Cybersecurity Headlines

Charter Communications says vendor breach exposed some customer data Russia's Sandworm hackers blamed in fresh Ukraine malware attack Experts plans to release VMware vRealize log RCE exploit this week Thanks to this week's episode sponsor, Hunters Hunters is a complete SOC platform, built for your security team. By providing unlimited ingestion and normalization of security data without ruining your bottom line, a CISO at a leading online retailer was able to "triple her data ingestion while cutting costs from her SIEM provider by 75%." It's time to move beyond SIEM, with Hunters. Visit hunters.ai to learn more. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, January 23-27, is hosted by David Spark with our guest, Kathleen Mullin, CISO, Cancer Treatment Centers of America Thanks to our show sponsor, SafeBase If a prospective customer asked about your trust program or security policies, where would you send them? Chances are, you'd need to send an NDA, hunt down documentation, go back and forth via email, and answer a litany of questions. SafeBase is the better way. SafeBase's Smart Trust Center allows you to send *one link* to customers or buyers, so they can easily access the security and compliance information they need. Meanwhile, you get more control over who has access to your documents, and for how long. Build customer trust the smart way with SafeBase – learn more at safebase.com All links and the video of this episode can be found on CISO Series.com

FBI seizes Hive ransomware group infrastructure after lurking in servers for months Layoffs come to IBM - Kyndryl, Watson and Russia to blame Microsoft says services have recovered after widespread outage Thanks to this week's episode sponsor, SafeBase If a prospective customer asked about your trust program or security policies, where would you send them? Chances are, you'd need to send an NDA, hunt down documentation, go back and forth via email, and answer a litany of questions. SafeBase is the better way. SafeBase's Smart Trust Center allows you to send *one link* to customers or buyers, so they can easily access the security and compliance information they need. Meanwhile, you get more control over who has access to your documents, and for how long. Build customer trust the smart way with SafeBase - learn more at safebase.com For the stories behind the headlines, head to CISOseries.com.

A look at North Korean crypto stealing tactics Russia saw record DDoS attacks China leads in facial recognition tech exports Thanks to this week's episode sponsor, SafeBase These days, customer trust can be an organization's strongest competitive advantage. But how can you develop and maintain customer trust over the long term? The answer is SafeBase. After implementing SafeBase's Smart Trust Center, many companies see shorter deal cycles, higher-value contracts, and stronger long-term customer relationships. Some even achieve a 90% reduction in security questionnaires. Learn more at safebase.com

Pakistani authorities investigating whether cyberattack caused nationwide blackout FBI identifies hackers behind Horizon Bridge crypto theft GoTo says hackers stole encrypted backups and MFA settings Thanks to this week's episode sponsor, SafeBase Jump start your journey to long-lasting customer trust with SafeBase. Our Smart Trust Center helps your organization build customer trust through improved transparency, secure document sharing, process control and insights, and proactive communication. Security and GRC leaders at companies like Jamf, Instacart, and Snyk all rely on SafeBase as a central enabler of their trust program. Learn more and check out the case studies at SafeBase.com For the stories behind the headlines, visit CISOseries.com

LA School attack exposed Social Security numbers Government Accountability Office names and shames PLAY ransomware hits UK car dealerships Thanks to this week's episode sponsor, SafeBase If a prospective customer asked about your trust program or security policies, where would you send them? Chances are, you'd need to send an NDA, hunt down documentation, go back and forth via email, and answer a litany of questions. SafeBase is the better way. SafeBase's Smart Trust Center allows you to send *one link* to customers or buyers, so they can easily access the security and compliance information they need. Meanwhile, you get more control over who has access to your documents, and for how long. Build customer trust the smart way with SafeBase - learn more at safebase.com

