Cybersecurity Headlines

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Feb 7-11, is hosted by Rich Stroffolino with our guest, Dave Stirling, CISO, Zions Bancorporation Thanks to our episode sponsor, Datadog Datadog Security Monitoring is part of the Datadog Cloud Security Platform, which protects an organization's production environment and provides threat detection, posture management, workload security, and application security in a single pane of glass. In this Datadog Security Monitoring product brief, you'll learn how to: Solve cloud complexity challenges with threat detection tools, detect and analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework. Download the brief today to learn more at datadoghq.com/ciso/ All links and the video of this episode can be found on CISO Series.com

Donation site for Ottawa truckers' "Freedom Convoy" protest exposed donors' data FritzFrog botnet returns to attack healthcare, education, government sectors If you use Zoom on a Mac, you might want to check your microphone settings Thanks to our episode sponsor, Datadog Datadog Security Monitoring is part of the Datadog Cloud Security Platform, which protects an organization's production environment and provides threat detection, posture management, workload security, and application security in a single pane of glass. In this Datadog Security Monitoring product brief, you'll learn how to: Solve cloud complexity challenges with threat detection tools, detect and analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework. Download the brief today to learn more at datadoghq.com/ciso/ For the stories behind the headlines, head to CISOseries.com.

Ukraine takes down social media bot farm Federal use of cell siphoning tech on the rise Microsoft expands security business Thanks to our episode sponsor, Datadog Datadog's Cloud Security Platform delivers real-time threat detection and continuous configuration audits across your entire production environment, so you can bring speed and scale to your security organization. The Cloud Security Platform is built on top of Datadog's observability platform, which breaks down silos between Security and DevOps teams and aligns them to shared organizational goals. To learn more about how Datadog Security Monitoring can solve cloud complexity challenges with a unified platform, download the product brief at datadoghq.com/ciso/

DOJ arrests New York couple, seizing $3.6 billion in bitcoin Google sees 50% drop in compromises after 2SV enrollment Puma employee data stolen as a result of Kronos attack Thanks to our episode sponsor, Datadog Datadog Security Monitoring is part of the Datadog Cloud Security Platform, which protects an organization's production environment and provides threat detection, posture management, workload security, and application security in a single pane of glass. In this Datadog Security Monitoring product brief, you'll learn how to: Solve cloud complexity challenges with threat detection tools, detect and analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework. Download the brief today to learn more at datadoghq.com/ciso/ For the stories behind the headlines, head to cisoseries.com

Stolen crypto used to fund North Korean missile program Microsoft disables protocol used by malware Meta may pull out of the EU Thanks to our episode sponsor, Datadog Datadog's Cloud Security Platform delivers real-time threat detection and continuous configuration audits across your entire production environment, so you can bring speed and scale to your security organization. The Cloud Security Platform is built on top of Datadog's observability platform, which breaks down silos between Security and DevOps teams and aligns them to shared organizational goals. To learn more about how Datadog Security Monitoring can solve cloud complexity challenges with a unified platform, download the product brief at datadoghq.com/ciso/

US House passes bill to boost chip manufacturing and R&D One in seven ransomware extortion attempts leak key operational tech records New Argo CD bug could let hackers steal secret info from Kubernetes apps Thanks to our episode sponsor, Datadog Datadog Security Monitoring is part of the Datadog Cloud Security Platform, which protects an organization's production environment and provides threat detection, posture management, workload security, and application security in a single pane of glass. In this Datadog Security Monitoring product brief, you'll learn how to: Solve cloud complexity challenges with threat detection tools, detect and analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework. Download the brief today to learn more at datadoghq.com/ciso/ For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Jan 24-Feb 4, is hosted by Rich Stroffolino with our guest, Brian Lozada, CISO, HBOMax Thanks to our episode sponsor, Pentera Align validation to the MITRE ATT&CK framework and the OWASP Top 10. By aligning to industry standards, security teams ensure that their testing covers the latest adversary techniques. Most attacks succeed by leveraging the most common TTPs, so challenging the attack surface against these frameworks provides comprehensive coverage of adversary techniques in the wild. In addition, it allows security executives to clearly report to management on security control efficacy and enterprise readiness against potential threats. Find out more at pentera.io All links and the video of this episode can be found on CISO Series.com

iPhone flaw exploited by second Israeli spy firm Target shares its own web skimming detection tool with the world MFA adoption pushes phishing actors to reverse-proxy solutions Thanks to our episode sponsor, Pentera Align validation to the MITRE ATT&CK framework and the OWASP Top 10. By aligning to industry standards, security teams ensure that their testing covers the latest adversary techniques. Most attacks succeed by leveraging the most common TTPs, so challenging the attack surface against these frameworks provides comprehensive coverage of adversary techniques in the wild. In addition, it allows security executives to clearly report to management on security control efficacy and enterprise readiness against potential threats. Find out more at pentera.io For the stories behind the headlines, head to CISOseries.com.

