Cybersecurity Headlines

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Sep 20-24, 2021, is hosted by Rich Stroffolino with our guest, Brett Conlon, CISO, Edelman Financial Engines Thanks to our episode sponsor, Kanu Solutions Over the next few weeks Kanu Solutions is offering a series of educational sessions on a variety of topics in security, such as endpoints, networks, privileged access management, Internet of things, and governance, risk management and compliance, or GRC. Attend these sessions to get some savvy education from the security experts at Kanu Solutions. You could also get a twenty dollar UberEats Gift Card just for attending. You can participate in Kanu Solutions' Lunch-n-Learn by registering at kanusolutions.com/events. All links and the video of this episode can be found on CISO Series.com

Second farming cooperative shut down by ransomware this week Canadian VoIP provider battles massive DDoS attack REvil double-crosses ransomware affiliates using sneaky backdoor tactics Thanks to our episode sponsor, Kanu Solutions Over the next few weeks Kanu Solutions is offering a series of educational sessions on a variety of topics in security, such as endpoints, networks, privileged access management, Internet of things, and governance, risk management and compliance, or GRC. Attend these sessions to get some savvy education from the security experts at Kanu Solutions. You could also get a twenty dollar UberEats Gift Card just for attending. You can participate in Kanu Solutions' Lunch-n-Learn by registering at kanusolutions.com/events. For the stories behind the headlines, head to CISOseries.com

Let's Encrypt root certificate may cause problems for older devices Now we have to worry about PhaaS Time to patch all the VMware things Thanks to our episode sponsor, Kanu Solutions Over the next few weeks Kanu Solutions is offering a series of educational sessions on a variety of topics in security, such as endpoints, networks, privileged access management, Internet of things, and governance, risk management and compliance, or GRC. Attend these sessions to get some savvy education from the security experts at Kanu Solutions. You could also get a twenty dollar UberEats Gift Card just for attending. You can participate in Kanu Solutions' Lunch-n-Learn by registering at kanusolutions.com/events.

Capoae malware brute-forces WordPress sites for cryptomining Malicious email surge predicted for Q4 Farming group warns of supply chain chaos after ransomware attack Thanks to our episode sponsor, Kanu Solutions Over the next few weeks Kanu Solutions is offering a series of educational sessions on a variety of topics in security, such as endpoints, networks, privileged access management, Internet of things, and governance, risk management and compliance, or GRC. Attend these sessions to get some savvy education from the security experts at Kanu Solutions. You could also get a twenty dollar UberEats Gift Card just for attending. You can participate in Kanu Solutions' Lunch-n-Learn by registering at kanusolutions.com/events. For the stories behind the headlines, head to CISOseries.com.

Google expands app permissions reset Epik confirms it got hacked Telegram suspends Russian election bots Thanks to our episode sponsor, Kanu Solutions Over the next few weeks Kanu Solutions is offering a series of educational sessions on a variety of topics in security, such as endpoints, networks, privileged access management, Internet of things, and governance, risk management and compliance, or GRC. Attend these sessions to get some savvy education from the security experts at Kanu Solutions. You could also get a twenty dollar UberEats Gift Card just for attending. You can participate in Kanu Solutions' Lunch-n-Learn by registering at kanusolutions.com/events.

Email scammers posed as DOT officials in phishing messages focused on $1 trillion bill A new banking Trojan abuses YouTube for remote configuration Admin of DDoS service behind 200,000 attacks faces serious prison time Thanks to our episode sponsor, Kanu Solutions Over the next few weeks Kanu Solutions is offering a series of educational sessions on a variety of topics in security, such as endpoints, networks, privileged access management, Internet of things, and governance, risk management and compliance, or GRC. Attend these sessions to get some savvy education from the security experts at Kanu Solutions. You could also get a twenty dollar UberEats Gift Card just for attending. You can participate in Kanu Solutions' Lunch-n-Learn by registering at kanusolutions.com/events. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Sep 13-17, 2021, is hosted by Rich Stroffolino with our guest, Geoff Belknap, CISO, LinkedIn Thanks to our episode sponsor, Sonrai Sonrai is changing Public Cloud Security by focusing on protecting data from over-privileged human and non-human identities. Sonrai provides a single pane of glass built on an analytic platform that protects organizations by leveraging CSPM, CIEM, and cloud DLP at the confidence level required by your environment. Learn more about Sonrai Cloud Security at www.sonrai.com All links and the video of this episode can be found on CISO Series.com