PayPal accounts breached in large-scale credential stuffing attack Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner ODIN Intelligence hack exposes a huge trove of police raid files Thanks to this week's episode sponsor, SafeBase These days, customer trust can be an organization's strongest competitive advantage. But how can you develop and maintain customer trust over the long term? The answer is SafeBase. After implementing SafeBase's Smart Trust Center, many companies see shorter deal cycles, higher-value contracts, and stronger long-term customer relationships. Some even achieve a 90% reduction in security questionnaires. Learn more at safebase.com For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines - Week in Review, January 16-20, is hosted by Rich Stroffolino with our guest, George Finney, CISO, Southern Methodist University Thanks to our show sponsor, Cerby Did you know that over 60% of the cloud applications used by your company don't support identity standards like single sign-on? And that these applications are the leading cause of breaches? Cerby can help. Cerby discovers new applications, eliminates manual security tasks like offboarding, and addresses misconfigurations like disabled 2FA while increasing employee productivity. Wait. A security tool that increases productivity? Yup. Learn more at cerby.com. All links and the video of this episode can be found on CISO Series.com

Ransomware revenue falls by $300 million in 2022 as more victims refuse to pay Vice Society claims ransomware attack against University of Duisburg-Essen Android users beware of new Hook malware with RAT capabilities Thanks to today's episode sponsor, Cerby Did you know that over 60% of the cloud applications used by your company don't support identity standards like single sign-on? And that these applications are the leading cause of breaches? Cerby can help. Cerby discovers new applications, eliminates manual security tasks like offboarding, and addresses misconfigurations like disabled 2FA while increasing employee productivity. Wait. A security tool that increases productivity? Yup. Learn more at cerby.com. For the stories behind the headlines, head to CISOseries.com.

Vendors bypassing security patches ChatGPT creates polymorphic malware Bitwarden acquires Passwordless.dev Thanks to today's episode sponsor, Cerby Did you know that over 60% of the cloud applications used by your company don't support identity standards like single sign-on? And that these applications are the leading cause of breaches? Cerby can help. Cerby discovers new applications, eliminates manual security tasks like offboarding, and addresses misconfigurations like disabled 2FA while increasing employee productivity. Wait. A security tool that increases productivity? Yup. Learn more at cerby.com.

Ransomware attack impacts 1,000 ships Crypto influencer victimized by malware pushed by ads on Google Microsoft patches flaws in Azure cloud services Thanks to today's episode sponsor, Cerby Did you know that over 60% of the cloud applications used by your company don't support identity standards like single sign-on? And that these applications are the leading cause of breaches? Cerby can help. Cerby discovers new applications, eliminates manual security tasks like offboarding, and addresses misconfigurations like disabled 2FA while increasing employee productivity. Wait. A security tool that increases productivity? Yup. Learn more at cerby.com. For the stories behind the headlines, visit CISOseries.com

Cyber attack disrupts esport event Qbot overtakes Emotet CircleCI breach caused by infostealer Thanks to today's episode sponsor, Cerby Did you know that over 60% of the cloud applications used by your company don't support identity standards like single sign-on? And that these applications are the leading cause of breaches? Cerby can help. Cerby discovers new applications, eliminates manual security tasks like offboarding, and addresses misconfigurations like disabled 2FA while increasing employee productivity. Wait. A security tool that increases productivity? Yup. Learn more at cerby.com.

NortonLifeLock warns that hackers breached Password Manager accounts Hacker steals credit card info from Canada's largest alcohol retailer Severe security flaw found in "jsonwebtoken" library Thanks to today's episode sponsor, Cerby Did you know that over 60% of the cloud applications used by your company don't support identity standards like single sign-on? And that these applications are the leading cause of breaches? Cerby can help. Cerby discovers new applications, eliminates manual security tasks like offboarding, and addresses misconfigurations like disabled 2FA while increasing employee productivity. Wait. A security tool that increases productivity? Yup. Learn more at cerby.com. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, January 9-13, is hosted by Rich Stroffolino with our guest, Shaun Marion, CISO, McDonald's Thanks to our show sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salesforce and Microsoft? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections — including which end users have enabled them, and the level of data access they've been granted. Visit AppOmni.com to request a free risk assessment. All links and the video of this episode can be found on CISO Series.com

Experts detail Chromium browser security flaw putting confidential data at risk Twitter says 200 million-user leak not obtained from its systems, others disagree IcedID malware strikes again: Active Directory domain compromised in under 24 hours Thanks to today's episode sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections — including which end users have enabled them, and the level of data access they've been granted. Visit AppOmni.com to request a free risk assessment. For the stories behind the headlines, head to CISOseries.com.

