Cybersecurity Headlines

German cybersecurity watchdog issues red alert on Log4j Cyber incident reporting mandates suffer another congressional setback Russia blocks Tor web over privacy concerns Thanks to our episode sponsor, Tines You already know how crucial automation is. But why do security analysts still spend so much time on manual tasks? Let's face it – legacy tools just haven't delivered on the automation hype. Here's the secret: automation only works when it's built by those who know the process or workflow best – your security analysts. So, meet Tines: it's no-code automation, built for the whole team to use. Find out more at tines.com. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Dec 6-10, is hosted by David Spark with our guest, Paul Truitt, Principal, Mazars Thanks to our episode sponsor, Tines Tines is no-code automation for security teams, trusted by the world's best companies like Canva, Auth0, and Coinbase. This holiday season, book a 10 minute demo of Tines and we'll donate $100 to your favorite charity – we're that certain you'll love what you see. Head over to tines.com/charity to book your 10 minute demo and send $100 to your favorite cause. All links and the video of this episode can be found on CISO Series.com

Volume of attacks on IoT/OT devices increasing Cloudflare and others form incident response cyber insurance IT execs half as likely to face the axe after breaches, shortages to blame? Thanks to our episode sponsor, Tines Tines is no-code automation for security teams, trusted by the world's best companies like Canva, Auth0, and Coinbase. This holiday season, book a 10 minute demo of Tines and we'll donate $100 to your favorite charity – we're that certain you'll love what you see. Head over to tines.com/charity to book your 10 minute demo and send $100 to your favorite cause. For the stories behind the headlines, head to CISOseries.com.

Ransomware hits GitLab and Confluence QNAP is having another bad day A look at health data leaks in 2021 Thanks to our episode sponsor, Tines Tines is no-code automation for security teams, trusted by the world's best companies like Canva, Auth0, and Coinbase. This holiday season, book a 10 minute demo of Tines and we'll donate $100 to your favorite charity – we're that certain you'll love what you see. Head over to tines.com/charity, to book your 10 minute demo and send $100 to your favorite cause.

AWS outage impacts Ring, Netflix, and Amazon deliveries Google announces lawsuit against Glupteba blockchain botnet Microsoft seized domains used by cyberespionage group Thanks to our episode sponsor, Tines Tines was founded by experienced security practitioners who cared about their teams. When they couldn't find an automation platform that delivered, they founded a company and built their own. A few years later, customers like Coinbase, McKesson, and GitLab run their most important security workflows on Tines – everything from phishing response to employee onboarding. To learn more, visit tines.com. For the stories behind the headlines, head to CISOseries.com

Biden admin looks to accelerate cybersecurity hiring spree Text message service helped governments track phones US goes on the offensive against ransomware Thanks to our episode sponsor, Tines Tines was founded by experienced security practitioners who cared about their teams. When they couldn't find an automation platform that delivered, they founded a company and built their own. A few years later, customers like Coinbase, McKesson, and GitLab run their most important security workflows on Tines – everything from phishing response to employee onboarding. To learn more, visit tines.com.

Omicron phishing scam already spotted in UK Pegasus spyware reportedly hacked iPhones of U.S. State Department and diplomats Realistic looking fake Office 365 spam quarantine alerts on the rise Thanks to our episode sponsor, Tines You already know how crucial automation is. But why do security analysts still spend so much time on manual tasks? Let's face it – legacy tools just haven't delivered on the automation hype. Here's the secret: automation only works when it's built by those who know the process or workflow best – your security analysts. So, meet Tines: it's no-code automation, built for the whole team to use. Find out more at tines.com. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Nov 29-Dec 3, is hosted by Rich Stroffolino with our guest, Pat Benoit, vp, Global Cyber GRC/BISO, CBRE Thanks to our episode sponsor, Votiro Your users need to accept and open files to do their jobs. Keep them safe and productive with Votiro. With Votiro zero trust file sanitization API, your users can download and use any file instantly, from PDF to Autodesk CAD, with malicious code already removed—and full file usability intact. The signatureless file sanitization process happens in milliseconds without user friction. Visit Votiro.com and learn why millions of users trust Votiro to disarm billions of files each year. All links and the video of this episode can be found on CISO Series.com

Emotet now spreads via fake Adobe Windows App Installer packages Data from 400,000 Planned Parenthood patients compromised Double extortion ransomware victims soar 935% Thanks to our episode sponsor, Votiro Your users need to accept and open files to do their jobs. Keep them safe and productive with Votiro. With Votiro zero trust file sanitization API, your users can download and use any file instantly, from PDF to Autodesk CAD, with malicious code already removed—and full file usability intact. The signatureless file sanitization process happens in milliseconds without user friction. Visit Votiro.com and learn why millions of users trust Votiro to disarm billions of files each year. For the stories behind the headlines, head to CISOseries.com.

