Cybersecurity Headlines

Security conferences set for in-person return Apple approves Parler's return to the App Store Geico exposed driver's license numbers for months Thanks to our episode sponsor, Palo Alto Networks In 1666, Sir Isaac Newton famously used a prism to disperse white light into colors. Today, cloud security professionals use Prisma Cloud from Palo Alto Networks to disperse full lifecycle security and full stack protection across their multi- and hybrid-cloud environments. We think Sir Isaac would approve. Learn more about Prisma Cloud at paltoaltonetworks.com/Prisma

Codecov discloses 2.5-month-long supply chain attack BazarLoader malware aims at Slack and BaseCamp users Windows 10 update causing DNS and shared folder issues Thanks to our episode sponsor, Palo Alto Networks Ralph Waldo Emerson famously wrote that "It's not the destination, it's the journey." For your cloud security journey, you need a reliable partner. On April 27th, Prisma Cloud by Palo Alto Networks will be hosting Spectrum, a virtual event with sessions to help you create a comprehensive cloud security strategy. Learn more at go.paloaltonetworks.com/spectrum For the stories behind the headlines, head to CISOseries.com.

US pins SolarWinds attack on Cozy Bear, boots 10 Russian diplomats Second Google Chromium zero-day released on Twitter this week Google rolls out Chrome 90 with HTTPS by default Thanks to our episode sponsor, Sonatype With security concerns around software supply chains ushered to center stage in recent months, organizations around the world are turning to Sonatype as trusted advisors. The company's Nexus platform offers the only full-spectrum control of the cloud-native software development lifecycle including third-party open source code, first-party source code, infrastructure as code, and containerized code.

Link to Blog Post https://cisoseries.com/cyber-security-headlines-week-in-review-april-12-16-2021 This week's Cyber Security Headlines - Week in Review, April 12-16, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Davi Ottenheimer, vp, trust and digital ethics, Inrupt. Thanks to our episode sponsor, Sonatype With security concerns around software supply chains ushered to center stage in recent months, organizations around the world are turning to Sonatype as trusted advisors. The company's Nexus platform offers the only full-spectrum control of the cloud-native software development lifecycle including third-party open source code, first-party source code, infrastructure as code, and containerized code. All links and the video of this episode can be found on CISO Series.com

FBI patches Exchange server backdoors IcedID looks to fill the Emotet malware void Draft plan to improve US power grid security Thanks to our episode sponsor, Sonatype Ask any software developer, and they'll tell you the truth about two things: 1. Conventional code analysis and appsec tools are noisy and not well integrated into the dev workflow. 2: Tools that don't actually make life easier for them just add friction and are ignored. Rather than slowing devs down with process-heavy security gates or circuitous quality alerts, Sonatype believes developers are better served by gentle, timely, and effective nudges that actually help them improve the quality, and security of the applications they are building.

Chrome Zero-Day exploit posted on Twitter April Patch Tuesday patches 114 bugs including NSA's two at 9.8 severity Cyberattacks are the number-one threat to the global financial system, Fed chair says Thanks to our episode sponsor, Sonatype With security concerns around software supply chains ushered to center stage in recent months, organizations around the world are turning to Sonatype as trusted advisors. The company's Nexus platform offers the only full-spectrum control of the cloud-native software development lifecycle including third-party open source code, first-party source code, infrastructure as code, and containerized code. For the stories behind the headlines, head to CISOseries.com.

Nvidia announces AI-powered tools for cybersecurity Biden announces nominations for cybersecurity positions Apple updates chip security mid-production Thanks to our episode sponsor, Sonatype Ask any software developer, and they'll tell you the truth about two things: 1. Conventional code analysis and appsec tools are noisy and not well integrated into the dev workflow. 2: Tools that don't actually make life easier for them just add friction and are ignored. Rather than slowing devs down with process-heavy security gates or circuitous quality alerts, Sonatype believes developers are better served by gentle, timely, and effective nudges that actually help them improve the quality, and security of the applications they are building.

Israel carries out cyberattack on Iran nuclear facility Joker malware infects over 500,000 Huawei Android devices Critical cloud bug in VMWare Carbon Black allows takeover Thanks to our episode sponsor, Sonatype With security concerns around software supply chains ushered to center stage in recent months, organizations around the world are turning to Sonatype as trusted advisors. The company's Nexus platform offers the only full-spectrum control of the cloud-native software development lifecycle including third-party open source code, first-party source code, infrastructure as code, and containerized code. For the stories behind the headlines, head to CISOseries.com.