New Windows security updates break network printing Bitdefender releases decryptor as REvil shows signs of return Biden announces joint deal with U.K. and Australia to counter China Thanks to our episode sponsor, Sonrai Are you a security expert who's afraid to admit you don't know what the heck is going on in your cloud? Relax. Public cloud security is overwhelming. Figuring out where to start, and what to do to track and improve your security posture, is the first step. Sonrai tracks everything in your cloud - sensitive data, identities, and platform configuration - and tells you what issues are most important, plus it measures improvement over time. Talk to Sonrai Security to learn more. For the stories behind the headlines, head to CISOseries.com

Travis CI security vulnerability is bad news for open source Ransomware accounts for a quarter of cyber insurance claims Microsoft goes passwordless Thanks to our episode sponsor, Sonrai Sonrai is changing Public Cloud Security by focusing on protecting data from over-privileged human and non-human identities. Sonrai provides a single pane of glass built on an analytic platform that protects organizations by leveraging CSPM, CIEM, and cloud DLP at the confidence level required by your environment. Learn more about Sonrai Cloud Security at www.sonrai.com

Apple issues urgent updates to fix new zero-day linked to Pegasus spyware Update Google Chrome to patch 2 new zero-day flaws under attack New Zloader attacks disable Windows Defender to evade detection Thanks to our episode sponsor, Sonrai Sonrai is gaelic for data - and that's what Sonrai Security is all about. Finding, classifying, and locking down sensitive data in AWS, Azure, or Google Cloud. Sonrai can see every identity's path to every piece of data - continuously. Learn more at sonraisecurity.com. For the stories behind the headlines, head to CISOseries.com.

SSID Stripping is a new take on spoofing Industrial control systems hammered by cyber attacks Olympus has fallen...to ransomware Thanks to our episode sponsor, Sonrai Are you a security expert who's afraid to admit you don't know what the heck is going on in your cloud? Relax. Public cloud security is overwhelming. Figuring out where to start, and what to do to track and improve your security posture, is the first step. Sonrai tracks everything in your cloud - sensitive data, identities, and platform configuration - and tells you what issues are most important, plus it measures improvement over time. Talk to Sonrai Security to learn more.

Windows MSHTML zero-day exploits shared on hacking forums REvil ransomware operators targeting new victims Yandex pummeled by Meris DDoS botnet Thanks to our episode sponsor, Sonrai Are you a security expert who's afraid to admit you don't know what the heck is going on in your cloud? Relax. Public cloud security is overwhelming. Figuring out where to start, and what to do to track and improve your security posture, is the first step. Sonrai tracks everything in your cloud - sensitive data, identities, and platform configuration - and tells you what issues are most important, plus it measures improvement over time. Talk to Sonrai Security to learn more. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Sep 6-10, 2021, is hosted by Rich Stroffolino with our guest, Matt Crouse, CISO, Taco Bell Thanks to our episode sponsor, Semperis One thing we've learned from attacks like SolarWinds: Cybercriminals can lurk in your Active Directory environment for weeks or months before dropping malware. How do you root them out? First, you need to uncover security gaps in Active Directory that can lead to a breach. Download Purple Knight, a free security assessment tool from Semperis that scans your environment for pre-attack and post-attack indicators of exposure and compromise. Check it out at Purple-Knight.com. All links and the video of this episode can be found on CISO Series.com

US considers limiting CISA director's term 'Azurescape' Kubernetes attack allows cross-container cloud compromise Hackers leak VPN account passwords from 87,000 FortiGate devices Thanks to our episode sponsor, Semperis One thing we've learned from attacks like SolarWinds: Cybercriminals can lurk in your Active Directory environment for weeks or months before dropping malware. How do you root them out? First, you need to uncover security gaps in Active Directory that can lead to a breach. Download Purple Knight, a free security assessment tool from Semperis that scans your environment for pre-attack and post-attack indicators of exposure and compromise. Check it out at Purple-Knight.com. For the stories behind the headlines, head to CISOseries.com

Brad Smith relives early days of the SolarWinds attack Internet Explorer zero-days are still something to worry about German police bought NSO Pegasus spyware Thanks to our episode sponsor, Semperis Have you fixed PrintNightmare yet? Ransomware groups including Vice Society are already exploiting this critical flaw in the Windows Print Spooler service. But you can fight back: Download Purple Knight, a free Active Directory security assessment tool that scans your environment for PrintNightmare and more than 70 other attack indicators. To download your free tool, go to Purple-Knight.com.

Ransomware gang threatens to leak data if victim contacts FBI, police Personal details of French visa applicants exposed by cyber-attack Brazil President Bolsonaro restricts powers of social media companies to remove accounts and content Thanks to our episode sponsor, Semperis It's no secret that Active Directory is a prime target for cybercriminals: AD is more than 20 years old, and security settings can get sloppy over time. If you haven't checked your Active Directory environment for risky settings, you might be in for a surprise. To find and fix security gaps, download Purple Knight, a free security assessment tool from Semperis that checks for 70-plus indicators of exposure and compromise. Go to Purple-Knight.com. For the stories behind the headlines, head to CISOseries.com.

ProtonMail shares user IP address with law enforcement IoT attacks double in six months Study looks at criteria for ransomware targeting Thanks to our episode sponsor, Semperis How would your organization score in an Active Directory security assessment? The average grade for first-time users of Purple Knight, a free security assessment tool from Semperis, is about 68%—a barely passing grade. Security and identity managers are shocked at the security gaps this tool has uncovered. But with knowledge comes power. Download Purple Knight so you can find and fix Active Directory security problems. Check it out at Purple-Knight.com.

Cyber Command urges patching of massively exploited Confluence bug DDoS hits New Zealand – back up again in 30 minutes Salesforce email service used for phishing campaign Thanks to our episode sponsor, Semperis Do you know your Active Directory security vulnerabilities? Cybercriminals love to exploit Active Directory: It has dozens of security gaps because of misconfigurations and new sophisticated hacking tools. But hang on, help is on the way: Download Purple Knight, a free Active Directory security assessment tool from Semperis that scans your environment for 70-plus indicators of exposure and compromise. Check it out at Purple-Knight.com. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Aug 30-Sep 3, 2021, is hosted by Steve Prentice with our guest, Marnie Wilking, Global Head of Security & Technology Risk Management, Wayfair Thanks to our episode sponsor, Semperis All links and the video of this episode can be found on CISO Series.com

WhatsApp faces $267M fine for breaching Europe's GDPR UK VoIP telcos disrupted by cyberattacks White House doubles down on holiday cyberattack warnings Thanks to our episode sponsor, Semperis One thing we've learned from attacks like SolarWinds: Cybercriminals can lurk in your Active Directory environment for weeks or months before dropping malware. How do you root them out? First, you need to uncover security gaps in Active Directory that can lead to a breach. Download Purple Knight, a free security assessment tool from Semperis that scans your environment for pre-attack and post-attack indicators of exposure and compromise. Check it out at Purple-Knight.com. For the stories behind the headlines, head to CISOseries.com

BrakTooth bites major SoC vendors The cost of ransomware to schools Posts surrounding January 6th disappear from Facebook data Thanks to our episode sponsor, Semperis Have you fixed PrintNightmare yet? Ransomware groups including Vice Society are already exploiting this critical flaw in the Windows Print Spooler service. But you can fight back: Download Purple Knight, a free Active Directory security assessment tool that scans your environment for PrintNightmare and more than 70 other attack indicators. To download your free tool, go to Purple-Knight.com.

