi Routers01:21 Large-Scale Extortion Campaign Targets Publicly Accessible Environment Variable Files (.Env)02:11 OpenAI Blocks Iranian Influence Operation Using ChatGPT for U.S. Election Propaganda02:49 National Public Data Confirms a Data Breach03:22 T-Mobile Fined $60 Million for Breaches of National Security Agreement03:53 7-Year-Old Pre-Installed Google Pixel App Flaw Puts Millions at Risk04:29 ArtiPACKED Flaw Exposed GitHub Actions to Token Leaks05:09 CISA Adds SolarWinds Web Help Desk Bug to Its Known Exploited Vulnerabilities Catalog05:51 Business and Tech Consolidation Opens Doors for Cybercriminals06:30 Are 2024 US Political Campaigns Prepared for the Coming Cyber Threats? Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 TD Bank Employee ‘Improperly’ Accessed Customer Data00:33 The Washington Times Newspaper Claimed by Rhysida Ransomware Cartel01:10 EFG Companies Breached Through Third-Party VPN01:54 5,000 AI-Controlled Fake X Accounts Linked to China Disinformation Campaign02:37 Black Basta Ransomware Gang Linked to a SystemBC Malware Campaign03:13 A Group Linked to Ransomhub Operation Employs EDR-Killing Tool EDRkillshifter03:49 Critical Vulnerabilities in IBM QRadar Lets Attackers Trigger Arbitrary Code Remotely04:22 Vulnerability in Palo Alto Networks Prisma Access Browser Let Attackers Trigger RCE05:02 Microsoft Disables BitLocker Security Fix, Advises Manual Mitigation05:36 Thousands of Oracle NetSuite Sites Said to Be Exposing Customer Data06:09 74% of IT Professionals Worry AI Tools Will Replace Them06:53 Cyber-criminals Exploited Paris Olympics With Fake Domains07:30 Ransomware Gangs Rake In More Than $450 Million in First Half of 2024 Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Enzo Biochem Ordered to Cough Up $4.5 Million Over Lousy Security That Led to Ransomware Disaster00:49 More Hackers Want to Bite Apple: New Malware in High Demand01:28 DNC Credentials Compromised by 'IntelFetch' Telegram Bot02:06 Media, Activists, Former USDiplomat Were on Russia-Aligned Phishing Campaigns’ Hit Lists02:45 Malware Payloads, Tactics Identified in Active AnyDesk and Microsoft Teams Social Engineering Campaign03:23 Texas Sues GM for Selling Driver Data to Analytics, Insurance Companies04:01 Russian Who Sold 300,000 Stolen Credentials Gets 40 Months in Prison04:42 Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days05:19 SolarWinds Fixes Critical RCE Bug Affecting All Web Help Desk Versions05:56 Adobe Patches 72 Security Vulnerabilities Across Multiple Products06:19 Fortinet, Zoom Patch Multiple Vulnerabilities06:48 ICS Patch Tuesday: Advisories Released by Siemens, Schneider, Rockwell, Aveva07:26 DDoS Attacks Surge 46% in First Half of 2024, Gcore Report Reveals Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 3AM Ransomware Stole Data of 464,000 Kootenai Health Patients00:38 Orion SA Says Scammers Conned Company Out of $60 Million01:14 Architect of Ransomware-as-a-Service Model Extradited to U.S. After More than a Decade on the Run01:57 Donald Trump’s X Interview With Elon Musk Delayed, Owner Blames ‘Massive DDOS Attack’02:31 Ivanti Warns of Critical vTM Auth Bypass With Public Exploit03:12 Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service03:45 SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps04:23 Outlook RCE Vulnerability: Exploitation Details Revealed05:07 Microsoft Fixes 6 Zero-Days Under Active Attack05:46 35% of Exposed API Keys Still Active, Posing Major Security Risks06:21 Hidden Crisis in Cybersecurity: 17 Out of 20 Professionals Suffering From Fatigue and Burnout07:00 NIST Formalizes World's First Post-Quantum Cryptography Standards07:35 Cost of a Data Breach 2024: Financial Industry Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Sumter County Sheriff’s Office Systems Hit by Rhysida Ransomware00:40 Almost 50 PII Categories Impacted in Data Breach at East Valley Institute of Technology01:14 FBI Disrupts the Dispossessor Ransomware Operation, Seizes Servers01:53 CrowdStrike Tries to Patch Things Up With Cybersecurity Industry02:31 Mega Money, Unfathomable Violence Pervade Thriving Underground Doxxing Scene03:16 UN Adopts Controversial Cybercrime Treaty03:51 Justice Department Disrupts North Korean ‘Laptop Farm’ Operation04:21 FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability05:06 Vulnerability in Windows Driver Leads to System Crashes05:41 Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains06:31 Critical Vulnerabilities in Qualcomm’s Adreno GPU Affecting Billions of Android Devices07:10 High-Risk Cloud Exposures Surge Due to Rapid Service Growth07:51 74% of Ransomware Victims Were Attacked Multiple Times in a Year Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 ADT Disclosed a Data Breach That Impacted More Than 30,000 Customers00:48 CSC ServiceWorks Discloses Data Breach After 2023 Cyberattack01:29 Iranian Hackers Ramping Up US Election Interference, Microsoft Warns02:09 Donald Trump’s Campaign Says Its Emails Were Hacked02:48 Malware Force-Installs Chrome Extensions on 300,000 Browsers, Patches DLLs03:30 Hackers Return $12 Million Taken During Ronin Network Breach04:13 Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick Share04:53 Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure05:40 New AMD SinkClose Flaw Helps Install Nearly Undetectable Malware06:22 Vulnerability Allowed Eavesdropping via Sonos Smart Speakers07:08 Shorter TLS Certificate Lifespans Expected to Complicate Management Efforts07:47 Malware-as-a-Service and Ransomware-as-a-Service Lower Barriers for Cybercriminals Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Cyber Incident Shuts Down North Miami City Hall: What You Need to Know00:43 Michigan Hospital System Struggles With Cyberattack as Healthcare Industry Decries ‘Russian’ Ransomware01:21 Rhysida Ransomware Group Claims to Have Breached Bayhealth Hospital in Delaware02:00 Massive DDoS Attack: Record-breaking 419 TB of Malicious Traffic Within 24 Hours02:32 US Offers $10 Million for Info on Iranian Leaders Behind CyberAv3ngers Water Utility Attacks03:06 Royal Ransomware Successor BlackSuit Has Demanded More Than $500 Million03:50 US Dismantles Laptop Farm Used by Undercover North Korean IT Workers04:25 “Perfect” Windows Downgrade Attack Turns Fixed Vulnerabilities Into Zero-Days05:04 Chrome, Safari, Mozilla Under Siege: ‘0.0.0.0 Day’ Vulnerability Exposes Millions05:42 AWS Patches Vulnerabilities Potentially Allowing Account Takeovers06:26 Critical 1Password Vulnerability: Hackers Could Exploit Security Flaw to Access Unlock Keys07:02 GhostWrite Flaw: Hackers Can Access and Control Your Computer’s Memory07:38 Cisco Warns of Critical RCE Zero-Days in End of Life IP Phones08:16 Thousands of Exposed Industrial Control Systems in US, UK Threaten Water Supplies08:54 AI Model Achieve 98% Accuracy in Collecting Threat Intelligence From Dark Web Forums09:37 Researchers Detailed the Evolution of Cybercriminal Underworld10:32 #BHUSA: CISA Director Confident in US Election Security Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Microsoft Punches Back at Delta Air Lines and Its Legal Threats00:44 Ransomware Attack Cost LoanDepot $27 Million01:13 Largest Data Breach Ever? Lawsuit Against National Public Data for Allegedly Compromising Data of 3 Billion People02:06 Police Take Just 2 Days to Recover $40M Stolen in Business Email Scam02:56 Georgia’s Voter Portal Gets a Crash Course in Client Versus Backend Input Validation03:32 Critical Progress WhatsUp RCE Flaw Now Under Active Exploitation04:17 Hackers Could Spy on Cellphone Users by Abusing 5G Baseband Flaws, Researchers Say04:57 Windows Update Flaws Allow Undetectable Downgrade Attacks05:37 Phishing Attacks Can Bypass Microsoft 365 Email Safety Warnings06:09 Critical ServiceNow Vulnerability Exposes Organizations to Remote Code Execution Attacks06:48 Ransomware in 2024: More Attacks, More Leaks, and Increased Sophistication07:44 Critical Solar Power Grid Vulnerabilities Risk Global Blackouts08:26 CISA Releases Guide to Enhance Software Security Evaluations Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Hacker Wipes 13,000 Devices After Breaching Classroom Management Platform00:49 Calibrated Healthcare Suffers Data Breach, Patient Information Compromised01:26 Non-Profit Blood Center OneBlood Recovering from Cripping Ransomware Attack02:13 AI-Fueled Phishing Scams Raise Alarm Ahead of U.S. Presidential Election02:51 Illinois Relaxes Biometric Privacy Law So Snafus Won’t Cost Businesses Billions03:29 FTC Settles for $12M