FAA system failure delays flights Royal Mail hit by "cyber incident" Police app leaked operations data Thanks to today's episode sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections — including which end users have enabled them, and the level of data access they've been granted. Visit AppOmni.com to request a free risk assessment.

Iowa school district cancels classes due to cyberattack TikTok CEO questioned by EU about its data practices Government watchdog cracks federal agency's passwords Thanks to today's episode sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections — including which end users have enabled them, and the level of data access they've been granted. Visit AppOmni.com to request a free risk assessment. For the stories behind the headlines, visit CISOseries.com

API vulnerabilities found across car brands Bypassing Experian Security Trying to write malware with ChatGPT Thanks to today's episode sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections — including which end users have enabled them, and the level of data access they've been granted. Visit AppOmni.com to request a free risk assessment.

Russian Turla hackers hijack decade-old malware infrastructure to deploy new backdoors LastPass hit with lawsuit over August breach Hackers abuse Windows error reporting tool to deploy malware Thanks to today's episode sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections — including which end users have enabled them, and the level of data access they've been granted. Visit AppOmni.com to request a free risk assessment. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, January 2-6, is hosted by Sean Kelly with our guest, Bryan Willett, CISO, Lexmark Thanks to our show sponsor, AppOmni Did you know that over half of companies have sensitive SaaS data exposed on the public internet? And many breaches making headlines now involve SaaS apps? AppOmni can help. AppOmni identifies misconfigurations and guides remediation to keep your SaaS data secure. We help Security teams make sense of data access permissions, third party app visibility, and threat detection across their entire SaaS ecosystem. Get started at AppOmni.com. All links and the video of this episode can be found on CISO Series.com

Slack's private GitHub code repositories stolen over holidays CircleCI warns of security breach — rotate your secrets! NATO tests AI's ability to protect critical infrastructure against cyberattacks Thanks to today's episode sponsor, AppOmni Did you know that over half of companies have sensitive SaaS data exposed on the public internet? And many breaches making headlines now involve SaaS apps? AppOmni can help. AppOmni identifies misconfigurations and guides remediation to keep your SaaS data secure. We help Security teams make sense of data access permissions, third party app visibility, and threat detection across their entire SaaS ecosystem. Get started at AppOmni.com. For the stories behind the headlines, head to CISOseries.com.

'Mudge' joins cybersecurity firm Rapid7 Meta fined $400 million by European regulator Coinbase strikes a $100 million deal with regulators Thanks to today's episode sponsor, AppOmni Did you know that over half of companies have sensitive SaaS data exposed on the public internet? And many breaches making headlines now involve SaaS apps? AppOmni can help. AppOmni identifies misconfigurations and guides remediation to keep your SaaS data secure. We help Security teams make sense of data access permissions, third party app visibility, and threat detection across their entire SaaS ecosystem. Get started at AppOmni.com. For the stories behind the headlines, visit CISOseries.com

FTX founder has pleaded not guilty to fraud charges LA housing authority operations disrupted by cyberattack Ukrainian authorities bust major vishing call center Thanks to today's episode sponsor, AppOmni Did you know that over half of companies have sensitive SaaS data exposed on the public internet? And many breaches making headlines now involve SaaS apps? AppOmni can help. AppOmni identifies misconfigurations and guides remediation to keep your SaaS data secure. We help Security teams make sense of data access permissions, third party app visibility, and threat detection across their entire SaaS ecosystem. Get started at AppOmni.com. For the stories behind the headlines, visit CISOseries.com

Google to pay $29.5 million to settle lawsuits over user location tracking Ransomware gang cloned victim's website to leak stolen data LockBit gang apologizes, gives SickKids Hospital free decryptor Thanks to today's episode sponsor, AppOmni Did you know that over half of companies have sensitive SaaS data exposed on the public internet? And many breaches making headlines now involve SaaS apps? AppOmni can help. AppOmni identifies misconfigurations and guides remediation to keep your SaaS data secure. We help Security teams make sense of data access permissions, third party app visibility, and threat detection across their entire SaaS ecosystem. Get started at AppOmni.com. For the stories behind the headlines, head to CISOseries.com.

