CISO Headlines

This CISO Daily Update covers: 00:00 Introduction00:06 Columbus Investigates Whether Data Was Stolen in Ransomware Attack00:47 Record-Breaking $75M Ransom Paid to Dark Angels Gang01:31 ‘LockBit of Phishing’ EvilProxy Used in More Than a Million Attacks Every Month02:10 Stolen GenAI Accounts Flood Dark Web With 400 Daily Listings02:46 OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script03:15 U.S. Court Slashes $78M Lawyers’ Fee in T-Mobile Data Breach Settlement03:56 Google Workspace Vulnerability Allowed Hackers to Access 3rd-Party Services04:37 VMware ESXi Auth Bypass Zero-Day Exploited by Ransomware Operators (CVE-2024-37085)05:18 New MOVEit File Transfer Vulnerability Lets Attackers Escalate Privileges06:05 The State of Ransomware in Healthcare 202406:50 IBM: Cost of a Breach Reaches Nearly $5 Million, With Healthcare Being Hit the Hardest Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 4.3 Million Impacted by HealthEquity Data Breach00:45 SolarWinds Legal Ruling Expected to Narrow, but Maintain SEC Oversight on Cyber Transparency01:36 Casper Network Pauses Operations After Cyberattack: What You Need to Know02:04 Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails02:51 US Border Agents Must Get Warrant Before Cell Phone Searches, Federal Court Rules03:23 Unveiling the Stargazer Goblin: A Closer Look at the Stargazers Ghost Network’s $100,000 Malware Operation04:05 Walmart Discovers New PowerShell Backdoor Linked to Zloader Malware04:44 Millions of Websites Susceptible to XSS Attack via OAuth Implementation Flaw05:38 Threat Actors Exploiting OS Command Injection Flaws To Hack Systems, CISA Warns06:24 RADIUS Protocol Vulnerability Impacted Multiple Cisco Products07:08 Hackers Exploiting MSHTML Vulnerability to Deliver Atlantida Malware07:45 Three Ways to Mitigate AI-Based Supply Chain Attacks Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 South Carolina’s Summerville Police Claimed by Rumored Alphv/BlackCat Ransomware Reboot00:47 Data Breach at Rhode Island Wyatt Detention Facility Estimated to Affect 20,00001:25 FBCS Data Breach Impact Now Reaches 4.2 Million People02:00 Columbus Reports Cyber Incident as Multiple Cities Recover From Ransomware Attacks02:33 US Indicts Alleged North Korean State Hacker for Ransomware Attacks on Hospitals03:07 A Bug in Chrome Password Manager Caused User Credentials to Disappear03:47 ServiceNow Flaw Let Remote Attackers Execute Arbitrary Code04:24 WhatsApp for Windows Lets Python, PHP Scripts Execute With No Warning05:00 Acronis Warns of Cyber Infrastructure Default Password Abused in Attacks05:44 Millions of Devices Vulnerable to 'PKFail' Secure Boot Bypass Issue06:15 Companies Struggle to Recover From CrowdStrike's Crippling Falcon Update06:50 Most CISOs Feel Unprepared for New Compliance Regulations07:34 AI-Generated Deepfake Attacks Force Companies to Reassess Cybersecurity08:20 16% of Organizations Experience Disruptions Due to Insufficient AI Maturity Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Hackers Group Allegedly Leaked Threat Actor List from Crowdstrike With 250M IOC Data01:00 Bug in Update Checker Blamed for CrowdStrike Outages as Congress Demands Hearing01:32 Data Breach Exposes US Spyware Maker Behind Windows, Mac, Android and Chromebook Malware02:16 Hackers Outsmart SEGs with Unbelievably Sophisticated Malware02:49 Meta Nukes Massive Instagram Sextortion Network of 63,000 Accounts03:36 Critical ServiceNow RCE Flaws Actively Exploited to Steal Credentials04:23 GitLab Patched XSS Vulnerability that Lets Attackers Execute Arbitrary Code05:09 Docker Fixes Critical Auth Bypass Flaw, Again (CVE-2024-41110)06:09 CISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS Software06:59 Researchers Claim Anyone Can Access Deleted, Private GitHub Repository Data07:42 Ransomware and BEC Make Up 60% of Cyber Incidents08:36 Most IT Leaders Say Severity of Cyber-Attacks has Increased Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Pentagon & NASA IT Service Provider Hacked – Confidential Data Leaked Online – Exclusive!00:53 CrowdStrike Blames a Test Software Bug for That Giant Global Mess It Made01:34 TracFone to Pay $16 Million to Settle FCC Cyber and Privacy Investigation02:18 57,000 Patients Impacted by Michigan Medicine Data Breach02:59 Biggest-Ever Leak of Digital Pirates: 10 Million Exposed by Z-Library Copycat03:40 AT&T Outage Due to Failed Network Update, FCC Releases New Findings04:23 Network of Ghost GitHub Accounts Successfully Distributes Malware05:03 Ransomware Ecosystem Fragmenting Under Law Enforcement Pressure and Distrust05:47 Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers06:36 Organizations Warned of Exploited Twilio Authy Vulnerability07:18 Chrome 127 Patches 24 Vulnerabilities08:05 Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment08:54 Navigating the Complex Landscape of Web Browser Security09:48 Unprecedented Global Cyberattack Prevalence Reported in Q2 Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Ransomware Recovery Effort Cost Suffolk County $25.7 Million, Prompting Investigation00:53 Fake CrowdStrike Repair Manual Pushes New Infostealer Malware01:32 Cybercrooks Spell Trouble With Typosquatting Domains Amid CrowdStrike Crisis02:14 2 Million Microsoft 365 Data Compromised by CrowdStrike Bug03:09 US Gov Sanctioned Key Members of the Cyber Army of Russia Reborn Hacktivists Group04:03 BreachForums v1 Hacking Forum Data Leak Exposes Members’ Info04:44 Philips Vue PACS Vulnerabilities Put Patient Data at Risk: Healthcare Sector on High Alert05:29 Swipe Right for Data Leaks: Dating Apps Expose Location, More06:11 Okta Browser Plugin Vulnerable To Reflected Cross-Site Scripting Attacks06:56 Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication07:32 The CrowdStrike Butterfly Effect: Cyber Pros Weigh In on the Far-Reaching Disaster08:28 The Changes in the Cyber Threat Landscape in the Last 12 Months09:18 Seemplicity 2024 Remediation Operations Report: Rising