AT&T customers hit with malware CISA announces advisory panel Palo Alto Networks looks at speed of compromise in the cloud Thanks to our episode sponsor, Votiro Your users need to accept and open files to do their jobs. Keep them safe and productive with Votiro. With Votiro zero trust file sanitization API, your users can download and use any file instantly, from PDF to Autodesk CAD, with malicious code already removed—and full file usability intact. The signatureless file sanitization process happens in milliseconds without user friction. Visit Votiro.com and learn why millions of users trust Votiro to disarm billions of files each year.

Twitter bans sharing private images and videos without consent DNA testing firm discloses data breach affecting over 2 million people Critical 'Printing Shellz' bugs impact 150 HP printer models Thanks to our episode sponsor, Votiro Your users need to accept and open files to do their jobs. Keep them safe and productive with Votiro. With Votiro zero trust file sanitization API, your users can download and use any file instantly, from PDF to Autodesk CAD, with malicious code already removed—and full file usability intact. The signatureless file sanitization process happens in milliseconds without user friction. Visit Votiro.com and learn why millions of users trust Votiro to disarm billions of files each year. For the stories behind the headlines, head to CISOseries.com

Dark web market shuts down after DDoS Clearview facing fines in the UK New Chinese surveillance system will target journalists and students Thanks to our episode sponsor, Votiro Your users need to accept and open files to do their jobs. Keep them safe and productive with Votiro. With Votiro zero trust file sanitization API, your users can download and use any file instantly, from PDF to Autodesk CAD, with malicious code already removed—and full file usability intact. The signatureless file sanitization process happens in milliseconds without user friction. Visit Votiro.com and learn why millions of users trust Votiro to disarm billions of files each year.

RATDispenser spreads multiple remote access trojans into the wild North Korea-linked Zinc group posed as Samsung recruiters to target security firms Interpol arrests over 1,000 suspects linked to cyber crime Thanks to our episode sponsor, Votiro Your users need to accept and open files to do their jobs. Keep them safe and productive with Votiro. With Votiro zero trust file sanitization API, your users can download and use any file instantly, from PDF to Autodesk CAD, with malicious code already removed—and full file usability intact. The signatureless file sanitization process happens in milliseconds without user friction. Visit Votiro.com and learn why millions of users trust Votiro to disarm billions of files each year. For the stories behind the headlines, head to CISOseries.com.

Over nine million Android devices infected Researcher discloses zero-day exploit due to low bounty payouts Threat actors compromise exposed services in 24 hours Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together. For the stories behind the headlines, head to CISOseries.com

GoDaddy data breach impacts millions Microsoft looks at brute-force attacks Printers used to bypass fingerprint authentication Thanks to our episode sponsor, deepwatch What is the value of good security? Can you quantify what mature detection and response means for your organization? A recent Forrester study found that a deepwatch MDR customer achieved 432% ROI and over 10 million dollars in benefits and savings from their solution over a 3 year period. Visit deepwatch.com/tei-report for the full report and to learn how your team could see the same success.

US banks will be required to report cyberattacks within 36 hours Microsoft Exchange malware campaign uses stolen internal reply-chain emails Conti ransomware group suffers a data breach Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Nov 15-19, is hosted by Sean Kelly with our guest, Richard Rushing, CISO, Motorola Mobility Thanks to our episode sponsor, Vulcan Cyber All links and the video of this episode can be found on CISO Series.com

PerSwaysion phishing campaign still ongoing, and pervasive FBI: FatPipe VPN zero-day exploited by APT for 6 months RedCurl corporate espionage hackers resume attacks with updated tools Thanks to our episode sponsor, Vulcan Cyber The fact that CISA felt the need to release the massive "Known Exploited Vulnerabilities Catalog" recently says everything we need to know about the state of our collective cyber debt. Attend the Vulcan Cyber virtual summit on December 9th and learn how your peers are working to take on cyber risk and mitigate known vulnerabilities at scale. Go to vulcan.io and click the button at the top of the screen to register for the event. For the stories behind the headlines, head to CISOseries.com.