QNAP announces OpenSSL bugs fallout Cyberattackers are now quietly selling off their victim's internet bandwidth Indonesian government's Covid-19 app accidentally exposes over 1 million people Thanks to our episode sponsor, Semperis It's no secret that Active Directory is a prime target for cybercriminals: AD is more than 20 years old, and security settings can get sloppy over time. If you haven't checked your Active Directory environment for risky settings, you might be in for a surprise. To find and fix security gaps, download Purple Knight, a free security assessment tool from Semperis that checks for 70-plus indicators of exposure and compromise. Go to Purple-Knight.com. For the stories behind the headlines, head to CISOseries.com.

Manual Windows 11 installs might not get updates LockBit to publish Bangkok Air customer data Intermittent encryption hopes to make ransomware worse Thanks to our episode sponsor, Semperis How would your organization score in an Active Directory security assessment? The average grade for first-time users of Purple Knight, a free security assessment tool from Semperis, is about 68%—a barely passing grade. Security and identity managers are shocked at the security gaps this tool has uncovered. But with knowledge comes power. Download Purple Knight so you can find and fix Active Directory security problems. Check it out at Purple-Knight.com.

"Worst cloud vulnerability you can imagine" discovered in Microsoft Azure Work from home increased worldwide phishing attacks T-Mobile hacker brute-forced his way through the network Thanks to our episode sponsor, Semperis Do you know your Active Directory security vulnerabilities? Cybercriminals love to exploit Active Directory: It has dozens of security gaps because of misconfigurations and new sophisticated hacking tools. But hang on, help is on the way: Download Purple Knight, a free Active Directory security assessment tool from Semperis that scans your environment for 70-plus indicators of exposure and compromise. Check it out at Purple-Knight.com. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, August 23-27, 2021, is hosted by Steve Prentice with our guest, Edward Contreras, (@CISOEdwardC)CISO, Frost Bank Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will enter in random variables. Should the merchant ever get hacked, the fraudsters will never have access to your real information. Privacy Cards are also great for monitoring subscriptions and signing up for free trials where a card number is required. Simply close cards whenever you want to ensure you're never charged without your consent. Sign up for free today at privacy.com/ciso. New users will instantly receive a $5 credit, to be used for any online purchase you make! All links and the video of this episode can be found on CISO Series.com

21-year-old claims responsibility for massive T-Mobile hack Microsoft and Google to invest billions to bolster US cybersecurity Ragnarok ransomware releases master decryptor after shutdown Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will enter in random variables. Should the merchant ever get hacked, the fraudsters will never have access to your real information. Privacy Cards are also great for monitoring subscriptions and signing up for free trials where a card number is required. Simply close cards whenever you want to ensure you're never charged without your consent. Sign up for free today at privacy.com/ciso. New users will instantly receive a $5 credit, to be used for any online purchase you make! For the stories behind the headlines, head to CISOseries.com

Most government agencies use facial recognition Botnet scans for vulnerabilities in Realtek chipsets Does cyber insurance make ransomware worse? Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will enter in random variables. Should the merchant ever get hacked, the fraudsters will never have access to your real information. Privacy Cards are also great for monitoring subscriptions and signing up for free trials where a card number is required. Simply close cards whenever you want to ensure you're never charged without your consent. Sign up for free today at privacy.com/ciso. New users will instantly receive a $5 credit, to be used for any online purchase you make!

Modded WhatsApp delivers Triada trojan Bahraini activists targeted with new iOS zero-click exploit New CISA director wants to spend less time cleaning up after big hacks, more time preparing for them Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will enter in random variables. Should the merchant ever get hacked, the fraudsters will never have access to your real information. Privacy Cards are also great for monitoring subscriptions and signing up for free trials where a card number is required. Simply close cards whenever you want to ensure you're never charged without your consent. Sign up for free today at privacy.com/ciso. New users will instantly receive a $5 credit, to be used for any online purchase you make! For the stories behind the headlines, head to CISOseries.com.

Apple started scanning for CSAM in 2019 Power Apps had leaky APIs Razer mice squeak past user privileges Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will enter in random variables. Should the merchant ever get hacked, the fraudsters will never have access to your real information. Privacy Cards are also great for monitoring subscriptions and signing up for free trials where a card number is required. Simply close cards whenever you want to ensure you're never charged without your consent. Sign up for free today at privacy.com/ciso. New users will instantly receive a $5 credit, to be used for any online purchase you make!

Microsoft Exchange under attack with ProxyShell flaws Australians hit by 'Flubot' malware that arrives by text message Cyberattack hits State Department Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will enter in random variables. Should the merchant ever get hacked, the fraudsters will never have access to your real information. Privacy Cards are also great for monitoring subscriptions and signing up for free trials where a card number is required. Simply close cards whenever you want to ensure you're never charged without your consent. Sign up for free today at privacy.com/ciso. New users will instantly receive a $5 credit, to be used for any online purchase you make! For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, August 16-20, 2021, is hosted by Rich Stroffolino with our guest, Will Gregorian, Head of Security and Technical Operations, Rhino Thanks to our episode sponsor, Copado The traditional development lifecycle is a game of tradeoffs. You either deploy at blazing speed and put yourself at risk of bugs and breaches — or you shore up your security and release software at a snail's pace. But with Copado DevOps, you get the best of both worlds. Leverage Copado's low-code DevOps platform to drive 94% fewer production bugs, 95% faster releases and an average ROI of 307%. To get a free demo, visit Copado.com. All links and the video of this episode can be found on CISO Series.com

Liquid cryptocurrency exchange loses $94 million following hack New unofficial Windows patch fixes more PetitPotam attack vectors New York man sentenced to prison for stealing students' nude photos after hacking their accounts Thanks to our episode sponsor, Copado The traditional development lifecycle is a game of tradeoffs. You either deploy at blazing speed and put yourself at risk of bugs and breaches — or you shore up your security and release software at a snail's pace. But with Copado DevOps, you get the best of both worlds. Leverage Copado's low-code DevOps platform to drive 94% fewer production bugs, 95% faster releases and an average ROI of 307%. To get a free demo, visit Copado.com. For the stories behind the headlines, head to CISOseries.com

T-Mobile says hackers stole records belonging to 48.6 million individuals OIG issues report on US Census Bureau breach Operator of the Helix bitcoin mixer pleads guilty to money laundering Thanks to our episode sponsor, Copado DevOps is the biggest revolution since the cloud. And Copado happens to be the #1 native DevOps solution for Salesforce and SaaS. So say goodbye to tedious deployments, disconnected teams and security risks. Copado provides visibility over your entire lifecycle and empowers your developers to release software 5 times faster. Want to experience the Copado effect? Get a demo at Copado.com For the stories behind the headlines, head to CISOseries.com

Chase bank accidentally leaked customer info to other customers Kalay cloud platform flaw exposes millions of IoT devices Data sovereignty laws place new burdens on CISOs Thanks to our episode sponsor, Copado It's no secret — software risk has never been higher. In fact, 4 in 5 technology leaders lack confidence in their organizatons' ability to combat cybercrime. Ultimately, your business is only as secure as the software that drives it. That's why Copado's DevOps solution includes built-in security and compliance guardrails to help you derisk your cloud and ramp up software releases. To get a free demo, visit Copado.com. For the stories behind the headlines, head to CISOseries.com.