Exposure Management Risk10:07 Hackers Exploiting Google Cloud for Massive Phishing Attacks Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Los Angeles Superior Court Shuts Down After Ransomware Attack00:52 EU Gave CrowdStrike the Keys to the Windows Kernel, Claims Microsoft01:28 Hackers Claim Breach of Daikin: 40 GB of Confidential Data Exposed01:57 New Linux Variant of Play Ransomware Targeting VMware ESXi Systems02:30 Hackers Inject Persistent Credit Card Skimmer to Abuse Swap File in Shopping Sites03:07 Check Point Research Reports Highest Increase of Global Cyber Attacks Seen in Last Two Years03:53 Ransomware Groups Fragment Amid Rising Cybercrime Threats Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 CrowdStrike Says Logic Error Caused Windows BSOD Chaos00:49 Threat Actors Attempted to Capitalize CrowdStrike Incident01:31 Microsoft Says 8.5 Million Windows Devices Impacted by CrowdStrike Incident, Publishes Recovery Tool02:07 Safety Gear Giant Cadre Holdings Reports Cybersecurity Breach03:00 LAPD Warns Residents After Spike in Burglaries Using Wi-Fi Jammers That Disable Security Cameras, Smart Doorbells03:37 DHS Watchdog Rebukes CISA and Law Enforcement Training Center for Failing to Protect Data04:19 Two LockBit Ransomware Affiliates Plead Guilty in U.S. Federal Court05:05 U.S. CISA Adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server Bugs to Its Known Exploited Vulnerabilities Catalog06:03 Cisco Warns of Unpatched Vulnerability (CVE-2024-20416) in RV340 and RV345 Routers07:03 US Cyberattacks on the Rise; Businesses in Colorado, California Face Greater Threat: Report08:01 CISA Publishes Resiliency Playbook for Critical Infrastructure08:42 Securing Healthcare Data: Dark Web Monitoring Insights for CISOs09:22 One-Third of Dev Professionals Unfamiliar With Secure Coding Practices10:20 CISOs Must Shift From Tactical Defense to Strategic Leadership Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Live Updates: Global Tech Outage Grounds Flights and Hits Businesses00:42 Judge Mostly Drags SEC’s Lawsuit Against SolarWinds Into the Recycling Bin01:23 AT&T Reports Arrest Made in April Hack, Updates Affected Customers01:58 USPS Shared Customer Postal Addresses With Meta, LinkedIn and Snap02:31 Weaponized AWS Packages Spreading Malware through Innocent-Looking JPEGs03:09 Revolver Rabbit Gang Registers 500,000 Domains for Malware Campaigns03:51 SolarWinds Fixes 8 Critical Bugs in Access Rights Audit Software04:30 Critical Splunk Flaw Can Be Exploited to Grab Passwords (CVE-2024-36991)05:09 SAP AI Core Flaws Expose Sensitive Customer Data and Keys05:51 New VPN Port Shadow Vulnerability Let Hackers Intercept Encrypted Traffic06:33 Hackers Could Create Traffic Jams Thanks to Flaw in Traffic Light Controller, Researcher Says07:08 US Data Breach Victim Numbers Surge 1170% Annually07:54 Threat Actors Ramp Up Use of Encoded URLs to Bypass Secure Email Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Furniture Giant Shuts Down Manufacturing Facilities After Ransomware Attack00:46 MNGI Digestive Health Data Breach Impacts 765,000 Individuals01:24 Over 400,000 Life360 User Phone Numbers Leaked via Unsecured API02:07 Yacht Giant MarineMax Data Breach Impacts Over 123,000 People02:50 Anime Figurine Maker Exposes North American Customer Names, Home Addresses03:30 Qilin Ransomware’s Sophisticated Tactics Unveiled By Experts04:11 Ivanti Endpoint Manager Flaw Let Hackers Gain Full Control EPM Server04:55 Atlassian Data Center & Server Flaw Let Hackers Execute Arbitrary Code05:35 Chrome 126 Updates Patch High-Severity Vulnerabilities06:34 Oracle Patches 240 Vulnerabilities With July 2024 CPU07:14 Cisco SSM On-Prem Bug Lets Hackers Change Any User’s Password07:55 Sensitive Data Sharing Risks Heightened as GenAI Surges08:41 Ransomware Recovery in Energy, Water Sectors Hits $3M, Quadrupling in One Year09:24 Unseen Levels of Cyberattacks: Organizations Targeted Ten Times an Hour10:05 Inside Q2 2024’s Ransomware Surge: Strategies and Geopolitical Impact Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Car Dealership Company AutoNation Says CDK Ransomware Incident Cut Into Quarterly Earnings00:44 Virginia Elections Department Dismisses Data Breach Claims01:40 “Massive Data Sale in History: 2 Billion Rows, 122 GB, 361M Emails & Passwords for Just $500!”02:23 Email Addresses of 15 Million Trello Users Leaked on Hacking Forum03:01 Kaspersky Leaves U.S. Market Following the Ban on the Sale of Its Software in the Country03:39 New Jellyfish Loader Threat Discovered: Advanced Techniques for System Infiltration04:15 'Konfety' Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins05:02 CISA Adds OSGeo GeoServer GeoTools Bug to Its Known Exploited Vulnerabilities Catalog05:44 Microsoft Finally Fixes Outlook Alerts Bug Caused by December Updates06:27 Apache HugeGraph-Server RCE Vulnerability Under Active Attack07:12 Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks07:51 Half of SMEs Unprepared for Cyber-Threats08:34 Talk Security, Not Tech: Ivanti Study Urges CISOs to Educate Leaders on AI Risks09:14 The Linux Foundation and OpenSSF Release Report on the State of Education in Secure Software Development Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 AT&T Paid a $370,000 Ransom to Prevent Stolen Data From Being Leaked00:48 Data of Millions of mSpy Customers Leaked Online01:25 6 Million Records of Pinterest Database Leaked – What’s Inside!01:53 Attackers Exploit URL Protections to Disguise Phishing Links02:28 ZDI Shames Microsoft For – Yet Another – Coordinated Vulnerability Disclosure Snafu03:08 Facebook Ads for Windows Desktop Themes Push Info-Stealing Malware03:48 CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool04:33 Juniper Junos Flaw Let Attackers Gain Full ‘Root’ Access05:02 WP Time Capsule Plugin Update Urged After Critical Security Flaw05:49 Pressure Mounts for C-Suite Executives to Implement GenAI Solutions Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Rite Aid Disclosed Data Breach Following RansomHub Ransomware Attack00:52 Hackers Stole ‘Nearly All’ Call Logs Over Six Months From AT&T01:34 Indiana County Files Disaster Declaration Following Ransomware Attack02:22 Disney’s Internal Slack Breached? NullBulge Leaks 1.1 TB of Data03:04 ‘Magic Soap’ Producer Discloses Data Breach, but Details Are Scarce03:50 Homoglyphs and IL Weaving Used To Evade Detection in Malicious NuGet Campaign04:38 GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln05:25 Citrix NetScaler ADC & Gateway Impacted by regreSSHion RCE Vulnerability06:08 Critical Flaw in Exim MTA Could Allow to Deliver Malware to Users’ Inboxes07:01 Hackers Use PoC Exploits in Attacks 22 Minutes After Release Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 CDK Expects Car Dealership System Outage to Last Until at Least June 3000:47 Designed Receivable Solutions Data Breach Impacts 585,000 People01:27 Dangerous AI Workaround: 'Skeleton Key' Unlocks Malicious Content02:08 Interpol Seizes Millions in Global Crackdown Against Scammers02:43 PoC Exploit for Critical Fortra FileCatalyst Flaw Published (CVE-2024-5276)03:28 Gas Chromatograph Hacking Could Have Serious Impact: Security Firm04:01 GitLab Security Updates Patch 14 Vulnerabilities04:44 CISA Warns of Exploited GeoServer, Linux Kernel, and Roundcube Vulnerabilities05:24 Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks05:58 Majority of Critical Open Source Projects Contain Memory Unsafe Code06:39 CISOs Reveal Firms Prioritize Savings Over Long-Term Security Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Microsoft Blamed for Million-Plus Patient Record Theft at US Hospital Giant00:44 LockBit Lied: Stolen Data Is From a Bank, Not US Federal Reserve01:29 BianLian Ransomware Targets Better Business Bureau, US Dermatology Partners02:15 Developer Errors Lead to Long-term Exposure of Sensitive Data in Git Repos02:48 New Medusa Android Trojan Targets Banking Users Across 7 Countries03:40 AzzaSec Reveals Advanced Windows Ransomware Builder, Threatens Cybersecurity04:24 Fresh MOVEit Bug Under Attack Mere Hours After Disclosure05:08 Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping05:50 Siemens Sicam Vulnerabilities Could Facilitate Attacks on Energy Sector06:26 VMware ESXi Vulnerability Allows Attackers to Bypass Authentication06:59 Identity Crime Reports Drop 16% Annually but Job Scams Surge07:42 Gaining and Retaining Security Talent: A Cheat Sheet for CISOs Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Neiman Marcus Data Breach Disclosed as Hacker Offers to Sell Stolen Information00:45 CISA Confirms Hackers May Have Accessed Data From Chemical Facilities During January Incident01:24 Creditors’ Service Provider Leaked Millions of Records With Lawsuit History01:52 Several Plugins Compromised in WordPress Supply Chain Attack02:39 New Attack Technique Exploits Microsoft Management Console Files03:20 UK and US Cops Band Together to Tackle Qilin’s Ransomware Shakedowns03:56 Chrome 126 Update Patches Memory Safety Bugs04:37 Recent Zyxel NAS Vulnerability Exploited by Botnet05:10 Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher05:42 Cloud Breaches Impact Nearly Half of Organizations Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Santander US Reveals Employee Bank Account Details Stolen00:49 Los Angeles Unified Confirms Student Data Stolen in Snowflake Account Hack01:33 Change Healthcare Lists the Medical Data Stolen in Ransomware Attack02:16 US Government Sanctions Twelve Kaspersky Lab Executives03:11 ANY. RUN Malware Sandbox Provider’s Employee Email Compromised03:54 CISA Issues New Advisory for Industrial Control Systems04:33 Facebook PrestaShop Module Exploited to Steal Credit Cards05:21 Risk of Getting Malicious Extension From Chrome Store Way Worse Than Google’s Letting On, Study Suggests06:15 Pressure Mounts on CISOs As SEC Bares Teeth With Legal Action Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 CDK Global Cyberattack Cripples 15,000 US Auto Dealerships00:50 Baltimore, One of America’s Deadliest Cities, Leaks Identities of Residents Who Reported Crimes01:37 Advance Auto Parts Confirms Data Breach in SEC Filing; Reports Losses Around $300,00002:27 Alleged AMCOM Data Breach Exposes Sensitive Military Documents on Dark Web03:13 Hacker Leaks Data of 33,000 Accenture Employees in Third-Party Breach03:46 Linux Version of RansomHub Ransomware Targets VMware ESXi VMs04:31 An Unpatched Bug Allows Anyone to Impersonate Microsoft Corporate Email Accounts05:06 Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs05:53 SolarWinds Serv-U Path-Traversal Flaw Actively Exploited in Attacks06:36 Atlassian Patches High-Severity Vulnerabilities in Confluence, Crucible, Jira07:22 Fortra Warns of Hard-Coded Password Vulnerability in The Filecatalyst08:21 LockBit Most Prominent Ransomware Actor in May 202409:02 Improving OT Cybersecurity Remains a Work in Progress Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 IntelBroker Hacker Claims Apple Breach, Steals Source Code for Internal Tools00:39 MEDUSA Ransomware Targets AJE Group: $1.5M Price Tag for 646GB of Data01:21 Circle K Atlanta Allegedly Breached, Data Stolen02:02 Crown Equipment Confirms a Cyberattack Disrupted Manufacturing02:35 FTC Sues Adobe for ‘Trapping’ Users in Deceptive Subscription Practices03:13 ShrinkLocker Uses Windows BitLocker Utility To Infect Computers03:50 Cryptojacking Campaign Targets Exposed Docker APIs04:27 Warning: Markopolo's Scam Targeting Crypto Users via Fake Meeting Software04:57 Chrome 126 Update Patches Vulnerability Exploited at Hacking Competition05:39 Mailcow Mail Server Flaws Expose Servers to Remote Code Execution06:30 CISA Warns of PoC Exploit for Vulnerability in RAD SecFlow-2 Industrial Switch07:09 Cybersecurity Burnout Costing Firms $700m+ Annually08:02 The Perilous Role of the CISO: Navigating Modern Minefields Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 AMD Data Breach: IntelBroker Claims Theft of Employee and Product Info00:50 BlackSuit Ransomware Leaks Kansas City Police Data in Failed Ransom Plot01:34 Amtrak Discloses Data Breach, Users Urged to Reset Passwords02:14 Akira Ransomware Claims the TETRA Technologies, 40GB of Sensitive Data at Risk02:48 MEDUSA Ransomware Group Demands $220,000 from US Institutions, Threatens Data Exposure03:28 Medibank Breach: Security Failures Revealed (Lack of MFA Among Them)04:10 Guidehouse and Nan McKay to Pay $11.3M for Cybersecurity Failures in COVID-19 Rental Assistance04:50 SonicWall Environment Left Open, Exposing Some Data – Customers Safe05:19 Cleveland Confirms Ransomware Attack As City Hall Remains Closed05:58 Critical RCE Flaws in vCenter Server Fixed (CVE-2024-37079, CVE-2024-37080)06:49 CVE-2024-37902 (CVSS 10): Critical Flaw in Deep Java Library Opens Door to System Takeover07:29 92% of Organizations Hit by Credential Compromise from Social Engineering Attacks08:15 Report Reveals Record Exploitation Rate For Load Balancers09:07 Quarter of Firms Suffer an API-Related Breach Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake00:57 LA County’s Department of Public Health (DPH) Data Breach Impacted Over 200,000 Individuals01:47 Panera Bread Likely Paid a Ransom in March Ransomware Attack02:38 Fake Google Chrome Errors Trick You Into Running Malicious PowerShell Scripts03:25 Beware Of Malicious Search Results Leading To SolarMarker Malware Installation03:59 Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor04:39 Empire Market Owners Charged With Operating $430M Dark Web Marketplace05:28 Critical Vulnerabilities Exposing Chinese Biometric Readers to Unauthorized Access06:05 Hidden Backdoor in D-Link Routers Let Attacker Login as Admin06:58 Malicious Emails Trick Consumers Into False Election Contributions07:36 Academics Develop Testing Benchmark for LLMs in Cyber Threat Intelligence Additional Resources:• Subscribe for daily updates• Check out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Dordt University Faces Massive Data Leak: Millions of Students and Staff Potentially Affected00:45 Keytronic Confirms Data Breach After Ransomware Gang Leaks Stolen Files01:37 New York Times Says Data Breach Affected Freelance Visual Contributors02:17 Globe Life Discloses Breach Amid Accusations of Fraud and Shady Business Tactics03:03 Los Angeles Schools Investigating Claims of Data for Sale on Dark Web03:46 Blackbaud Must Pay $6.75 Million, Improve Security After Lying About Scope of 2020 Hack04:31 Young Cyber Scammer Arrested, Allegedly Behind Cyberattacks on 45 U.S. Companies05:10 Former IT Employee Gets 2.5 Years for Wiping 180 Virtual Servers05:52 New Linux Malware Is Controlled Through Emojis Sent From Discord06:40 Asus Fixed Critical Remote Authentication Bypass Bug in Several Routers07:30 SolarWinds Serv-U Vulnerability Let Attackers Access Sensitive Files08:15 Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE09:05 The Biggest Downsides of Digital ID Adoption Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Truist Bank Confirms Breach After Stolen Data Shows Up on Hacking Forum00:45 Panera Warns of Employee Data Breach After March Ransomware Attack01:28 Grand Traverse County Faces Cyberattack: FBI and State Police Investigate02:10 City of Cleveland Scrambling to Restore Systems Following Cyberattack03:02 Life360 Says Personal Information Stolen From Tile Customer Support Platform03:45 New Attack Technique 'Sleepy Pickle' Targets Machine Learning Models04:27 Dark Web Actor Advertises New Click Fraud Software for Online Marketing Deception05:07 Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day05:56 Microsoft, Late to the Game on Dangerous DNSSEC Zero-Day Flaw06:38 Kaspersky Finds 24 Flaws in Chinese Biometric Hardware Provider07:18 Easily Exploitable Critical Vulnerabilities Found in Open Source AI/ML Tools08:15 0-day Vulnerability In 10,000 Web Apps Exploited Using XSS Payloads09:03 Cyber Insurance Claims Hit Record High in North America10:07 Facebook, Meta, Apple, Amazon Most Impersonated in Phishing Scams Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 CISA Warns of Criminals Impersonating Its Employees in Phone Calls00:42 Findlay Automotive Hit by Cybersecurity Attack, Investigation Ongoing01:15 Medusa Ransomware Group Claims Cyberattack on Organizations in USA, Canada01:46 Data Broker Shuts Down Product Related to Driver Behavior Patterns02:36 Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day03:24 RansomHub Brings Scattered Spider Into Its RaaS Fold03:59 Chrome 126, Firefox 127 Patch High-Severity Vulnerabilities04:41 Fortinet Patches Code Execution Vulnerability in FortiOS05:22 Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited06:00 Dark Web Hacker ‘Tombstone’ Markets Google Subdomain Vulnerabilities on Cybercrime Forum06:39 70% of Cybersecurity Pros Often Work Weekends, 64% Looking for New Jobs07:33 Security and Privacy Strategies for CISOs in a Mobile-First World Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Cyber Incident Forces Cleveland to Shut Down City Hall00:43 Pure Storage Confirms Data Breach After Snowflake Account Hack01:27 Ascension Makes Progress in Restoring Systems After Cyberattack, Patients to See Improved Wait Times02:13 Central Securities Corporation Faces Cyberattack Claims By Underground Team Ransomware Group02:43 TellYouThePass Ransomware Exploits Recent PHP RCE Flaw to Breach Servers03:36 New Warmcookie Windows Backdoor Pushed via Fake Job Offers04:16 Users of JetBrains IDEs at Risk of GitHub Access Token Compromise04:55 Arm Zero-Day in Mali GPU Drivers Actively Exploited in the Wild05:34 Popular Biometric Terminal Vulnerable To QR Code SQL Injection06:09 Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’06:52 Adobe Plugs Code Execution Holes in After Effects, Illustrator07:23 Patch Tuesday: Remote Code Execution Flaw in Microsoft Message Queuing08:09 Security Providers View Compliance as a High-Growth Opportunity Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 LendingTree Confirms That Cloud Services Attack Potentially Affected Subsidiary00:50 Christie’s Data Breach Impacted 45,798 Individuals01:36 BlackBerry Disputes Cylance Hack Claims, New York Times Confirms Code Breach02:20 Ticketmaster Attacker Vanishes, Pundits Speculating Arrest03:00 More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack03:28 Unencrypting VPN Traffic Through a New TunnelVision Attack04:12 Azure Service Tags Vulnerability: Microsoft Warns of Potential Abuse by Hackers04:53 Critical PyTorch Vulnerability Can Lead to Sensitive AI Data Theft05:37 Nvidia Patches High-Severity GPU Driver Vulnerabilities06:28 Cisco Finds 15 Vulnerabilities in AutomationDirect PLCs07:13 Exploit for Critical Veeam Auth Bypass Available, Patch Now08:05 IoT Vulnerabilities Skyrocket, Becoming Key Entry Point for Attackers08:45 Ransomware Tracker: The Latest Figures [June 2024]09:24 Why CISOs Need to Build Cyber Fault Tolerance Into Their Business Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 New York Times Source Code Stolen Using Exposed GitHub Token00:54 Frontier Says 750,000 Social Security Numbers Accessed During April Cyberattack01:45 Texas Attorney General Investigating Several Connected Car Manufacturers Over Data Sharing02:31 Nearly 400,000 Affected by Data Breach at Eye Care Management Services Company03:00 Beware of Fake Google Chrome Update Pop-Ups that Installs Malware03:36 LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities04:14 Hotel Check-in Kiosks Expose Guest Data, Room Keys04:47 EmailGPT Exposed to Prompt Injection Attacks05:27 SolarWinds Flaw Flagged by NATO Pen Tester06:01 Security Flaws Found in Popular WooCommerce Plugin06:42 PHP Addressed Critical RCE Flaw Potentially Impacting Millions of Servers07:38 26% of Organizations Lack Any Form of IT Security Training08:28 Cyber Insurance Isn’t the Answer for Ransom Payments09:04 Telecom, Media and Tech Companies Are Cyber Defense Standouts: Moody’s Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Advance Auto Parts: Alleged Data Breach Exposes Millions After Snowflake Cyberattack00:46 Financial Data Swiped From US Eye Clinics, Over 300k People Affected01:35 FBI Obtained 7,000 Lockbit Decryption Keys, Victims Should Contact the Feds to Get Support02:19 SecurityScorecard Files Complaint against Safe Security for Allegedly Misappropriating Trade Secrets03:14 RansomHub Operation Is a Rebranded Version of the Knight RaaS03:57 Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks04:42 Hackers Target Python Developers with Fake "Crytic-Compilers" Package on PyPI05:24 Exploitation of Recent Check Point VPN Zero-Day Soars06:06 7-Year-Old Oracle WebLogic Bug Under Active Exploitation06:49 Vulnerabilities Patched in Kiuwan Code Security Products After Long Disclosure Process07:25 PoC Exploit Code Published for 9.8-Rated Apache HugeGraph RCE Flaw08:09 78% of SMBs Fear Cyberattacks Could Shut Down Their Business08:50 #Infosec2024: Experts Share How CISOs Can Manage Change as the Only Constant09:35 #Infosec2024: CISOs Need to Move Beyond Passwords to Keep Up With Security Threats Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 FBI Warns of Rise in Work-From-Home Scams00:42 Microsoft Paid Tenable a Bug Bounty for an Azure Flaw It Says Doesn’t Need a Fix, Just Better Documentation01:29 Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs02:14 Nationwide Call Disruptions Trigger FCC Investigation into Major U.S. Wireless Carriers03:05 Accidental or Not, Another Google Leak Exposes Multiple Privacy Breaches03:52 Linux Version of TargetCompany Ransomware Focuses on VMware ESXi04:35 Zyxel Addressed Three RCEs in End-of-Life NAS Devices05:28 Cisco Webex Meetings Meeting Flaw Let Attackers Gain Unauthorized Access06:13 PoC Exploit Released for Linux Kernel Privilege Escalation Vulnerability06:59 5 Takeaways From the White House Cybersecurity Workforce Discussion07:44 #Infosec2024: Organizations Urged to Adopt Safeguards Before AI Adoption Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Clevo Gaming Laptop-Maker Claimed by RansomHub Ransomware Gang00:52 361 Million Account Credentials Leaked on Telegram: Are Yours Among Them?01:37 Cyberattack on Telecom Giant Frontier Claimed by RansomHub02:14 Kickstarter Star Leaks Over Half a Million Records With Clients’ Data02:57 Christie’s Stolen Data Sold to Highest Bidder Rather Than Leaked, RansomHub Claims03:43 Dessky Snippets WordPress Plugin Exploited For Card Skimming Attacks04:31 Beware! New Android Trojan ‘Viper RAT’ on Dark Web Steals Your Data05:06 Cybercrooks Get Cozy With BoxedApp to Dodge Detection05:54 Patch Now! Google Chrome Fixes Critical Vulnerabilities06:47 PoC Exploit Released for macOS Root Access Vulnerability07:36 37 Vulnerabilities Patched in Android08:37 Report Highlights How People Trick AI Chatbots Into Exposing Company Secrets09:22 Account Takeovers Outpace Ransomware as Top Security Concern10:16 Security Challenges Mount As Companies Handle Thousands of APIs Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Dark Web Actor Claims to Pilfer 2TB of Compressed Data from QuoteWizard00:50 Collection Agency FBCS Ups Data Breach Tally to 3.2 Million People01:37 Alleged Heineken Data Breach Potentially Impacts Over 8,000 Employees02:11 Spoofing Shein for Credential Harvesting02:45 Utah Student Gives Hackers False Information to Thwart Phishing03:28 Authorities Ramp Up Efforts to Capture the Mastermind Behind Emotet04:25 Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware05:12 High-Risk Atlassian Confluence RCE fixed, PoC Available (CVE-2024-21683)05:53 Researcher Uncovers Flaws in Cox Modems, Potentially Impacting Millions06:32 CISA Adds Oracle Weblogic Server Flaw to Its Known Exploited Vulnerabilities Catalog07:29 Critical Flaw In SkyBridge Routers Let Attackers Inject Commands08:06 Ransomware Rises Despite Law Enforcement Takedowns08:54 Businesses Must Prioritize Digital Trust to Avoid Major Problems Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Snowflake