Iran-linked APT activity on the rise Hacker claims responsibility for North Korean internet disruptions TikTok: the once and future national security threat Thanks to our episode sponsor, Pentera To continuously know the exploitable attack surface, automate your validation. Security validation must be as dynamic as the attack surface it's securing. Periodical and manual tests aren't enough to challenge the changes an organization undergoes. Security teams need to have an on-demand view of their assets and exposures, and the only way to get there is by automating your testing. Find out more at pentera.io

Cyber attack disrupts German oil firm operations Tesla recalls Full Self Driving feature that lets cars roll through stop signs FBI recommends using burner phones at the Olympics Thanks to our episode sponsor, Pentera To understand the exploitable attack surface, security teams need to cover the full scope of potential attacks. Adversaries take the path of least resistance to the critical assets. This means using a variety of techniques to progress an attack, leveraging any vulnerability and its relevant correlations along the way. For this reason, the validation methods used must match - they need to go beyond the static vulnerability scan or control attack simulation to include a full penetration test scope. Find out more at pentera.io For the stories behind the headlines, head to CISOseries.com

Your GPU knows your secrets UPnP behind Eternal Silence router campaign DeFi platform hacked for $80 million Thanks to our episode sponsor, Pentera To understand the exploitable attack surface, take the adversarial perspective. The way to know which vulnerabilities are exploitable is to…well, exploit them. This way, security teams get a concise attack vector pointing to the organization's weakest link. From here remediation requests handed to IT are focused, manageable, and based on true business impact. Find out more at pentera.io

Novel device registration trick enhances multi-stage phishing attacks US bans major Chinese telecom over national security risks Over 20,000 data center management systems exposed to hackers Thanks to our episode sponsor, Pentera Pentera introduces Automated Security Validation! The newly-minted unicorn out of Israel takes a whole new approach to penetration testing - allowing every organization to continuously test the integrity of all cybersecurity layers - including against ransomware - leveraging proprietary ethical exploits to emulate real-world attacks at scale. All day, everyday. This week Pentera will discuss how to identify your exploitable attack surface, so stay tuned for their 'Tip of the Day'. Or visit pentera.io to find out more. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Jan 24-28, is hosted by Rich Stroffolino with our guest, Gary Hayslip, CISO, Softbank Investment Advisers Thanks to our episode sponsor, deepwatch All links and the video of this episode can be found on CISO Series.com

US says national water supply 'absolutely' vulnerable to hackers Microsoft mitigated a record 3.47 Tbps DDoS attack on Azure users BotenaGo Mirai botnet code leaked to GitHub Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together. For the stories behind the headlines, head to CISOseries.com.

White House releases new cybersecurity strategy Trickbot gets trickier VPNLab shuttered in global takedown Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together.

Canada's foreign ministry hacked Hactivists target Belarus rail system to stop Russian military buildup Segway victimized by Magecart attack Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together. For the stories behind the headlines, head to CISOseries.com

SBA launches cybersecurity program Ransomware gangs step up insider recruitment American Olympians warned to take cybersecurity precautions Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together.

Ukraine attack update: experts find strategic similarities with NotPetya Molerats use Google Drive and Dropbox as attack infrastructure Senators introduce bill to protect satellites from getting hacked Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Jan 17-21, is hosted by Rich Stroffolino with our guest, Julie Tsai, Cybersecurity Leader Thanks to our episode sponsor, Datadog Join Datadog in their upcoming webinar to learn how to dissect the anatomy of an attack vector in the cloud with the use of their unified Cloud Security Platform. Visit datadoghq.com/ciso to register for the webinar in the time zone most convenient for you and attendees will also get a chance to win a Datadog t-shirt. All links and the video of this episode can be found on CISO Series.com

NATO and Ukraine sign deal to boost cybersecurity Microsoft Sees Log4j attacks exploiting SolarWinds Serv-U bug Large-scale cyberattack hits the Red Cross Thanks to our episode sponsor, Datadog Join Datadog in their upcoming webinar to learn how to dissect the anatomy of an attack vector in the cloud with the use of their unified Cloud Security Platform. Visit datadoghq.com/ciso to register for the webinar in the time zone most convenient for you and attendees will also get a chance to win a Datadog t-shirt. For the stories behind the headlines, head to CISOseries.com.