Terrorist watchlist exposed online DHS considering using private companies to scan social media Reportedly leaked T-Mobile data for sale online Thanks to our episode sponsor, Copado Implementing Salesforce is like buying a private jet. While you could drive it around your neighborhood, wouldn't you rather learn how to fly it into the clouds? Enter Copado — the #1 Native DevOps Solution for Salesforce. Copado unites pro-code and low-code developers on the same platform to unlock visibility, traceability and security from end to end. Want to take Copado for a test drive? Get your demo at Copado.com

Ford bug exposed customer and employee records from internal systems Huawei accused in suit of installing data 'back door' in Pakistan project Threat actors turning to RDDoS attacks as a new ransom vector Thanks to our episode sponsor, Copado The traditional development lifecycle is a game of tradeoffs. You either deploy at blazing speed and put yourself at risk of bugs and breaches — or you shore up your security and release software at a snail's pace. But with Copado DevOps, you get the best of both worlds. Leverage Copado's low-code DevOps platform to drive 94% fewer production bugs, 95% faster releases and an average ROI of 307%. To get a free demo, visit Copado.com. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, August 9-13, 2021, is hosted by Rich Stroffolino with our guest, Ben Sapiro, CISO, Canada Life Thanks to our episode sponsor, Sotero All links and the video of this episode can be found on CISO Series.com

Another unpatched PrintNightmare zero-day PrintNightmare vulnerability weaponized by ransomware gang Notorious darknet market comes back to life Thanks to our episode sponsor, Sotero It's a new CISO security brief that helps you cut through all the vendor noise and zero in on the best data security solution for your requirements. It includes info on data security technology advances, tips to help you meet your security requirements, and new rapid development capabilities so your development team can implement security features much, much faster. To get the brief, just go to soterosoft.com and click the link at the top of the page. For the stories behind the headlines, head to CISOseries.com

China signals tech crackdown will deepen Poly Network hacker has a change of heart PrintNightmare finally patched for good Thanks to our episode sponsor, Sotero It's a new CISO security brief that helps you cut through all the vendor noise and zero in on the best data security solution for your requirements. It includes info on data security technology advances, tips to help you meet your security requirements, and new rapid development capabilities so your development team can implement security features much, much faster. To get the brief, just go to soterosoft.com and click the link at the top of the page.

eCh0raix ransomware now targets both QNAP and Synology NAS devices At Least 30,000 internet-exposed exchange servers vulnerable to Proxyshell attacks US Senate sends infrastructure bill to House Thanks to our episode sponsor, Sotero It's a new CISO security brief that helps you cut through all the vendor noise and zero in on the best data security solution for your requirements. It includes info on data security technology advances, tips to help you meet your security requirements, and new rapid development capabilities so your development team can implement security features much, much faster. To get the brief, just go to soterosoft.com and click the link at the top of the page. For the stories behind the headlines, head to CISOseries.com.

Ransomware demands surge in 2021 Flaw found in IOT random number generators Apple says nation states cannot add to CSAM scanning lists Thanks to our episode sponsor, Sotero It's a new CISO security brief that helps you cut through all the vendor noise and zero in on the best data security solution for your requirements. It includes info on data security technology advances, tips to help you meet your security requirements, and new rapid development capabilities so your development team can implement security features much, much faster. To get the brief, just go to soterosoft.com and click the link at the top of the page.