Office 365 phishing hides behind HTML that stacks up like Legos Tech support scammers sending fake antivirus subscription bills PHP user database leaked in recent Git server attack Thanks to our episode sponsor, Sotero Okay, here's a story that'll warm your heart. A pharmaceutical company was having a really hard time making sensitive data available to downstream systems. Due to their security requirements, they were forced to transfer the data manually, which delayed the data's availability by an entire month. Guess what they did? They turned to our sponsor – Sotero – to keep the data encrypted as the data is sent to downstream systems. And here's the best part . . . With the data secure while in motion, they shortened the data transfer time from a month to a few hours. Amazing! I encourage you to check out Sotero at them Soterosoft.com.

Link to Blog Post This week's Cyber Security Headlines - Week in Review, April 5-9, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Justin Berman, former CISO, Dropbox Thanks to our episode sponsor, Sotero All this week we have been excited to welcome our new sponsor – Sotero. We have told you about their encryption solutions that keep data encrypted while the data is in use and in motion. This is the breakthrough that many of us have been waiting for. Well, Sotero has just uploaded to our site a technical whitepaper that takes a deep dive into this new encryption technology. You can find it on our homepage, about halfway down. You can also learn more about this new encryption technology at Soterosoft dot com. All links and the video of this episode can be found on CISO Series.com

Slack and Discord file sharing used to spread malware Facebook comments on recent user data leak Cring ransomware hits unpatched VPNs Thanks to our episode sponsor, Sotero What could your business do if it could keep data encrypted while the data is in motion or in use? Well, a lot of companies have the answer because they're using a new encryption technology from Sotero. Sotero's data encryption solutions keep data encrypted while the data is in use and in motion. These companies are using Sotero to attract new customers and drive new revenue streams. You really want to check this company out at Sotero.com.

European Union institutions targeted in a cyber-attack LinkedIn spearphishing campaign uses custom decoy job offers Ransomware attacks increased by 485% in 2020 over 2019 Thanks to our episode sponsor, Sotero I'm wondering if any of you have had a chance to check out the new data encryption technology from Sotero. Their solutions let you keep data encrypted while the data is in use and in motion. A lot of companies are using Sotero to speed up data analysis, store data in the cloud without giving up the encryption key, and to build in use and in motion encryption into their own platforms. I encourage you to check them out at Sotero.com. For the stories behind the headlines, head to CISOseries.com.

Supreme Court rules in Google's favor on Java API case Firmware malware on the rise APTs exploiting vulnerabilities in FortiOS Thanks to our episode sponsor, Sotero In yesterday's Cybersecurity Headlines episode, we told you about an exciting encryption technology from a company called Sotero. They offer data security solutions that encrypt data while the data is in use and in motion. For those of you whose businesses have been held back by the risks of sharing data or storing data in the cloud, you'll want to check them out at Soterosoft.com.

533 million Facebook users have personal data leaked online Sierra Wireless resumes production after ransomware attack Malware attack is preventing car inspections in eight US states Thanks to our episode sponsor, Sotero This is a hot data security company with solutions that encrypt data while the data is in motion and in use. This is the breakthrough that everyone's been waiting for. By keeping data encrypted in use and in motion, companies are deploying data in the cloud and to 3rd-party partners and systems with complete confidence. Check them out at Soterosoft.com. For the stories behind the headlines, head to CISOseries.com.

$3 will get you private webcam feeds sold as home video tapes Ubiquiti attacker tried to extort us, company confirms Crooks offer $500 for work logins, $25/month if they stay valid Thanks to our episode sponsor, Remediant Former Incident Response practitioners Tim Keeler and Paul Lanzi founded Remediant, a leader in Privileged Access Management. They did it to solve the one problem they saw repeatedly - standing administrator privileges. Repeatedly, they saw these rights weaponized by adversaries to deploy ransomware and move laterally across a network. Remediant uniquely addresses the challenge of standing privilege and be a force multiplier to Security programs worldwide. To learn more about Tim & Paul's story, watch the video at remediant.com.

Link to Blog Post https://cisoseries.com/cyber-security-headlines-week-in-review-march-29-april-2-2021/ Thanks to our episode sponsor, Remediant Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management, one that a Fortune 100 company calls "the world's best protection against major incidents." Remediant uniquely: Deploys and inventories thousands of privileged accounts in hours Locks down lateral movement & ransomware spread by removing standing privilege with a single action Administer privileges just-in-time with MFA To learn more, visit remediant.com All links and the video of this episode can be found on CISO Series.com

North Korean hackers targeting security researchers Report details data sent from mobile operating systems Does CISA have the resources to succeed? Thanks to our episode sponsor, Remediant Did you know the average large enterprise workstation has 480 admins with 24x7 access to it? This access is called standing privilege and is an adversary's favorite tool and a security team's biggest undiscovered risk. Precision PAM leader Remediant addresses this risk by providing just enough access just in time, eliminating standing privilege with continuous scanning and agentless, vaultless simplicity. To learn more, visit remediant.com