CISA releases cyber response playbooks Exec pleads guilty on internet address fraud Iranian ransomware targeting US organizations Thanks to our episode sponsor, Vulcan Cyber Vulnerability scanners are commoditized. Cloud service providers provide free scanners. Open source scanners are plentiful. Your team doesn't need another scanner, but they need to get better at identifying and prioritizing the risk that is buried in that scan data. Attend the Vulcan Cyber virtual user conference and learn how to assess and mitigate risk across all of your surfaces. Go to vulcan.io and click the button at the top of the screen to register for the event.

Emotet botnet makes comeback with help from TrickBot Leaked Robinhood customer data now up for sale WordPress sites defaced in fake ransomware attacks Thanks to our episode sponsor, Vulcan Cyber Matt Hurewitz is the associate director of application security at Best Buy. Matt has a theory that a risk-based approach to application security is more effective than a faith-based approach. We agree. Attend the Vulcan Cyber virtual summit on December 9th to hear how Matt and the Best Buy team approach application security. Learn from the best. Registration is free for your entire team. Go to vulcan.io and click the button at the top of the screen to register for the event. For the stories behind the headlines, head to CISOseries.com

DHS launches program to close cyber talent gap China expands cybersecurity review requirements Microsoft blocks Edge redirects Thanks to our episode sponsor, Vulcan Cyber Ryan Gurney spent years as CSO and security exec for companies like Google Looker, Zendesk, Engine Yard, and eBay. Ryan has seen a few things and is done pretending cyber security is something it isn't. Attend the Vulcan Cyber virtual summit on December 9th to get Ryan's take on the difference between negligent and effective cyber security. It's a fine line. Go to vulcan.io and click the button at the top of the screen to register for the event.

FBI email system reportedly hacked to send fake DHS cyberattack messages FBI email hacker blames poor coding US Education Department urged to boost K-12 schools' ransomware defenses Thanks to our episode sponsor, Vulcan Cyber Cyber risk isn't easy to quantify, much less mitigate. Use the same approach endorsed by leading security teams at Honeywell, Zoom, and Wells Fargo to tackle cyber risk. Attend the Vulcan Cyber virtual summit on December 9th and learn how the new Vulcan Security Posture Rating will give you the insights you need to reduce risk and secure your business. Go to vulcan.io and click the button at the top of the screen to register for the event. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines - Week in Review, Nov 8-12, is hosted by Rich Stroffolino with our guest, John Overbaugh, CISO, Alpine Software Group Thanks to our episode sponsor, Vulcan Cyber The fact that CISA felt the need to release the massive "Known Exploited Vulnerabilities Catalog" recently says everything we need to know about the state of our collective cyber debt. Attend the Vulcan Cyber virtual summit on December 9th and learn how your peers are working to take on cyber risk and mitigate known vulnerabilities at scale. Go to vulcan.io and click the button at the top of the screen to register for the event. All links and the video of this episode can be found on CISO Series.com

EU pharmaceutical giants run old, vulnerable apps and fail to use encryption in login forms Gmail accounts are used in 91% of all baiting email attacks Microsoft warns of uptick in HTML smuggling Thanks to our episode sponsor, Vulcan Cyber The fact that CISA felt the need to release the massive "Known Exploited Vulnerabilities Catalog" recently says everything we need to know about the state of our collective cyber debt. Attend the Vulcan Cyber virtual summit on December 9th and learn how your peers are working to take on cyber risk and mitigate known vulnerabilities at scale. Go to vulcan.io and click the button at the top of the screen to register for the event. For the stories behind the headlines, head to CISOseries.com.