NETGEAR fixes a severe bug in its routers. Patch it ASAP! PyTorch discloses malicious dependency chain compromise over holidays LockBit ransomware claims attack on Port of Lisbon in Portugal Thanks to today's episode sponsor, AppOmni Did you know that over half of companies have sensitive SaaS data exposed on the public internet? And many breaches making headlines now involve SaaS apps? AppOmni can help. AppOmni identifies misconfigurations and guides remediation to keep your SaaS data secure. We help Security teams make sense of data access permissions, third party app visibility, and threat detection across their entire SaaS ecosystem. Get started at AppOmni.com. For the stories behind the headlines, head to CISOseries.com.

Snooping bug found on Google Home speakers 3Commas API database leaked Ireland investigating Twitter users data for sale Thanks to this week's episode sponsor, Tines Tines is the solution for security teams struggling with too much work, a talent shortage, and inevitable security incidents. Tines breaks the silos that exist between technologies and teams, so employees can focus on meaningful, not menial, tasks. Fewer manual errors and faster response times. Visit Tines.com to learn more.

Ransomware continues to hammer hospitals Citrix servers found vulnerable despite patches Log4Shell celebrates an anniversary Thanks to this week's episode sponsor, Tines If you're overwhelmed by your workload, Tines is the solution you've been looking for. Tines no-code automation checks boxes legacy SOAR tools can only dream of. Break the silos between tools and teams, focus on meaningful work, and eliminate manual errors while improving your response times. Visit Tines.com to stay ahead of the curve without breaking a sweat!

Facebook reaches settlement related to Cambridge Analytica scandal BTC.com lost $3 million in cyberattack Hackers use trojan to steal $8 million from BitKeep users Thanks to this week's episode sponsor, Tines Ever feel like you're stuck in a never-ending cycle of alerts? It's exhausting and frustrating. But here's the good news: Tines! Tines helps you focus on meaningful, not menial, tasks. Fewer mistakes, faster response times. And best of all, Tines' no-code automation platform can handle massive complexity and easily connect to your unique tech stack. Visit Tines.com now! For the stories behind the headlines, visit CISOseries.com

LastPass admits to severe data breach, encrypted password vaults stolen Chris Inglis to resign as national cyber director Comcast Xfinity accounts hacked in widespread 2FA bypass attacks Thanks to our episode sponsor, Tines Wondering how the world's leading security teams are figuring out how to do more with less? The answer is Tines! Tines is a hyper-flexible automation platform loved by customers like Okta, Canva, Kayak, and Coinbase. Tines enables security teams to focus on what matters most by taking care of the grunt work! Learn more at Tines.com. For the stories behind the headlines, head to CISOseries.com.

FBI warns of malware in search ads Guardian hit with suspected ransomware Attackers grab Okta source code Thanks to this week's episode sponsor, Tines Tis the season for more alerts and fewer resources available to manage them. But you can still be jolly--with Tines! Tines eliminates the need for security teams to waste time on repetitive, manual tasks. Powered by a no-code approach, security teams create—and maintain—powerful automations that deliver immediate results. Visit Tines.com to learn more!

McGraw Hill exposed student grades and personal info UK privacy regulator names and shames breached firms Twitter aided the Pentagon in covert online propaganda campaign Thanks to this week's episode sponsor, Tines If you're like most security teams, you currently face more phishing attacks and alert fatigue. The holiday season is the most wonderful time of the year for shoppers... but it's also a busy time for cybercriminals. Tines' no-code automation platform can help you transform your SecOps and stay one step ahead. Visit Tines.com to sign up for free today! For the stories behind the headlines, visit CISOseries.com

Botnet shrugs off Google The future of ransomware Epic Games receives record privacy fines Thanks to this week's episode sponsor, Tines If you're like most security teams, you're juggling multiple mission-critical priorities. But what if there was a way to break the silos in your environment? A way to focus on meaningful tasks? A way to reduce errors and achieve faster response times? Check out Tines.com to start experiencing the true benefits of proactive security operations powered by no-code automation.