Actively exploited bug bypasses authentication on millions of routers A zero-day RCE in Cisco ADSM has yet to be fixed Password of three random words better than complex variation, experts say Thanks to our episode sponsor, Sotero It's a new CISO security brief that helps you cut through all the vendor noise and zero in on the best data security solution for your requirements. It includes info on data security technology advances, tips to help you meet your security requirements, and new rapid development capabilities so your development team can implement security features much, much faster. To get the brief, just go to soterosoft.com and click the link at the top of the page. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, August 2-6, 2021, is hosted by Rich Stroffolino with our guest, Sandy Dunn, Blue Cross of Idaho Thanks to our episode sponsor, PlexTrac All links and the video of this episode can be found on CISO Series.com

US partners with Amazon, Google, and Microsoft to help fight cyber threats Conti ransomware gang falls victim to insider data leak Microsoft announces new 'Super Duper' browser security feature Thanks to our episode sponsor, PlexTrac PlexTrac is the Purple Teaming Platform. Use the Runbooks Module to facilitate your tabletop exercises, red team engagements, breach and attack simulations, adversary emulation, and pentest automation to improve communication and collaboration. PlexTrac provides the platform to measure real progress and demonstrate real results. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! For the stories behind the headlines, head to CISOseries.com

Google and Amazon patch DNS-as-a-Service bugs Asian telcos hit by separate Chinese cyber attacks US government struggles against the cyber security skills shortage Thanks to our episode sponsor, PlexTrac Level up your team's capabilities with PlexTrac. Regardless of size, resources, or maturity, every team can take steps to improve defenses against imminent threats like ransomware. PlexTrac is the perfect platform to make the most proactive engagements by tracking tactics, visualizing metrics, supporting communication, and measuring remediation. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs!

Federal agencies are failing to protect sensitive data, Senate report finds Spear phishing attackers increasingly targeting non-C-suite employees All apps on Google Play Store will need privacy policy by next April Thanks to our episode sponsor, PlexTrac PlexTrac is the solution to deal with your data. Aggregate findings from all assessments to produce the analytics needed to make informed decisions. Produce data visualizations and add them to reports with one click to communicate effectively to leadership. PlexTrac is the premier product for security data management. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! For the stories behind the headlines, head to CISOseries.com.

APT targeting Microsoft IIS servers Pegasus spyware confirmed on journalist phones Someone is spoofing military ship locations Thanks to our episode sponsor, PlexTrac Gain a real-time view of security posture with PlexTrac by consolidating scanner findings, assessments, and bug bounty tools. Visualize your posture in the Analytics Module to quickly assess and prioritize, creating a more effective workflow. Robust filtering allows for effortless options in viewing and communicating your data. Track your signal through the noise with PlexTrac. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs!

BlackMatter ransomware gang rises from the ashes of DarkSide, REvil Remote print server gives anyone Windows admin privileges on a PC Justice Department says Russians hacked federal prosecutors Thanks to our episode sponsor, PlexTrac PlexTrac is a powerful, yet simple, cybersecurity platform that centralizes all security assessments, pentest reports, audit findings, and vulnerabilities. PlexTrac transforms the risk management lifecycle, allowing security professionals to generate better reports faster, aggregate and visualize analytics, and collaborate on remediation in real-time. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! For the stories behind the headlines, head to CISOseries.com.

Biden warns that severe cyberattacks could escalate to an actual war New ransomware gangs emerge on cybercrime forums New Android malware uses VNC to spy and steal victim passwords Thanks to our episode sponsor, Varonis We all know devasting ransomware goes beyond the endpoint. Big game ransomware defense for your cloud and on-prem data is on everyone's mind. Varonis can help ease your worries with a free ransomware preparedness assessment. Visit varonis.com/risk for more information. For the stories behind the headlines, head to CISOseries.com

Link to Blog Post This week's Cyber Security Headlines – Week in Review, July 26-30, 2021, is hosted by Rich Stroffolino with our guest, Robb Reck (@robbreck), founder and host, Colorado = Cybersecurity Thanks to our sponsor, Varonis What is your ransomware blast radius? The average employee can access 17 million files they don't need, and only a handful live on their laptop. Protect your data from the inside out and detect early signs of ransomware – automatically with Varonis. Visit varonis.com/risk All links and the video of this episode can be found on CISO Series.com