CISA warns of data-wiping attacks EU working on its own DNS service Biden expands the NSA's cybersecurity purview Thanks to our episode sponsor, Datadog In Datadog's upcoming webinar, you'll learn how to best utilize the suite of Datadog Cloud Security products to identify the root cause of an attack and how a unified platform provides real-time threat-detection and continuous configuration audits across applications, hosts, containers and cloud infrastructure. Visit datadoghq.com/ciso to register for the webinar in the time zone most convenient for you and attendees will also get a chance to win a Datadog t-shirt.

Beijing 2022 Winter Olympics app loaded with privacy risks Europol shuts down cybercriminals' VPN service of choice Newspaper accuses Israeli police of spying on its own citizens Thanks to our episode sponsor, Datadog Join Datadog in their upcoming webinar to learn how to dissect the anatomy of an attack vector in the cloud with the use of their unified Cloud Security Platform. Visit datadoghq.com/ciso to register for the webinar in the time zone most convenient for you and attendees will also get a chance to win a Datadog t-shirt. For the stories behind the headlines, head to CISOseries.com

Ukraine points fingers in recent cyber attacks Another dark web marketplace calls it quits Renewable energy targeted for cyber espionage Thanks to our episode sponsor, Datadog In Datadog's upcoming webinar, you'll learn how to best utilize the suite of Datadog Cloud Security products to identify the root cause of an attack and how a unified platform provides real-time threat-detection and continuous configuration audits across applications, hosts, containers and cloud infrastructure. Visit datadoghq.com/ciso to register for the webinar in the time zone most convenient for you and attendees will also get a chance to win a Datadog t-shirt.

Microsoft discloses malware attack on Ukraine government networks New unpatched Apple Safari browser bug allows cross-site user tracking Now you can get your vulnerability alerts by phone Thanks to our episode sponsor, Datadog Join Datadog in their upcoming webinar to learn how to dissect the anatomy of an attack vector in the cloud with the use of their unified Cloud Security Platform. Visit datadoghq.com/ciso to register for the webinar in the time zone most convenient for you and attendees will also get a chance to win a Datadog t-shirt. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Jan 10-14, is hosted by Rich Stroffolino with our guest, Tyler Young, Director, Information Security, Relativity Thanks to our episode sponsor, BlackBerry All links and the video of this episode can be found on CISO Series.com

New undetected backdoor runs across three OS platforms Microsoft RDP bug enables data theft, smart-card hijacking Ukrainian police arrests ransomware gang that hit over 50 firms Thanks to our episode sponsor, BlackBerry CISO's…Listen Up. Is your team challenged with distinguishing threat signal from noise, reducing cyber costs and finding security talent? We're here to help. BlackBerry® Guard is a Managed Extended Detection & Response(XDR) service that merges the Cylance artificial intelligence cybersecurity platform with 24x7 support from award winning responders and prevention experts. Spend time on key security initiatives, instead of the fallout from breaches. Learn more at BlackBerry.com For the stories behind the headlines, head to CISOseries.com.

EU planning supply chain attack simulations TellYouThePass ransomware returns A look at Senate confirmations for cyber positions Thanks to our episode sponsor, BlackBerry With ransomware attacks like REvil, DarkSide, Conti, and recently Log4Shell, how confident are you in your cyber solution to prevent threats today and into the future? With BlackBerry's Prevention-First endpoint security, we prevent breaches vs responding to and mitigating future attacks. With our Cylance Artificial Intelligence(AI), threats are detected and prevented pre-execution. Traditional AV vendors can't do this. Get Prevention-First protection to keep your data and organization safe. Learn more at BlackBerry.com.

Apple to allow third-party app payment options in South Korea Hotel chain switches to Chrome OS to recover from ransomware attack Hackers leveraging Log4j to install NightSky ransomware Thanks to our episode sponsor, BlackBerry Cybersecurity Professionals… Listen up. Ransomware is on the rise and you can't afford to rely on ineffective endpoint technology to PREVENT attacks. With BlackBerry's 7th generation Artificial Intelligence(AI) and Machine Learning(ML) technology powered by Cylance, malicious attacks are detected and prevented on average of 25 months BEFORE appearing online. With our prevention-first approach, Cylance technology neutralizes malware before the exploitation stage of the kill-chain. Can your cyber solution do that? Get Prevention-First security. Visit BlackBerry.com to see the Cylance AI/ML demo prevent malware. For the stories behind the headlines, head to CISOseries.com