With Scammers Operating $213M Pyramid Scheme04:09 Google Warns of an Actively Exploited Android Kernel Flaw04:47 CISA Adds Microsoft COM for Windows Bug to Its Known Exploited Vulnerabilities Catalog05:41 Western Digital’s WD Discovery App Flaw Allows Code Execution06:18 Jfrog Artifactory Flaw Let Attackers Poison Artifact Caches07:05 #BHUSA: 99% of Global 2000 Firms Have Recently Breached Vendors07:48 #BHUSA: Ransom Payments Surge, Organizations Pay Average of $2.5m08:22 Email Attacks Skyrocket 293%09:04 CVEs Surge 30% in 2024, Only 0.91% Weaponized09:45 #BHUSA: 17.8m Phishing Emails Detected in First Half of 2024 Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 CrowdStrike to Delta Airlines: Don’t Blame Us for Your Woes00:38 Insured Loss Impact Could Reach $1B Following CrowdStrike Outage01:16 Threat Actor Claiming Breach of Gregory’s Foods 400Gb Database01:40 Keytronic Incurred Approximately $17 Million of Expenses Following Ransomware Attack02:18 332 Million Email Addresses Scraped from SOCRadar. io Published Online02:55 Sneaky SnakeKeylogger Slithers Into Windows Inboxes to Steal Sensitive Secrets03:42 Ransomware Gang Targets IT Workers With New SharpRhino Malware04:13 Critical Vulnerability in Apache OFBiz Requires Immediate Patching04:57 Immediate Action Required: Critical Apache InLong Vulnerability Exploitable05:36 Leaked Wallpaper Exploit Let Attackers Escalate Privilege on Windows Systems06:22 AI Expected to Improve IT/OT Network Management07:22 #BHUSA: Nation-State Attacks Target Hardware Supply Chains Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Millions of US Voter Data Exposed in 13 Misconfigured Databases00:41 Hackers Attempt to Sell the Personal Data of 3 Billion People Resulting From an April Data Breach01:12 Surge in Magniber Ransomware Attacks Impact Home Users Worldwide01:51 City of Columbus Offers Credit Monitoring to Employees After Massive Cyberattack Hits Government Facilities02:36 DoJ and FTC Sue TikTok for Violating Children's Privacy Laws03:24 Avtech Camera Vulnerability Actively Exploited in the Wild, CISA Warns04:10 Linux Kernel Impacted by New SLUBStick Cross-Cache Attack04:52 Microsoft Patched a Critical Edge Flaw that Led to Arbitrary Code Execution05:41 Security Bypass Vulnerability Exposed in Rockwell Automation Logix Controllers06:36 Organizations Fail to Log 44% of Cyber Attacks, Major Exposure Gaps Remain Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 FBI Warns of Scammers Posing as Crypto Exchange Employees01:00 Pharma Giant Cencora Says Personal Health Data Leaked During February Cyber Incident01:45 Employees at Dell, AT&T, Verizon, Capital One, and Other Companies Exposed via Popular Office App02:22 DDoS Attacks May Target Election Infrastructure, FBI Warns02:59 Mining Giant Fresnillo Confirms Cyber Security Incident: Operations Continue Normally03:36 Smart Cars Share Driver Data, Prompting Calls for Federal Scrutiny04:20 Tech Support Scam Ring Leader Gets 7 Years in Prison, $6M Fine04:56 Homebrew Security Audit Finds 25 Vulnerabilities05:24 Bitdefender Vulnerability Let Attackers Trigger SSRF Attack06:01 Over 1 Million Domains at Risk of 'Sitting Ducks' Domain Hijacking Technique06:47 Airlines Are Flying Blind on Third-Party Risks07:21 BEC Attacks Surge 20% Annually Thanks to AI Tooling Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 DDoS Attack Triggers New Microsoft Global Outage00:36 Ransomware Attack on Major US Blood Center Prompts Hundreds of Hospitals to Implement Shortage Protocols01:06 CrowdStrike Faces Lawsuits From Customers, Investors01:44 Phishing Attack Steals Donations from Trump Voters Using Fake Website02:21 Fraud Ring Pushes 600+ Fake Web Shops via Facebook Ads03:06 Meta to Pay Texas $1.4bn for Unlawful Biometric Data Capture03:41 DigiCert Revoking Many Certificates Due to Verification Issue04:12 Multiple SMTP Servers Vulnerable to Spoofing Attacks, Let Hackers Bypass Authentication04:56 20,275 VMware ESXi Vulnerable Instances Exposed, Microsoft Warns of Massive Exploitation05:46 Chrome 127 Improves Cookie Protection on Windows06:21 Credential Disclosure in LastPass06:53 U.S. Customs and Border Protection Issues Guide for Travelers on Facial Recognition Opt-Out Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter