Cybersecurity Headlines

Healthcare platform impacted by MOVEit Threat actors find a use for trigonometry What's happening with OpenAI Thanks to today's episode sponsor, Egress People are the biggest risk to your organizations' security and they are most vulnerable when using email. Egress is the only cloud email security platform to use an adaptive security architecture to automate threat detection and response for advanced phishing attacks and outbound data breaches, tailoring the experience for each user based on their real-time risk score. Visit egress.com to learn more about Egress' Intelligent Cloud Email Security suite and start detecting email threats your existing solution is missing today.

Clorox CISO departs months after cyberattack ALPHV/BlackCat Ransomware gang files SEC complaint Drenan Dudley acting national cyber director while Coker confirmation process continues Thanks to today's episode sponsor, Egress People are the biggest risk to your organizations' security and they are most vulnerable when using email. Egress is the only cloud email security platform to use an adaptive security architecture to automate threat detection and response for advanced phishing attacks and outbound data breaches, tailoring the experience for each user based on their real-time risk score. Visit egress.com to learn more about Egress' Intelligent Cloud Email Security suite and start detecting email threats your existing solution is missing today. For the stories behind the headlines, head to CISOseries.com

Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Jay Wilson, CISO, Insurity Thanks to our show sponsor, Sysdig For businesses innovating in the cloud, every second counts. Sysdig strengthens cyber resilience by reducing the attack surface, detecting threats in real time, and accelerating incident response. Our platform correlates signals across cloud workloads, identities, and services to enable businesses to prioritize risks and act decisively. Sysdig. Secure every second. Learn more at Sysdig.com All links and the video of this episode can be found on CISO Series.com

Fortinet warns of critical command injection bug in FortiSIEM Another data breach for Samsung Rhysida warning from FBI and CISA Thanks to today's episode sponsor, Sysdig For businesses innovating in the cloud, every second counts. Sysdig strengthens cyber resilience by reducing the attack surface, detecting threats in real time, and accelerating incident response. Our platform correlates signals across cloud workloads, identities, and services to enable businesses to prioritize risks and act decisively. Sysdig. Secure every second. For the stories behind the headlines, head to CISOseries.com.

Microsoft goes all in on Copilot YouTube's AI disclosure requirement CISA's AI Roadmap Thanks to today's episode sponsor, Sysdig For businesses innovating in the cloud, every second counts. Sysdig strengthens cyber resilience by reducing the attack surface, detecting threats in real time, and accelerating incident response. Our platform correlates signals across cloud workloads, identities, and services to enable businesses to prioritize risks and act decisively. Sysdig. Secure every second.

IPStorm botnet dismantled after hacker's guilty plea Federal court rules social media giants must face child safety lawsuits Authorities warn of Royal ransom gang's activities and rebranding Thanks to today's episode sponsor, Sysdig For businesses innovating in the cloud, every second counts. Sysdig strengthens cyber resilience by reducing the attack surface, detecting threats in real time, and accelerating incident response. Our platform correlates signals across cloud workloads, identities, and services to enable businesses to prioritize risks and act decisively. Sysdig. Secure every second. For businesses innovating in the cloud, every second counts. Sysdig strengthens cyber resilience by reducing the attack surface, detecting threats in real time, and accelerating incident response. Our platform correlates signals across cloud workloads, identities, and services to enable businesses to prioritize risks and act decisively. Sysdig. Secure every second. For the stories behind the headlines, visit CISOseries.com.

Australian ports hit with cyberattack AI companies join on to Christchurch Call to Action Generative AI threatens to dismantle terrorist content detection Thanks to today's episode sponsor, Sysdig For businesses innovating in the cloud, every second counts. Sysdig strengthens cyber resilience by reducing the attack surface, detecting threats in real time, and accelerating incident response. Our platform correlates signals across cloud workloads, identities, and services to enable businesses to prioritize risks and act decisively. Sysdig. Secure every second.

Industrial and Commercial Bank of China suffers ransomware attack UK health data donated for medical research shared with insurance companies Boeing data published by LockBit Thanks to today's episode sponsor, Sysdig For businesses innovating in the cloud, every second counts. Sysdig strengthens cyber resilience by reducing the attack surface, detecting threats in real time, and accelerating incident response. Our platform correlates signals across cloud workloads, identities, and services to enable businesses to prioritize risks and act decisively. Sysdig. Secure every second. For the stories behind the headlines, head to CISOseries.com.

Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Sean Kelly with guest Howard Holton, CTO, GigaOm Thanks to today's episode sponsor, OffSec OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is hosting a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. During the event, you'll learn how to attract and assess top talent, how to craft positioning for budget conversations, why CISOs make great board members, and more. Hear from forward-thinking infosec leaders from companies like CISCO, Amazon, and Salesforce. Save your seat and equip yourself with actionable takeaways to help shape the future of your organization's security. Register now at offsec.com/evolve All links and the video of this episode can be found on CISO Series.com

US most breached country last quarter OpenAI blames DDoS attacks for ongoing ChatGPT outages Clop exploits SysAid vulnerability Thanks to today's episode sponsor, OffSec And now a word from our sponsor. OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is hosting a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. During the event, you'll learn how to attract and assess top talent, how to craft positioning for budget conversations, why CISOs make great board members, and more. Hear from forward-thinking infosec leaders from companies like CISCO, Amazon, and Salesforce. Save your seat and equip yourself with actionable takeaways to help shape the future of your organization's security. Register now at offsec.com/evolve For the stories behind the headlines, head to CISOseries.com.

US launches "Shields Ready" campaign Microsoft and Meta announced AI imagery rules App Defense Alliance moves under the Linux Foundation Thanks to today's episode sponsor, OffSec And now a word from our sponsor. OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is running a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. Attend Evolve and get insider insights from a former bank hacker. Discover strategies on stretching your security budget and get tips to attract the crème de la crème of talent. It's more than just an event – it's a masterclass helping you elevate your cybersecurity leadership game. Hear from forward-thinking cybersecurity leaders from companies like CISCO, Amazon, Salesforce and more. Register today and get the insights you need to help shape the future of your company's security. Sign up now at offsec.com/evolve

Singapore's Marina Bay Sands customer data stolen in cyberattack Atlassian bug escalated to 10.0 severity Fake Ledger Live app steals over $700,000 in crypto Thanks to today's episode sponsor, OffSec And now a word from our sponsor. OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is hosting a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. During the event, you'll learn how to attract and assess top talent, how to craft positioning for budget conversations, why CISOs make great board members, and more. Hear from forward-thinking infosec leaders from companies like CISCO, Amazon, and Salesforce. Save your seat and equip yourself with actionable takeaways to help shape the future of your organization's security. Register now at offsec.com/evolve For the stories behind the headlines, visit CISOseries.com.

Android Dropper-as-a-Service Bypasses Google's Defenses Increase in zero-day exploits worries CISA Google Calendar as a C2 infrastructure Thanks to today's episode sponsor, OffSec And now a word from our sponsor. OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is running a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. Attend Evolve and get insider insights from a former bank hacker. Discover strategies on stretching your security budget and get tips to attract the crème de la crème of talent. It's more than just an event – it's a masterclass helping you elevate your cybersecurity leadership game. Hear from forward-thinking cybersecurity leaders from companies like CISCO, Amazon, Salesforce and more. Register today and get the insights you need to help shape the future of your company's security. Sign up now at offsec.com/evolve For the stories behind the headlines, head to CISOseries.com.

Okta explains hack source and response timeline Looney Tunables now being exploited Lazarus Group uses KandyKorn against blockchain engineers Thanks to today's episode sponsor, OffSec And now a word from our sponsor. OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is hosting a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. During the event, you'll learn how to attract and assess top talent, how to craft positioning for budget conversations, why CISOs make great board members, and more. Hear from forward-thinking infosec leaders from companies like CISCO, Amazon, and Salesforce. Save your seat and equip yourself with actionable takeaways to help shape the future of your organization's security. Register now at offsec.com/evolve For the stories behind the headlines, head to CISOseries.com.

Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Shawn Bowen, CISO, World Kinect Corporation Thanks to our show sponsor, Hunters There's nothing worse than relying on a legacy SIEM that your security team has out-grown, especially when it impacts your ability to detect real incidents. Hunters' SOC Platform offers built-in, always up-to-date detection rules and automatic correlation that allow SOC analysts to focus on higher-value tasks that impact your organization. It's time to move to a platform that reduces risk, complexity & cost for the SOC. Visit hunters.security to learn how you can replace your SIEM today. All links and the video of this episode can be found on CISO Series.com

Power outage darkens Cloudflare dashboard and APIs Apache ActiveMQ flaw sees HelloKitty attempt Boeing says cyber incident affects parts and distribution Thanks to today's episode sponsor, Hunters There's nothing worse than relying on a legacy SIEM that your security team has out-grown, especially when it impacts your ability to detect real incidents. Hunters' SOC Platform offers built-in, always up-to-date detection rules and automatic correlation that allow SOC analysts to focus on higher-value tasks that impact your organization. It's time to move to a platform that reduces risk, complexity & cost for the SOC. Visit hunters.security to learn how you can replace your SIEM today. For the stories behind the headlines, head to CISOseries.com.

Countries at UK summit pledge to tackle AI risks 'Kill switch' deliberately shuts down notorious botnet EU regulator bans Meta's targeted advertising practices Thanks to today's episode sponsor, Hunters There's nothing worse than relying on a legacy SIEM that your security team has out-grown, especially when it impacts your ability to detect real incidents. Hunters' SOC Platform offers built-in, always up-to-date detection rules and automatic correlation that allow SOC analysts to focus on higher-value tasks that impact your organization. It's time to move to a platform that reduces risk, complexity & cost for the SOC. Visit hunters.security to learn how you can replace your SIEM today. There's nothing worse than relying on a legacy SIEM that your security team has out-grown, especially when it impacts your ability to detect real incidents. Hunters' SOC Platform offers built-in, always up-to-date detection rules and automatic correlation that allow SOC analysts to focus on higher-value tasks that impact your organization. It's time to move to a platform that reduces risk, complexity & cost for the SOC. Visit hunters.security to learn how you can replace your SIEM today. For the stories behind the headlines, visit CISOseries.com.

Canada bans WeChat on government devices 40 countries sign no ransom pledge Apple warns Indian opposition leaders about iPhone attacks Thanks to today's episode sponsor, Hunters If your SIEM is causing an endless cycle of noisy alerts, manually writing generic detection rules, and limited data ingestion & retention, your SOC might need an upgrade. Hunters is a SaaS platform, purpose built for your Security Operations team. Solaris Group, a leading German FinTech, implemented Hunters to replace their SIEM eliminating the burden of redundant detection engineering and manual event correlation. Solaris Group's SOC analysts can now focus their time and energy on higher-value tasks. Visit hunters.security to learn how to replace your SIEM today.

Executive order outlines generative AI rules in the US Russia launchings its own VirusTotal Roaming data could leak geolocations Thanks to today's episode sponsor, Hunters Piecing together a SIEM not only takes forever, but it wastes your security team's valuable resources. Hunters is a SIEM alternative purpose built to help your Security Operations mature to the next level in a fraction of the time. Spontnana, a next-generation Travel-as-a-Service platform, uses Hunters' built-in correlation and enrichment capabilities to make better security decisions and experienced value from day one. Are you ready to evaluate Hunters as a SIEM alternative? Visit Hunters.security to learn more.

DC Board of Elections breach may include entire voter roll LockBit claims Boeing breach StripedFly malware infects 1 million Windows and Linux hosts Thanks to today's episode sponsor, Hunters Hunters is a SIEM alternative, built for your security team. Hunters empowers companies to replace their SIEM with unlimited ingestion and normalization of security data at a predictable cost. Using Hunters, a CISO at a leading online retailer "tripled the amount of data ingested by her security team while cutting costs from a legacy SIEM provider by 75%." To learn more about the benefits of replacing your legacy SIEM with Hunters visit hunters.security today. For the stories behind the headlines, head to CISOseries.com

Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Arvin Bansal, former CISO, Nissan Americas Thanks to our show sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount. All links and the video of this episode can be found on CISO Series.com

ILeakage attack steals emails, passwords from Apple devices and browsers CISA protests potential 25% budget cut as "catastrophic" Surge in hyper-volumetric HTTP DDoS attacks Thanks to today's episode sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount. For the stories behind the headlines, head to CISOseries.com.

SMIC making advanced chips with ASML tech Roundcube webmail exploited with zero-day Philadelphia's week somehow gets worse Thanks to today's episode sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount.

Cisco IOS XE Update: Number of infected devices via zero-day remains high California sidelines GM's driverless cars, citing safety risk Canada accuse China of 'Spamouflage' disinformation campaign Thanks to today's episode sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount. For the stories behind the headlines, visit CISOseries.com.

Chrome testing IP Protection Microsoft tests Security Copilot Cisco releases IOS XE patches Thanks to today's episode sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount.

Okta HAR support system attacked Cisco identifies additional IOS XE vulnerability Key Ragnar Locker player arrested in Paris Thanks to today's episode sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount. For the stories behind the headlines, head to CISOseries.com.

Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Andrew Wilder, CISO, Community Veterinary Partners Thanks to our show sponsor, Vanta "Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount. All links and the video of this episode can be found on CISO Series.com

International sting operation brings down RagnarLocker More 23andMe records leaked Casio discloses data breach Huge thanks to our sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount. For the stories behind the headlines, head to CISOseries.com.

State-backed attackers exploit WinRAR zero-day Five Eyes warns of Chinese IP theft ServiceNow data exposure issue identified Huge thanks to our sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount.

Zero-day attacks affect over 10,000 Cisco devices US government warns of widespread exploitation of Confluence vulnerability D-Link confirms data breach caused by phishing attack Huge thanks to our sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount. For the stories behind the headlines, visit CISOseries.com.

Israeli government warns to secure home security cameras Signal debunks zero-day report Equifax fined for 2017 data breach Huge thanks to our sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount.

LockBit claims attack on CDW FBI and CISA publish joint advisory regarding AvosLocker ransomware EPA rescinds cyber regulations for water sector Huge thanks to our sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount. For the stories behind the headlines, head to CISOseries.com.

Link to blog post This week's Cyber Security Headlines – Week in Review, is hosted by Rich Stroffolino with guest Martin Choluj, VP Security ClickHouse Thanks to our show sponsor, Hyperproof Are you struggling to showcase the value of your work? It's a classic challenge in the risk and compliance space: leadership just doesn't understand what exactly you do and why it matters. With Hyperproof, the leading risk and compliance management platform, you get access to real-time reports that can help your leadership team understand the impact of the valuable work you do every day. Get a demo at hyperproof.io. All links and the video of this episode can be found on CISO Series.com

Microsoft thwarts large-scale ransomware attack Former Uber CISO files appeal ToddyCat group targets telcos Thanks to today's episode sponsor, Hyperproof Is your company scaling? Do you need to quickly add more compliance frameworks but don't know where to start? Hyperproof has you covered. Hyperproof is a risk and compliance management platform that can help you manage compliance at scale. With Hyperproof, you can quickly add new frameworks, crosswalk controls between frameworks, view your risk posture, and manage your risks, all in one place. Visit hyperproof.io to get started today.

404 pages hijacked Atlassian Confluence attacked by state-backed actors Adobe's "icon of transparency" Thanks to today's episode sponsor, Hyperproof It's more critical than ever to focus on strategically addressing risk, but how can you do it when working with limited resources? That's where Hyperproof comes in: Hyperproof is a risk and compliance operations platform that helps you automate evidence collection, task management, and collaboration within your organization so you can focus on what matters most: keeping your company secure by prioritizing strategy, not manual processes. Get a demo at Hyperproof.io.

Internet-wide zero-day bug fuels largest-ever DDoS attack 23andMe resets user passwords after genetic data posted online Microsoft Exchange gets 'better' patch to mitigate critical bug Thanks to today's episode sponsor, Hyperproof We get it. You're a risk manager or compliance professional, and you're overworked. You're trying to do the right thing by keeping your company safe and secure, but your technology is holding you back. Why not upgrade to Hyperproof? Hyperproof is a platform that not only eliminates the manual tasks you dread, but helps you scale security. Get a demo today at hyperproof.io. For the stories behind the headlines, visit CISOseries.com.

Hacktivist attacks abound in the Middle East Network protocol open-source tool Curl faces worst security flaw in a long time HelloKitty ransomware source code leaked on hacking forum Thanks to today's episode sponsor, Hyperproof Imagine. You have an audit coming up, but instead of the usual rush, you actually feel prepared. You've collected your evidence. You can see which risks have been mitigated. And best of all, you don't have to send out any last-minute emails to other teams begging them for that one screenshot. Sounds like a dream, right? With Hyperproof's risk and compliance platform, this could be your reality. Get a demo at hyperproof.io. For the stories behind the headlines, head to CISOseries.com.

MGM Resorts quotes ransomware tab at $110 million Blackbaud in $49.5 million settlement for May 2020 ransomware attack 23andMe investigates breach claims Thanks to today's episode sponsor, Hyperproof Tired of managing risk and compliance in spreadsheets? Sick of tracking down stakeholders to find evidence? Worried about whether that evidence is up to date for your next audit? Hyperproof has you covered. With Hyperproof, you can efficiently manage multiple compliance frameworks and risks in a single place so you can focus on what matters most: keeping your company secure and growing. Visit hyperproof.io to get a demo. For the stories behind the headlines, head to CISOseries.com.

Link to blog post This week's Cyber Security Headlines – Week in Review, is hosted by Rich Stroffolino with guest Bob Schuetter, CISO, Ashland Thanks to our show sponsor, Conveyor Got a scary security questionnaire to complete and you'd rather have AI do it? Your infosec friends are making the switch from outdated RFP and compliance tools to Conveyor: the most accurate security questionnaire automation software on the market. The proof is in the AI. Customers are seeing 80-90% accurate auto-generated answers by and decreasing the time spent on questionnaire answering by 91%. Try a free one-week proof of concept at www.conveyor.com. All links and the video of this episode can be found on CISO Series.com

Apple rolls out patch for active iOS Zero-Day Cisco patches urgent Emergency Responder flaw Researchers warn of 100,000 exposed ICS systems Thanks to our episode sponsor, Conveyor We can all agree that AI can take one job from us: answering security questionnaires. Enter Conveyor: the AI security review platform helping infosec teams attack security questionnaires from all angles. Reduce incoming questionnaires by sharing a trust portal with customers and for those questionnaires you do get, use our AI questionnaire completion tool to auto-generate precise answers to entire questionnaires in seconds. Lucid tried a free one week proof of concept and reduced time spent on questionnaires by 91%. Learn more at www.conveyor.com. For the stories behind the headlines, head to CISOseries.com.

Red Cross issues hacktivist rules Looney Tunables hits major Linux distros CISA may have violated the First Amendment Thanks to our episode sponsor, Conveyor Will security questionnaires ever go away? Maybe. But as long as they're still here, you might as well get AI to complete them for you. Enter Conveyor. The AI security questionnaire automation software that auto-generates 80-90% accurate answers to entire questionnaires in seconds so all you have to do is review. There's even a browser extension for the world's worst portals. Not sure if it'll work for you? Try a free one-week proof of concept at www.conveyor.com.

Arm and Qualcomm warn about exploited GPU drivers EU Parliament strengthens spyware protections for journalists NSA creates AI Security Center Thanks to our episode sponsor, Conveyor Does the mountain of security questionnaires in your inbox make you feel like a 2 dollar umbrella in a hurricane? Then you might want to check out Conveyor: the AI security review platform helping infosec teams attack security questionnaires from all angles. Reduce incoming questionnaires by sharing a trust portal with customers and for those questionnaires you do get, use our AI questionnaire completion tool to auto-generate precise answers to entire questionnaires in seconds. Lucid tried a free one week proof of concept and reduced time spent on questionnaires by 91%. Learn more at www.conveyor.com.

Critical Progress FTP bug now being exploited in attacks Norway urges Europe-wide ban on Meta's targeted data collection KillNet claims DDoS attack against Royal Family website Thanks to our episode sponsor, Conveyor Got a scary security questionnaire to complete and you'd rather have AI do it? Your infosec friends are making the switch from outdated RFP and compliance tools to Conveyor: the most accurate security questionnaire automation software on the market. The proof is in the AI. Customers are seeing 80-90% accurate auto-generated answers by and decreasing the time spent on questionnaire answering by 91%. Try a free one-week proof of concept at www.conveyor.com. For the stories behind the headlines, visit CISOseries.com.

Cloudflare DDoS protections bypassed using Cloudflare McLaren Health Care becomes latest ALPHV/BlackCat victim Lazarus Group poses as Meta recruiters to spearfish Spanish engineers Thanks to our episode sponsor, Conveyor Does the thought of answering another security questionnaire make you want to beat the stuffing out of 32 pinatas? Then you might want to check out Conveyor: the AI security review platform helping infosec and sales teams attack security questionnaires from all angles. Reduce incoming questionnaires by sharing a trust portal with customers and for those questionnaires you do get, use our AI questionnaire completion tool to auto-generate precise answers to entire questionnaires in seconds. Lucid tried a free one week proof of concept and reduced time spent on questionnaires by 91%. Learn more at www.conveyor.com. For the stories behind the headlines, head to CISOseries.com.

Link to blog post This week's Cyber Security Headlines – Week in Review, is hosted by Rich Stroffolino with guest Andrew Storms, VP of security, Replicated Thanks to our show sponsor, AppOmni Are you confident in your organization's SaaS security? AppOmni surveyed 600+ security practitioners globally and 71% answered yes. But 79% experienced SaaS cybersecurity incidents. What's behind this disconnect? CISOs believe they have a mature level of SaaS cybersecurity using CASB, MFA, and IdP. But these solutions lack unified risk visibility. Without SSPM, they're blind to the true extent of their SaaS attack surface risk. Don't gamble with your data. Get the visibility and insights you need to protect your SaaS environment with AppOmni. All links and the video of this episode can be found on CISO Series.com

Chinese hackers stole emails from US State Dept in Microsoft breach Johnson Controls faces $51 million ransomware demand Google fixes year's fifth Chrome zero-day Thanks to today's episode sponsor, AppOmni If you think CASBs effectively secure your SaaS data… think again. CASBs lack visibility into your SaaS estate. Nor can they address and detect risks that arise from SaaS apps' unlimited endpoints. What you need is a robust SSPM designed to secure the dynamic and extensible nature of SaaS apps and their data. That's where AppOmni comes in. We continuously monitor your SaaS estate to detect cyber risks and secure your company's most critical data and workflows. Get started at AppOmni.com. For the stories behind the headlines, head to CISOseries.com.

GPUs vulnerable to pixel-stealing attacks Info-stealing commits hit GitHub Alleged Sony hackers hit NTT Docomo Thanks to today's episode sponsor, AppOmni Are you confident in your organization's SaaS security? AppOmni surveyed 600+ security practitioners globally and 71% answered yes. But 79% experienced SaaS cybersecurity incidents. What's behind this disconnect? CISOs believe they have a mature level of SaaS cybersecurity using CASB, MFA, and IdP. But these solutions lack unified risk visibility. Without SSPM, they're blind to the true extent of their SaaS attack surface risk. Don't gamble with your data. Get the visibility and insights you need to protect your SaaS environment with AppOmni.

Multiple threat actors lay claim to Sony hack Philippines health org struggling to recover from ransomware attack Canadian Flair Airlines leaked user data for months Thanks to today's episode sponsor, AppOmni If you think CASBs effectively secure your SaaS data… think again. CASBs lack visibility into your SaaS estate. Nor can they address and detect risks that arise from SaaS apps' unlimited endpoints. What you need is a robust SSPM designed to secure the dynamic and extensible nature of SaaS apps and their data. That's where AppOmni comes in. We continuously monitor your SaaS estate to detect cyber risks and secure your company's most critical data and workflows. Get started at AppOmni.com. For the stories behind the headlines, visit CISOseries.com.

Mixin Network loses $200 million Kia and Hyundai exploit linked to massive car thefts Stress testing voting equipment Thanks to today's episode sponsor, AppOmni Are you confident in your organization's SaaS security? AppOmni surveyed 600+ security practitioners globally and 71% answered yes. But 79% experienced SaaS cybersecurity incidents. What's behind this disconnect? CISOs believe they have a mature level of SaaS cybersecurity using CASB, MFA, and IdP. But these solutions lack unified risk visibility. Without SSPM, they're blind to the true extent of their SaaS attack surface risk. Don't gamble with your data. Get the visibility and insights you need to protect your SaaS environment with AppOmni.

Car audio manufacturer Clarion hacked – ALPHV claims responsibility High-ranking Egyptian politician targeted by Predator spyware City of Dallas issues report on May cyberattack Thanks to today's episode sponsor, AppOmni If you think CASBs effectively secure your SaaS data… think again. CASBs lack visibility into your SaaS estate. Nor can they address and detect risks that arise from SaaS apps' unlimited endpoints. What you need is a robust SSPM designed to secure the dynamic and extensible nature of SaaS apps and their data. That's where AppOmni comes in. We continuously monitor your SaaS estate to detect cyber risks and secure your company's most critical data and workflows. Get started at AppOmni.com. For the stories behind the headlines, head to CISOseries.com.