Trend Micro details long running hacker-for-hire group WP Reset PRO plugin works a little too well Zero-day found in Palo Alto Networks security appliances Thanks to our episode sponsor, Vulcan Cyber Vulnerability scanners are commoditized. Cloud service providers provide free scanners. Open source scanners are plentiful. Your team doesn't need another scanner, but they need to get better at identifying and prioritizing the risk that is buried in that scan data. Attend the Vulcan Cyber virtual user conference and learn how to assess and mitigate risk across all of your surfaces. Go to vulcan.io and click the button at the top of the screen to register for the event.

Robinhood breach impacts millions of customers Meta shares bullying and harassment numbers for the first time Meta to remove sensitive ad-targeting categories as new bill takes aim at online platform algorithms Thanks to our episode sponsor, Vulcan Cyber Matt Hurewitz is the associate director of application security at Best Buy. Matt has a theory that a risk-based approach to application security is more effective than a faith-based approach. We agree. Attend the Vulcan Cyber virtual summit on December 9th to hear how Matt and the Best Buy team approach application security. Learn from the best. Registration is free for your entire team. Go to vulcan.io and click the button at the top of the screen to register for the event. For the stories behind the headlines, head to CISOseries.com

US infrastructure bill includes cybersecurity provisions Chipmakers respond to US call for supply chain info REvil hackers arrested Thanks to our episode sponsor, Vulcan Cyber Ryan Gurney spent years as CSO and security exec for companies like Google Looker, Zendesk, Engine Yard, and eBay. Ryan has seen a few things and is done pretending cyber security is something it isn't. Attend the Vulcan Cyber virtual summit on December 9th to get Ryan's take on the difference between negligent and effective cyber security. It's a fine line. Go to vulcan.io and click the button at the top of the screen to register for the event.

Feds likely to fall short of deadline for strengthening encryption, multifactor authentication Experts spot phishing campaign impersonating security firm Proofpoint Facebook outage a prime example of insider threat by machine Thanks to our episode sponsor, Vulcan Cyber Cyber risk isn't easy to quantify, much less mitigate. Use the same approach endorsed by leading security teams at Honeywell, Zoom, and Wells Fargo to tackle cyber risk. Attend the Vulcan Cyber virtual summit on December 9th and learn how the new Vulcan Security Posture Rating will give you the insights you need to reduce risk and secure your business. Go to vulcan.io and click the button at the top of the screen to register for the event. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Nov 1-5, is hosted by Rich Stroffolino with our guest, Davi Ottenheimer, vp, trust and digital ethics, Inrupt Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021, a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test your skills and win prizes in the 24-hr CLOUDSEC Challenge, a hands-on immersive experience that has something for everyone – from novice application coders to experienced security practitioners! Join for FREE on November 16th, for free. Sign up at cloudsec.com All links and the video of this episode can be found on CISO Series.com

Expired certificate breaks Windows 11 snipping tool, emoji panel, and more Iranian hacking group leaks patient and LGBTQ info Popular 'coa' npm library hijacked to steal user passwords Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021, a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test your skills and win prizes in the 24-hr CLOUDSEC Challenge, a hands-on immersive experience that has something for everyone – from novice application coders to experienced security practitioners! Join for FREE on November 16th, for free. Sign up at cloudsec.com For the stories behind the headlines, head to CISOseries.com.

CISA creates exploited bug catalog Bots used to scam 2FA codes US sanctions companies selling hacking tools Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021, a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test your skills and win prizes in the 24-hr CLOUDSEC Challenge, a hands-on immersive experience that has something for everyone – from novice application coders to experienced security practitioners! Join for FREE on November 16th, for free. Sign up at cloudsec.com

Facebook deletes 1 billion faceprints in Face Recognition shutdown Tesla recalls nearly 12,000 vehicles due to software error Android patches actively exploited zero-day kernel bug Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021, a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test your skills and win prizes in the 24-hr CLOUDSEC Challenge, a hands-on immersive experience that has something for everyone – from novice application coders to experienced security practitioners! Join for FREE on November 16th, for free. Sign up at cloudsec.com For the stories behind the headlines, head to CISOseries.com

Cyberattack disrupts healthcare in Canadian provinces Researchers discover Pink botnet Facebook takes down government-run troll farm in Nicaragua Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021, a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test your skills and win prizes in the 24-hr CLOUDSEC Challenge, a hands-on immersive experience that has something for everyone – from novice application coders to experienced security practitioners! Join for FREE on November 16th, for free. Sign up at cloudsec.com