Denies Breach, Blames Data Theft on Poorly Secured Customer Accounts00:50 Ticketmaster Confirms Data Breach Impacting 560 Million Customers01:47 Data Leak Exposes Business Leaders and Top Celebrity Data02:28 AI Company Hugging Face Detects Unauthorized Access to Its Spaces Platform03:07 Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices03:55 More Than 600,000 Routers Knocked Out in October by Chalubo Malware04:41 Critical Apache LOG4J2 Flaw Still Threatens Global Finance05:23 Privacy is the Leading Concern Regarding AI Smartphones, Study Finds06:10 Lack of Skills and Budget Slow Zero-Trust Implementation07:22 Utilities Saw Fewer Q1 Ransomware Attacks Than Other Sectors. A Dragos Analyst Explains Why Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Nurses at Ascension Hospital in Michigan Raise Alarms About Safety Following Ransomware Attack00:55 Johnson & Johnson Reports Data Breach Potentially Linked to Massive Cencora Breach01:39 Everbridge Warns of Corporate Systems Breach Exposing Business Data02:23 Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud03:12 Police Seize Over 100 Malware Loader Servers, Arrest Four Cybercriminals04:12 Shady 'Merry-Go-Round' Ad Fraud Network Leaves Orgs Hemorrhaging Cash05:00 Family-Owned Woodworking Company Western Dovetail Hit by Akira Ransomware Attack05:35 Cyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma Sectors06:11 RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability06:46 Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors07:24 PoC Exploit Released for Microsoft Edge Information Disclosure Vulnerability07:57 Progress Telerik Report Server Flaw Let Attackers Bypass Authentication08:45 CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw09:32 Pretty Much All of the Headaches Affecting MSPs Are Due to Cybersecurity10:12 59% of Public Sector Apps Carry Long-standing Security Flaws10:54 NIST Says NVD Will Be Back on Track by September 2024 Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Massive Google Leak Exposes Search Algorithm Secrets00:44 First American December Data Breach Impacts 44,000 People01:27 Toshiba Email Compromise Reveals Social Security Numbers02:04 Internet Archive Disrupted by Sustained and “Mean” DDoS Attack02:50 Ransomware Attack on Seattle Public Library Knocks Out Online Systems03:36 U.S. Treasury Sanctions Chinese Nationals Behind Billion-Dollar 911 S5 Botnet Fraud04:18 U.S. Sentences 31-Year-Old to 10 Years for Laundering $4.5M in Email Scams05:11 Surge in Discord Malware Attacks as 50,000 Malicious Links Uncovered05:59 Over 90 Malicious Android Apps With 5.5M Installs Found on Google Play06:56 Cybercriminals Abuse Stack Overflow to Promote Malicious Python Package07:37 Check Point Warns of Zero-Day Attacks on its VPN Gateway Products08:32 Foxit PDF Reader and Editor Flaw Let Attackers Escalate Privilege09:10 Citrix Workspace App Lets Attackers Elevate Privileges From Local User to Root User09:51 Vulnerabilities in Eclipse ThreadX Could Lead to Code Execution10:34 Why CVEs Are an Incentives Problem11:16 Social Distortion: The Threat of Fear, Uncertainty and Deception in Creating Security Risk Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Christie’s Confirms Breach After RansomHub Threatens to Leak Data01:04 Hacker Claims Ticketmaster Data Breach: 560M User Details and Card Info at Risk01:45 Check Point VPN Targeted for Initial Access in Enterprise Attacks02:24 WordPress Plugin Abused to Install E-Skimmers in E-Commerce Sites03:03 Alleged Cyberattack Strikes Allied Telesis: LockBit Ransomware Suspected03:37 Breach Forums Return to Clearnet and Dark Web Despite FBI Seizure04:21 TeaBot Banking Trojan Activity on the Rise, Zscaler Observes05:04 Novel BLOODALCHEMY Malware Examined05:38 Exploit Released for Maximum Severity Fortinet RCE Bug, Patch Now06:21 Critical Vulnerability in PMB Library Software: CVE-2024-2628907:14 Zscaler Client Connector Zero-interaction Privilege Escalation Vulnerability07:53 Widespread Data Silos Slow Down Security Response Times Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Sav-Rx Discloses Data Breach Impacting 2.8 Million Americans01:02 Google Shares Details on Accidental File Deletion that Impacts Pension Fund’s Accounts01:42 The U.S. Moves a Step Closer to a Cyber Force02:33 New ATM Malware Family Emerged in the Threat Landscape03:18 Ransomware Attack Hits Medical Device Manufacturer03:55 A High-Severity Vulnerability Affects Cisco Firepower Management Center04:51 SingCERT Warns Critical Vulnerabilities Found in Multiple WordPress Plugins05:39 LangChain JS Framework Vulnerability Let Hackers Read Arbitrary File on Servers06:37 GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials07:17 Human Error Still Perceived As the Achilles’ Heel of Cybersecurity08:07 Digital ID Adoption: Implementation and Security Concerns09:12 New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Cencora Data Breach Exposes US Patient Info From 11 Drug Companies 00:57 MITRE December 2023 Attack: Threat Actors Created Rogue VMs to Evade Detection01:42 Fake AV Websites Used to Distribute Info-Stealer Malware02:18 Arc Browser’s Windows Launch Targeted by Google Ads Malvertising03:09 Hackers Phish Finance Orgs Using Trojanized Minesweeper Clone03:59 Newly Discovered Ransomware Uses BitLocker to Encrypt Victim Data04:41 Experts Find Flaw in Replicate AI Service Exposing Customers' Models and Data05:26 CVE-2024-5148: GNOME Remote Desktop Vulnerability Exposes Sensitive Information06:20 NSA Releases Guidance On Zero Trust Maturity To Secure Application From Attackers07:05 Best Buy and Geek Squad Were Most Impersonated Orgs by Scammers in 2023 Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 A Consumer-Grade Spyware App Found in Check-in Systems of 3 US Hotels00:49 Cybercriminals Exploit Cloud Storage For SMS Phishing Scams01:34 Threat Actor Claiming Access to AWS, Azure, MongoDB & Github API Keys02:10 Compromised Recording Software Was Served From Vendor’s Official Site, Threat Researchers Say03:06 Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern03:57 Moroccan Cybercrime Group Impersonates Nonprofits and Abuses Cloud Services to Rake In Gift Card Cash05:03 Feds Continue to Rack Up Convictions in BEC Cases As Georgia Man Gets 10-Year Sentence05:43 Critical Flaw in Replicate AI Platform Exposes Proprietary Data06:21 WinRAR Flaw Let Attackers Deceive Users with ANSI Escape Sequences07:09 Apple’s Wi-Fi Positioning Can Be System Abused To Track Users07:53 CISA Warns of Actively Exploited Apache Flink Security Vulnerability08:31 Ransomware Fallout: 94% Experience Downtime, 40% Face Work Stoppage09:32 NVD Leaves Exploited Vulnerabilities Unchecked Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Threat Actors Exploited Bitbucket Artifacts to Expose AWS Secrets in Plaintext00:57 CentroMed Data Breach Exposed 400,000 Patient Records01:40 Laundering Cash From Healthcare, Romance Scams Lands US Man in Prison for a Decade02:21 Hackers Sell Fake Pegasus Spyware on Clearnet and Dark Web03:04 Intercontinental Exchange to Pay $10M SEC Penalty Over VPN Breach04:01 Critical Veeam Backup Enterprise Manager Flaw Allows Authentication Bypass04:49 Rockwell Advises Disconnecting Internet-Facing ICS Devices Amid Cyber Threats05:38 UserPro Plugin Vulnerability Allows Account Takeover06:20 Critical Netflix Genie Bug Opens Big Data Orchestration to RCE07:15 Critical Vulnerability in Honeywell Virtual Controller Allows Remote Code Execution07:50 Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager08:23 Report Reveals 341% Rise in Advanced Phishing Attacks09:24 Beware – Your Customer Chatbot is Almost Certainly Insecure: Report09:57 CEOs Accelerate GenAI Adoption Despite Workforce Resistance Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Blackbasta Group Claims to Have Hacked Atlas, One of the Largest US Oil Distributors00:51 GhostEngine Mining Attacks Kill EDR Security Using Vulnerable Drivers01:43 EPA Issues Alert After Finding Critical Vulnerabilities in Drinking Water Systems02:35 Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users03:24 23-Year-Old Arrested for Running 100M Incognito Dark Web Market04:05 Kansas City Cyberattack Disrupts KC Scout Cameras, Impacts Crash Investigations and Services04:45 CasperSecurity Stealer Attacking Windows Machine to Remote Desktop Credentials05:36 Critical GitHub Enterprise Server Flaw Allows Authentication Bypass06:35 NextGen Healthcare Mirth Connect Under Attack - CISA Issues Urgent Warning07:20 Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox08:02 YouTube Has Become a Significant Channel for Cybercrime08:50 Deepfakes Rank As the Second Most Common Cybersecurity Incident for US Businesses09:34 Over 60% of Network Security Appliance Flaws Exploited as Zero Days10:31 70% of CISOs Expect Cyber-Attacks in Next Year, Report Finds Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 OmniVision Discloses Data Breach After 2023 Ransomware Attack00:50 Threat Actors USDoD and SXUL Claim 70 Million Rows of Sensitive Data in Alleged Prison Data Breach01:28 American Radio Relay League Cyberattack Takes Logbook of the World Offline02:08 Threat Actor Chucky, Owner of LeakBase Claims Knowmad Mood Data Breach02:52 GitCaught Campaign Relies on GitHub and Filezilla to Deliver Multiple Malware03:40 New BiBi Wiper Version Also Destroys the Disk Partition Table04:18 PoC Exploit for Ivanti EPMM Privilege Escalation Flaw Released (CVE 2024-22026)05:02 QNAP QTS Zero-Day in Share Feature Gets Public RCE Exploit05:42 Vulnerability Found in Fluent Bit Utility Used by Major Cloud, Tech Companies06:21 AI Python Package Flaw ‘Llama Drama’ Threatens Software Supply Chain07:01 Cybercriminals Shift Tactics to Pressure More Victims Into Paying Ransoms Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 Company That Assists Health Care Insurers Discloses 2023 Data Breach00:55 Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide01:47 Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam02:30 Ransomware Gang Targets Windows Admins via PuTTy, WinSCP Malvertising03:13 North Korea-Linked IT Workers Infiltrated Hundreds of US Firms04:10 Rumors of BreachForums Reboot 3.0 Already Brewing on Socials04:53 Intel Discloses Max Severity Bug in Its AI Model Compression Software05:41 CISA Warns of Hackers Exploiting Chrome, EoL D-Link Bugs06:26 Critical Security Flaws Uncovered in Popular WordPress eCommerce Theme XStore07:27 CISOs Grapple With IBM's Unexpected Cybersecurity Software Exit08:08 How a New Wave of Deepfake-Driven Cybercrime Targets Businesses Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:06 Cybercriminals Exploiting Microsoft's Quick Assist Feature in Ransomware Attacks01:07 Law Enforcement Data Stolen in Wichita Ransomware Attack01:46 Scammers Fake Docusign Templates to Blackmail & Steal From Companies02:32 Crook Brags About US Army and $75B Defense Biz Pwnage03:06 Rockford Public Schools Ransomware Attack Encrypted and Stole Student Data03:48 US Offers $5 Million for Info on North Korean IT Workers Involved in Job Fraud04:33 SugarGh0st RAT Variant Used in Targeted AI Industry Attacks05:28 IoT Cameras Exposed by Chainable Exploits, Millions Affected06:16 PoC Exploit Released for Ivanti EPMM MobileIron Core07:04 Critical Git Vulnerability Allows Rce When Cloning Repositories With Submodules (CVE-2024-32002)07:57 Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines08:42 CISO Confidence in AI Security Grows as GenAI Adoption Rises09:22 Cloud Security Incidents Make Organizations Turn to AI-Powered Prevention10:16 HP Exposes Low-Effort, High-Impact Cat-Phishing Targeting Users Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:06 Ransomware Attack on Singing River Health System Impacted 895,000 People00:48 FBI Seize BreachForums Hacking Forum Used to Leak Stolen Data01:25 PDF Exploitation Targets Foxit Reader Users02:05 As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs02:52 MITM Attacks Can Still Bypass FIDO2 