Open source developer poisons his own well Hacker group self-pwns Microsoft finds TCC bypass vulnerability in macOS Thanks to our episode sponsor, BlackBerry CISO's…Listen Up. Is your team challenged with distinguishing threat signal from noise, reducing cyber costs and finding security talent? We're here to help. BlackBerry® Guard is a Managed Extended Detection & Response(XDR) service that merges the Cylance artificial intelligence cybersecurity platform with 24x7 support from award winning responders and prevention experts. Spend time on key security initiatives, instead of the fallout from breaches. Learn more at BlackBerry.com

Hackers have been sending malware-filled USB sticks to U.S. companies disguised as gifts Swiss army asks its personnel to use the Threema instant-messaging app Norton 360 faces blowback for crypto feature Thanks to our episode sponsor, BlackBerry Cybersecurity Professionals… Listen up. Ransomware is on the rise and you can't afford to rely on ineffective endpoint technology to PREVENT attacks. With BlackBerry's 7th generation Artificial Intelligence(AI) and Machine Learning(ML) technology powered by Cylance, malicious attacks are detected and prevented on average of 25 months BEFORE appearing online. With our prevention-first approach, Cylance technology neutralizes malware before the exploitation stage of the kill-chain. Can your cyber solution do that? Get Prevention-First security. Visit BlackBerry.com to see the Cylance AI/ML demo prevent malware. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Jan 3-7, is hosted by Rich Stroffolino with our guest, Adam Glick, CISO, SimpliSafe Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together. All links and the video of this episode can be found on CISO Series.com

Honda, Acura cars hit by Y2K22 bug that rolls back clocks New trick could let malware fake iPhone shutdown to spy on users secretly Attackers exploit flaw in Google Docs' comments feature Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together. For the stories behind the headlines, head to CISOseries.com.

Microsoft's digital signature verification exploited New York AG warns of credential stuffing attacks Google acquires Siemplify Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together.

FTC warns of potential penalties for failing to fix Log4j flaws UScellular discloses data breach after billing system hack SlimPay fined for exposing data of 12 million customers for 5 years Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together. For the stories behind the headlines, head to CISOseries.com

Broward Health discloses major data breach Beware of the command line copy-paste backdoor HomeKit bug can crash iOS devices Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together.

Microsoft Exchange year 2022 bug breaks email delivery Uber email breach allows anyone to email as Uber Crypto security breaches cause $4.25 billion in losses in 2021 Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together. For the stories behind the headlines, head to CISOseries.com.

Defense bill includes cybersecurity provisions for private-sector Server firmware rootkit discovered Microsoft Defender showing Log4j false positives Thanks to our episode sponsor, Lookout Complexity is the enemy of security. With an integrated Zero Trust platform, Lookout makes things simple. Whether data is on employees' smartphones or in the cloud, Lookout enables organizations to protect sensitive information no matter where it goes. Discover why IDC named the Lookout CASB a major player in its latest MarketScape at lookout.com/idc.

LastPass confirms credential stuffing attack against its users Alexa issues deadly challenge to 10-year-old girl Apple aims to retain talent with up to $180,000 bonuses Thanks to our episode sponsor, Lookout Complexity is the enemy of security. With an integrated Zero Trust platform, Lookout makes things simple. Whether data is on employees' smartphones or in the cloud, Lookout enables organizations to protect sensitive information no matter where it goes. Discover why IDC named the Lookout CASB a major player in its latest MarketScape at lookout.com/idc. For the stories behind the headlines, head to CISOseries.com

Study looks at ransomware market share Researchers find abundant toolkits to get around 2FA Shutterfly hit with ransomware Thanks to our episode sponsor, Lookout Complexity is the enemy of security. With an integrated Zero Trust platform, Lookout makes things simple. Whether data is on employees' smartphones or in the cloud, Lookout enables organizations to protect sensitive information no matter where it goes. Discover why IDC named the Lookout CASB a major player in its latest MarketScape at lookout.com/idc.

Rook ransomware is yet another spawn of the leaked Babuk code Russia fines Google $100m over "illegal" content Fake Christmas Eve termination notices used as phishing lures Thanks to our episode sponsor, Lookout Complexity is the enemy of security. With an integrated Zero Trust platform, Lookout makes things simple. Whether data is on employees' smartphones or in the cloud, Lookout enables organizations to protect sensitive information no matter where it goes. Discover why IDC named the Lookout CASB a major player in its latest MarketScape at lookout.com/idc. For the stories behind the headlines, head to CISOseries.com.

CISA releases free scanner to spot Log4j exposure Researchers disclose unpatched vulnerabilities in Microsoft Teams software Microsoft Office patch bypassed for malware distribution in apparent 'dry run' Thanks to our episode sponsor, Lookout Is 2022 the beginning of the end for on-prem security? Two years after remote work became the norm, we're at an inflection point for both threats and security solutions. Just as you wouldn't bring a sword to a gunfight, organizations need to take advantage of integrated cloud solutions to tackle emerging challenges. Check out Lookout's 2022 predictions at lookout.com/predictions. For the stories behind the headlines, head to CISOseries.com.