Iranian Black Shadow hacking group breaches Israeli Internet hosting firm All Windows versions impacted by new LPE zero-day vulnerability International jeweler Graff hit by Conti gang, with data of its rich clients at risk Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021, a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test your skills and win prizes in the 24-hr CLOUDSEC Challenge, a hands-on immersive experience that has something for everyone – from novice application coders to experienced security practitioners! Join for FREE on November 16th, for free. Sign up at cloudsec.com For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Oct 25-29, is hosted by Rich Stroffolino with our guest, Jason Fruge, CISO, Rent-a-Center Thanks to our episode sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-cloud environments. Replace your traditional network access boxes – VPNs, bastion hosts, and gateways – with a cloud-based zero trust remote access solution and enable a safe and reliable "work from anywhere" environment. Visit banyansecurity.io for more information. All links and the video of this episode can be found on CISO Series.com

Android spyware spreading as antivirus software in Japan Half of home workers buy potentially insecure technology EU investigating leak of private key used to forge Covid passes And now a word from our sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-cloud environments. Replace your traditional network access boxes – VPNs, bastion hosts, and gateways – with a cloud-based zero trust remote access solution and enable a safe and reliable "work from anywhere" environment. Visit banyansecurity.io for more information. For the stories behind the headlines, head to CISOseries.com.

Chinese surveillance tech pulled from US retailers Microsoft warns of rise in password spraying attacks The FTC is looking into the Facebook Files And now a word from our sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-cloud environments. Replace your traditional network access boxes – VPNs, bastion hosts, and gateways – with a cloud-based zero trust remote access solution and enable a safe and reliable "work from anywhere" environment. Visit banyansecurity.io for more information.

Iranian gas stations out of service after cyberattack Nevada and North Dakota top cybercrime lists Researcher cracked 70% of sampled WiFi networks And now a word from our sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-cloud environments. Replace your traditional network access boxes – VPNs, bastion hosts, and gateways – with a cloud-based zero trust remote access solution and enable a safe and reliable "work from anywhere" environment. Visit banyansecurity.io for more information. For the stories behind the headlines, head to CISOseries.com

Microsoft report on Nobelium Healthcare organizations struggle with breaches ProtonMail wins appeal on surveillance data And now a word from our sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-cloud environments. Replace your traditional network access boxes – VPNs, bastion hosts, and gateways – with a cloud-based zero trust remote access solution and enable a safe and reliable "work from anywhere" environment. Visit banyansecurity.io for more information.

Crypto-miner and malware found hidden inside npm libraries Facebook sues Ukrainian who scraped the data of 178 million users BlackMatter ransomware victims quietly helped using secret decryptor And now a word from our sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-cloud environments. Replace your traditional network access boxes – VPNs, bastion hosts, and gateways – with a cloud-based zero trust remote access solution and enable a safe and reliable "work from anywhere" environment. Visit banyansecurity.io for more information. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Oct 18-22, is hosted by Rich Stroffolino with our guest, Matthew Southworth, CISO, Priceline Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Want to know what we learned from analyzing 2 million malicious emails? At Tessian's Human Layer Summit you'll hear about new threat intelligence into the state of spear phishing. Guest speakers from TrustedSec and KnowBe4 will discuss what kind of attacks are getting through typical enterprise defences, what that means for user protection and what security leaders need to do about it. Join in on the conversation to learn about what we discovered by registering now at tessian.com/summit All links and the video of this episode can be found on CISO Series.com

Cybercrime matures as hackers are forced to work smarter FIN7 tries to trick pentesters into launching ransomware attacks China VPN exposes data for 1M users Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Want to know what we learned from analyzing 2 million malicious emails? At Tessian's Human Layer Summit you'll hear about new threat intelligence into the state of spear phishing. Guest speakers from TrustedSec and KnowBe4 will discuss what kind of attacks are getting through typical enterprise defences, what that means for user protection and what security leaders need to do about it. Join in on the conversation to learn about what we discovered by registering now at tessian.com/summit For the stories behind the headlines, head to CISOseries.com.