Security, Researchers Warn03:39 Nissan Attack Exposes Sensitive Data of Thousands04:22 Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years05:11 Adobe Fixed Multiple Critical Flaws in Acrobat and Reader06:01 D-Link Routers Vulnerable to Takeover Via Exploit for Zero-Day06:45 Flaw in Wi-Fi Standard Can Enable SSID Confusion Attacks07:34 A Third of CISOs Have Been Dismissed “Out of Hand” By the Board08:16 Core Security Measures to Strengthen Privacy and Data Protection Programs Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:06 Zscaler Confirms Only Isolated Test Server Was Hacked00:43 Ongoing Campaign Bombards Enterprises with Spam Emails and Phone Calls01:16 Phorpiex Botnet Sent Millions of Phishing Emails to Deliver LockBit Black Ransomware02:03 Telegram CEO Calls Out Rival Signal, Claiming It Has Ties to US Government02:41 NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stalled03:33 Hackers Use DNS Tunneling to Scan and Track Victims04:06 Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data05:02 Google Fixes Sixth Actively Exploited Chrome Zero-Day This Year05:54 Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code06:51 SAP Patches Critical Vulnerabilities in CX Commerce, NetWeaver07:37 Apple Warns About iOS Zero-Day Exploit08:06 Microsoft Fixes Windows Zero-Day Exploited in QakBot Malware Attacks08:50 Tailoring Responsible AI: Defining Ethical Guidelines for Industry-Specific Use Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:00 Introduction00:06 AI Abused to Clone Voices, FBI Warns00:52 Hacker Offers Data Allegedly Stolen from the City of New York01:34 INC Ransomware Source Code Selling on Hacking Forums for $300,00002:16 FCC Reveals Royal Tiger, Its First Tagged Robocall Threat Actor03:03 Vermont Passes Data Privacy Law Allowing Consumers to Sue Companies03:49 Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo04:39 Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries05:24 Apple iTunes For Windows Flaw Let Attackers Execute Malicious Code06:06 AI’s Rapid Growth Puts Pressure on CISOs to Adapt to New Security Risks07:00 Critical Vulnerabilities Take 4.5 Months on Average to Remediate Additional Resources:• Subscribe for daily updates• Check out our daily newsletter at CISOHeadlines.com and subscribe to get notified! #CISO #CISODailyUpdate #CyberNEXT #cybersecurity #CISOHeadlines LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:06 The Post Millennial Hack Leaked Data Impacting 26 Million People00:47 U.S. Law Enforcement Cracks Down on Over 3,000 Money Mules01:41 New LLMjacking Attack Lets Hackers Hijack AI Models for Profit02:17 Ohio Lottery Data Breach Impacted Over 538,000 Individuals03:00 As White House Preps New Cyber Rules for Healthcare, Neuberger Says Backlash Is Unwarranted03:46 FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT04:32 Critical Next.js Vulnerability Let Attackers Compromise Server Operations05:29 PoC Released for Critical PuTTY Private Key Recovery Vulnerability06:15 Exploited Chrome Zero-Day Patched by Google06:52 CISA: Black Basta Ransomware Breached Over 500 Orgs Worldwide07:35 Okta’s Security Chief on the Company’s Own Cyberattack and How the ‘Battleground’ Has Shifted Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:06 Dell Warns of Data Breach, 49 Million Customers Allegedly Affected00:51 Boeing Confirms $200M Cyber Extortion Attempt of LockBit01:25 Catholic Health System Ascension Warns of Disruptions Following Cyberattack02:01 New 'LLMjacking' Attack Exploits Stolen Cloud Credentials02:47 Zscaler Is Investigating Data Breach Claims03:28 Monday[.]com Removes “Share Update” Feature Abused for Phishing Attacks04:05 Vast Network of Fake Web Shops Defrauds 850,000 & Counting04:50 F5 Fixes Big-IP Next Central Manager Flaws With Public PoCs (CVE-2024-21793, CVE-2024-26026)05:31 Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery06:24 Golang Vulnerability Alert: Remote Code Execution & Infinite Loop DNS Lookup07:13 CISA Starts CVE “Vulnrichment” Program07:52 Social Engineering in the Era of Generative AI: Predictions for 2024 Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:06 Brandywine Realty Trust Confirms Data Breach After Ransomware Attack00:48 One Year On, Universities Org Admits MOVEit Attack Hit Data of 800K People01:27 Scattered Spider Group a Unique Challenge for Cyber Cops, FBI Leader Says02:06 MediExcel Exposes 500K Patient Documents02:36 FBI Warns of Gift Card Fraud Ring Targeting Retail Companies03:17 Attackers Leverage TunnelVision Vulnerability to Expose User Data03:46 Veeam Fixes RCE Flaw in Backup Management Platform (CVE-2024-29212)04:19 The CyberPower UPS Vulnerability Threatening Critical Systems Across Sectors04:45 Litespeed Cache WordPress Plugin Actively Exploited in the Wild05:34 A Third of Tech CISOs Are Unhappy With Their Income06:10 97% of Organizations Hit by Ransomware Turn to Law Enforcement Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter 

This CISO Daily Update covers: 00:06 LockbitSupp Identified As Dmitry Khoroshev and Indicted for Ransomware Crimes00:58 MITRE Hack: China-Linked Group Breached Systems in December 202301:41 Play Ransomware Group Claims Responsibility for Disrupting Kansas City Scout System02:23 RSAC: Securing Foundational Tech Critical to Upholding Democratic Values, Says Blinken03:20 BetterHelp to Pay $7.8 Million to 800,000 in Health Data Sharing Settlement04:07 Citrix Addresses High-Severity Flaw in NetScaler ADC and Gateway04:49 Oracle Weblogic Server Flaw Allows Attackers Full Control – PoC Released05:30 Report Shows AI Fraud, Deepfakes Are Top Challenges For Banks06:14 Ransomware Operations Are Becoming Less Profitable06:59 Only 45% of Organizations Use MFA to Protect Against Fraud Additional Resources:Subscribe for daily updatesCheck out our daily newsletter at CISOHeadlines.com and subscribe to get notified! LINKSBe sure to check out and subscribe to our other channels to stay updated! 💡SpotifyYouTubeApple PodcastsLinkedIn Newsletter