Five Eyes issues Log4Shell advisory NSO Group deal with Uganda spurred backlash Microsoft PhotoDNA inverted to reveal images Thanks to our episode sponsor, Lookout Is 2022 the beginning of the end for on-prem security? Two years after remote work became the norm, we're at an inflection point for both threats and security solutions. Just as you wouldn't bring a sword to a gunfight, organizations need to take advantage of integrated cloud solutions to tackle emerging challenges. Check out Lookout's 2022 predictions at lookout.com/predictions.

Hack DHS program expanded to include Log4j Tech companies agree to protect data on undersea cable US returns $154 million stolen by Sony employee Thanks to our episode sponsor, Lookout Is 2022 the beginning of the end for on-prem security? Two years after remote work became the norm, we're at an inflection point for both threats and security solutions. Just as you wouldn't bring a sword to a gunfight, organizations need to take advantage of integrated cloud solutions to tackle emerging challenges. Check out Lookout's 2022 predictions at lookout.com/predictions. For the stories behind the headlines, head to CISOseries.com

Mobile network vulnerability goes back to 2G UK agency shares password trove with Have I Been Pwned Who watches the DarkWatchman? Thanks to our episode sponsor, Lookout Is 2022 the beginning of the end for on-prem security? Two years after remote work became the norm, we're at an inflection point for both threats and security solutions. Just as you wouldn't bring a sword to a gunfight, organizations need to take advantage of integrated cloud solutions to tackle emerging challenges. Check out Lookout's 2022 predictions at lookout.com/predictions.

Log4J – New patch and a field day for ransomware Western Digital warns customers to update their My Cloud devices Sainsbury's payroll hit by Kronos attack Thanks to our episode sponsor, Lookout Is 2022 the beginning of the end for on-prem security? Two years after remote work became the norm, we're at an inflection point for both threats and security solutions. Just as you wouldn't bring a sword to a gunfight, organizations need to take advantage of integrated cloud solutions to tackle emerging challenges. Check out Lookout's 2022 predictions at lookout.com/predictions. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines - Week in Review, Dec 13-17, is hosted by Rich Stroffolino with our guest, Patti Titus, Chief Privacy and Information Security Officer, Markel Thanks to our episode sponsor, Tines All links and the video of this episode can be found on CISO Series.com

Hackers begin exploiting second Log4j vulnerability as a third flaw emerges Researchers uncover new coexistence attacks on Wi-Fi and Bluetooth chips North American propane distributor 'Superior Plus' discloses ransomware attack Thanks to our episode sponsor, Tines Tines is no-code automation for security teams, trusted by the world's best companies like Canva, Auth0, and Coinbase. This holiday season, book a 10 minute demo of Tines and we'll donate $100 to your favorite charity – we're that certain you'll love what you see. Head over to tines.com/charity to book your 10 minute demo and send $100 to your favorite cause. For the stories behind the headlines, head to CISOseries.com.

Log4J vulnerability used by APTs Attacks on web apps surge Meta expands bug bounty program to include scraping Thanks to our episode sponsor, Tines Tines is no-code automation for security teams, trusted by the world's best companies like Canva, Auth0, and Coinbase. This holiday season, book a 10 minute demo of Tines and we'll donate $100 to your favorite charity – we're that certain you'll love what you see. Head over to tines.com/charity, to book your 10 minute demo and send $100 to your favorite cause.

Kronos ransomware outage drives widespread payroll chaos Log4j vulnerability update Microsoft Patch Tuesday addresses zero-day exploited to spread Emotet malware Thanks to our episode sponsor, Tines Tines was founded by experienced security practitioners who cared about their teams. When they couldn't find an automation platform that delivered, they founded a company and built their own. A few years later, customers like Coinbase, McKesson, and GitLab run their most important security workflows on Tines – everything from phishing response to employee onboarding. To learn more, visit tines.com. For the stories behind the headlines, head to CISOseries.com

New details on the Log4Shell attacks Apple releases Android AirTag detector UKG hit with ransomware Thanks to our episode sponsor, Tines Tines was founded by experienced security practitioners who cared about their teams. When they couldn't find an automation platform that delivered, they founded a company and built their own. A few years later, customers like Coinbase, McKesson, and GitLab run their most important security workflows on Tines – everything from phishing response to employee onboarding. To learn more, visit tines.com.