CISA says Russia's Fancy Bear infiltrated US satellite network Google introduces end-to-end encryption for Gmail on the web NSA cyber director warns of Russian digital assaults on global energy sector Thanks to this week's episode sponsor, Tines Before Tines, co-founders Eoin and Thomas spent 15 years as senior security operators. Frustrated by the inability to solve for the challenges their teams were facing, they built their own solution. Tines allows security teams to robustly automate mundane, repetitive tasks – without code – so they can focus on their most important work. Visit Tines.com to learn more! For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, December 12-16, is hosted by Rich Stroffolino with our guest, Jeremy Embalabala, CISO, HUB International Thanks to our show sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com All links and the video of this episode can be found on CISO Series.com

Hackers target Japanese politicians with new MirrorStealer malware Crooks use HTML smuggling to spread QBot malware via SVG files FBI charges 6, seizes domains linked to DDoS-for-hire service platforms Thanks to this week's episode sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com. For the stories behind the headlines, head to CISOseries.com.

EU gets closer to US-data sharing agreement Microsoft signed malicious drivers InfraGard data for sale on dark web Thanks to this week's episode sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com.

Twitter addresses claims of recent data leak Uber hit with another breach after attack on third-party vendor Police in China arrest gang who laundered $1.7 billion via crypto Thanks to this week's episode sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com. For the stories behind the headlines, visit CISOseries.com

India's foreign ministry leaks passport details Cloudflare Zero Trust suite available to at-risk groups Greece outlaws spyware Thanks to this week's episode sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com.

Pwn2Own Toronto 2022 nets almost $1M for 63 zero days Antivirus and EDR solutions tricked into acting as data wipers Iran-linked MuddyWater APT launches new campaign Thanks to this week's episode sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, December 5-9, is hosted by Rich Stroffolino with our guest, Ken Athanasiou, CISO, VF Corporation Thanks to our show sponsor, PlexTrac The best pentesting teams trust PlexTrac. PlexTrac can improve efficiency and effectiveness at every phase of your proactive assessments. By centralizing the data from all your automation tools, cataloging important reusable content for easy access, and promoting communication and visibility at every phase of an assessment, PlexTrac cuts reporting time in half and adds value between reports. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the premier pentest reporting and collaboration platform. All links and the video of this episode can be found on CISO Series.com

North Korea-linked APT37 exploits Internet Explorer zero-day flaw Firewalls of several major vendors bypassed with generic attack method New 'Zombinder' platform binds Android malware with legitimate apps Thanks to today's episode sponsor, PlexTrac The best pentesting teams trust PlexTrac. PlexTrac can improve efficiency and effectiveness at every phase of your proactive assessments. By centralizing the data from all your automation tools, cataloging important reusable content for easy access, and promoting communication and visibility at every phase of an assessment, PlexTrac cuts reporting time in half and adds value between reports. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the premier pentest reporting and collaboration platform. For the stories behind the headlines, head to CISOseries.com.

Pentagon awards cloud deal to four major providers Apple finally adds encryption to iCloud backups CloudSEK claims it was hacked by another cybersecurity firm Thanks to today's episode sponsor, PlexTrac The Plextrac platform is your offensive security team's secret weapon. Build better reports in half the time, centralize your data, maximize your reusable content, and become more efficient and effective. PlexTrac clients report a "5X ROI in 1 year," a "30% increase in efficiency," have "cut their reporting cycle by 65%," and experienced a "18 to 22% time savings per engagement." Check out PlexTrac.com/CISOSeries to learn how PlexTrac can help your team deliver results. For the stories behind the headlines, visit CISOseries.com

Are we in the age of AI generated malware Rackspace confirms ransomware attack Meta Oversight Board rules on cross-check system Thanks to today's episode sponsor, PlexTrac The best pentesting teams trust PlexTrac. PlexTrac can improve efficiency and effectiveness at every phase of your proactive assessments. By centralizing the data from all your automation tools, cataloging important reusable content for easy access, and promoting communication and visibility at every phase of an assessment, PlexTrac cuts reporting time in half and adds value between reports. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the premier pentest reporting and collaboration platform.

Vulnerabilities found in popular baseboard software Chinese threat group stole COVID-19 relief funds The question of AI generated code Thanks to today's episode sponsor, PlexTrac The Plextrac platform is your offensive security team's secret weapon. Build better reports in half the time, centralize your data, maximize your reusable content, and become more efficient and effective. PlexTrac clients report a "5X ROI in 1 year," a "30% increase in efficiency," have "cut their reporting cycle by 65%," and experienced a "18 to 22% time savings per engagement." Check out PlexTrac.com/CISOSeries to learn how PlexTrac can help your team deliver results.

Open source software host Fosshost shutting down, CEO unreachable DHS Cyber Safety Review Board to review Lapsus$ attacks Rackspace rocked by 'security incident' that has taken out hosted Exchange services Thanks to today's episode sponsor, PlexTrac The best pentesting teams trust PlexTrac. PlexTrac can improve efficiency and effectiveness at every phase of your proactive assessments. By centralizing the data from all your automation tools, cataloging important reusable content for easy access, and promoting communication and visibility at every phase of an assessment, PlexTrac cuts reporting time in half and adds value between reports. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the premier pentest reporting and collaboration platform. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, November 28-December 2, is hosted by Rich Stroffolino with our guest, Terrance Cooley, CISO, Air Force JADC2 R&D Center. Thanks to our show sponsor, Automox Are you ready to ditch manual patching and all the complexity and hassle that comes with it? With Automox, you can automatically patch your Windows, macOs, and Linux devices with one easy-to-use, cloud-native platform. Modern patching should be easy. And now it is. With automated cross-OS patching, you'll save time and sleep better at night knowing your IT environment is secure. Visit Automox.com to learn more and start a free trial today. All links and the video of this episode can be found on CISO Series.com

Intruders gain access to user data in LastPass incident Sirius XM flaw unlocks smart cars thanks to code flaw Medibank hackers announce 'case closed' and dump huge data file on dark web Thanks to this week's episode sponsor, Automox And now a word from our sponsor, Automox. Are you ready to ditch manual patching and all the complexity and hassle that comes with it? With Automox, you can automatically patch your Windows, macOs, and Linux devices with one easy-to-use, cloud-native platform. Modern patching should be easy. And now it is. With automated cross-OS patching, you'll save time and sleep better at night knowing your IT environment is secure. Visit Automox.com to learn more and start a free trial today. For the stories behind the headlines, head to CISOseries.com.

Elon Musk's Starlink and the White House targeted by Killnet hackers Google links Windows exploit framework used to send spyware Malicious Android app creates fake accounts on multiple platforms Thanks to this week's episode sponsor, Automox Threat exposure is a growing business risk. Today, vulnerabilities are piling up faster than traditional remediation processes and tools can fix them. But fixing vulnerabilities doesn't have to be a fire drill. Now you can eliminate threats and manage exposed endpoints with Automox Automated Vulnerability Remediation, the only cloud-native solution that harmonizes your SecOps and ITOps workflow and lets you fix vulnerabilities dramatically faster – in minutes, not months. Visit Automox.com to learn more and start a free trial today. For the stories behind the headlines, head to CisoSeries.com

Hackers use trending TikTok 'Invisible Challenge' to spread malware Cyber Monday online sales hit record Sandworm gang launches Monster ransomware attacks on Ukraine Thanks to this week's episode sponsor, Automox Are you tired of using multiple tools to patch your third-party applications? With Automox you'll gain complete visibility of all your software and the ability to patch it, automatically, from a single platform. Fix missing third-party patches with the click of a button to dramatically reduce the time, effort, and complexity it takes to maintain a strong security posture. Visit Automox.com to learn more and start a free trial today. For the stories behind the headlines, head to CISOseries.com.

Project Zero warns of "patch gap" Twitter hit with spam campaign Canadian food company refuses ransom demands Thanks to this week's episode sponsor, Automox Are you ready to say goodbye to manual patching? With Automox you can automatically patch your Windows, macOs, and Linux devices with one easy-to-use, cloud-native platform. Modern patching can and should be easy. Save time and sleep better at night knowing your IT environment is secure with automated cross-OS patching. Visit Automox.com to learn more and start a free trial today.