Russian firms see DDoS spike Sinclair hack linked to Russian organization Microsoft expires old Windows updates Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Want to get the latest security insights from Cisco, Forrester, Intercontinental Exchange and Knowbe4? At Tessian's Human Layer Security Summit you'll get fresh insights and actionable advice to help you build an effective, future proof security strategy. Hear from top CISOs and InfoSec Leaders who will speak on the HOTTEST topics in cyber today. Join thousands of your peers by registering now at tessian.com/summit

Ransomware reports signal lack of preparedness and willingness to pay Acer hacked twice in a week by the same threat actor FCC takes aim at spam texts Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Worried if your security stack is enough for today's attack landscape? A recent Forrester Consulting study says, Human Layer Security could be the missing link. At Tessian's Human Layer Security Summit, hear why a commissioned study conducted by Forrester Consulting on behalf of Tessian has identified Human Layer Security as the missing link in enterprise security stacks. The study shows that Security and Risk Management leaders invest more in process and technology than people to improve the security of their human-layer. Hear key findings from the research from Tessian's guest speaker, Forrester senior analyst Jess Burn. Join in on the conversation at tessian.com/summit For the stories behind the headlines, head to CISOseries.com

Sinclair TV disrupted by ransomware Water system proves easy target for ransomware REvil shuts down… again Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Want to know what we learned from analyzing 2 million malicious emails? At Tessian's Human Layer Summit you'll hear about new threat intelligence into the state of spear phishing. Guest speakers from TrustedSec and KnowBe4 will discuss what kind of attacks are getting through typical enterprise defences, what that means for user protection and what security leaders need to do about it. Join in on the conversation to learn about what we discovered by registering now at tessian.com/summit

Missouri Governor vows to prosecute St. Louis Post-Dispatch for reporting security vulnerability NFTs now come with wallet-emptying malware Experts hack a fully patched iOS 15 running on iPhone 13 at China's Tianfu Cup hacking contest Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Calling all security trailblazers! Want to get the latest security insights from Cisco, Forrester, Intercontinental Exchange and Knowbe4? At Tessian's Human Layer Security Summit you'll get fresh insights and actionable advice to help you build an effective, future proof security strategy. Hear from top CISOs and InfoSec Leaders who will speak on the HOTTEST topics in cyber today. Join thousands of your peers by registering now at tessian.com/summit For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Oct-11-15, is hosted by David Spark with our guest, Christopher Zell, CISO, Wendy's Thanks to our episode sponsor, Bitsight All links and the video of this episode can be found on CISO Series.com

New "Yanluowang" ransomware variant discovered Financial regulator addresses hybrid working security risks DocuSign phishing campaign targets low-ranking employees Thanks to our episode sponsor, Bitsight These are challenging times for security professionals. From managing third party supply chain risk, to quantifying financial exposure, to reducing the likelihood of ransomware, BitSight helps security and risk professionals create more effective cybersecurity programs with cybersecurity ratings and analytics. Learn why Moody's, the Department of Defense, and other leading institutions partner with BitSight at www.bitsight.com For the stories behind the headlines, head to CISOseries.com.

Windows 11 Patch Tuesday causes AMD performance issues Student used zero-day for school prank US leaves China and Russia off the anti-ransomware invite list Thanks to our episode sponsor, Bitsight Did you know that organizations with poor patching practices are 8 times more likely to experience a ransomware incident? From managing third party supply chain risk, to quantifying financial exposure, to reducing the likelihood of ransomware, BitSight helps security and risk professionals create more effective cybersecurity programs with cybersecurity ratings and analytics. Learn why Moody's, the Department of Defense, and other leading institutions partner with BitSight at www.bitsight.com

Olympus suffers second cyberattack in 2021 Microsoft's Patch Tuesday squashes four zero-day vulns White House directs federal agencies to step up EDR Thanks to our episode sponsor, Bitsight In spite of all the recent attacks, did you know that only 17% of organizations continuously monitor their third party vendors? From managing third party supply chain risk, to quantifying financial exposure, to reducing the likelihood of ransomware, BitSight helps security and risk professionals create more effective cybersecurity programs with cybersecurity ratings and analytics. Learn why Moody's, the Department of Defense, and other leading institutions partner with BitSight at www.bitsight.com For the stories behind the headlines, head to CISOseries.com