Intel sued under wiretapping laws for tracking user activity on its website Whistleblower: Ubiquiti breach "catastrophic" Gibberish tweet from US nuclear-agency was from unattended child Thanks to our episode sponsor, Remediant Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management and a Fortune 100 company calls "the world's best protection against major incidents." Remediant uniquely deploys & inventories thousands of privileged accounts in hours, locks down lateral movement & ransomware spread by removing standing privilege with a single action, and administers privileges just-in-time with MFA. To learn more, visit remediant.com For the stories behind the headlines, head to CISOseries.com

Emails from DHS officials obtained in SolarWinds hack Docker Hub images contain cryptominers Commits with backdoor pushed to PHP Thanks to our episode sponsor, Remediant Former Incident Response practitioners Tim Keeler and Paul Lanzi founded Remediant, a leader in Privileged Access Management. They did it to solve the one problem they saw repeatedly - standing administrator privileges. Repeatedly, they saw these rights weaponized by adversaries to deploy ransomware and move laterally across a network. Remediant uniquely addresses the challenge of standing privilege and be a force multiplier to Security programs worldwide. To learn more about Tim & Paul's story, watch the video at remediant.com.

Apple releases emergency update for iPhones, iPads, and Apple Watch Android system update may contain spyware Senators offer to let NSA hunt cyber actors inside the US Thanks to our episode sponsor, Remediant Did you know the average large enterprise workstation has 480 admins with 24x7 access to it? This access is called standing privilege and is an adversary's favorite tool and a security team's biggest undiscovered risk. Precision PAM leader Remediant addresses this risk by providing just enough access just in time, eliminating standing privilege with continuous scanning and agentless, vaultless simplicity. To learn more, visit remediant.com For the stories behind the headlines, head to CISOseries.com.

Fake COVID credentials flourish on the dark web Mamba ransomware gang abusing open source tools An analysis of COVID-19 vaccine websites Thanks to our episode sponsor, Trend Micro Threat actors want what you're storing in the cloud. Trend Micro's Cloud One platform provides cloud security from a single console, keeping you at your most resilient. Let what happens in the cloud, stay in the cloud.

Link to Blog Post https://cisoseries.com/cyber-security-headlines-week-in-review-march-22-26-2021/ This week's Cyber Security Headlines - Week in Review, March 22-26, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Will Lin (@williamlin), managing director & co-founder, ForgePoint Capital Thanks to our episode sponsor, Trend Micro Threat actors want what you're storing in the cloud. Trend Micro's Cloud One platform provides cloud security from a single console, keeping you at your most resilient. Let what happens in the cloud, stay in the cloud. All links and the video of this episode can be found on CISO Series.com

Voting information on millions of Israeli's leaked ahead of election Facebook disrupts Chinese group targeting Uyghur community Privacy and security issues with Slack's Connect DM rollout Thanks to our episode sponsor, Trend Micro Threat actors want what you're storing in the cloud. Trend Micro's Cloud One platform provides cloud security from a single console, keeping you at your most resilient. Let what happens in the cloud, stay in the cloud.

US government calls for better information sharing in wake of SolarWinds, Exchange attacks Hospitals hide pricing data from search results New Android zero-day vulnerability Is under active attack Thanks to our episode sponsor, Trend Micro Threat actors want what you're storing in the cloud. Trend Micro's Cloud One platform provides cloud security from a single console, keeping you at your most resilient. Let what happens in the cloud, stay in the cloud. For the stories behind the headlines, head to CISOseries.com.

SCOTUS: Facebook's still on the hook for nonconsensual user tracking Democrats prepare swarm of antitrust bills targeting Big Tech Microsoft Exchange servers flooded with ransomware Thanks to our episode sponsor, Trend Micro Threat actors want what you're storing in the cloud. Trend Micro's Cloud One platform provides cloud security from a single console, keeping you at your most resilient. Let what happens in the cloud, stay in the cloud.

REvil Ransomware gang demands $50 million from Acer Feds indict hacktivist behind Verkada surveillance camera breach SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests Thanks to our episode sponsor, Trend Micro Threat actors want what you're storing in the cloud. Trend Micro's Cloud One platform provides cloud security from a single console, keeping you at your most resilient. Let what happens in the cloud, stay in the cloud. For the stories behind the headlines, head to CISOseries.com.

Over $4.2 billion in cybercrime losses reported to FBI in 2020 Fake iPhone charger blows up in researcher's face Taxpayers attacked with Trojan-inflicting phishing campaign Thanks to our episode sponsor, Trend Micro The conversation between you and your board of directors is not always a walk in the park. With more cloud projects coming your way, it's time to change the conversation to speak their language and start paving the way for a secure future. For more, go to http://trendmicro.com/CISO

Link to Blog Post Cyber Security Headlines – Week in Review, March 15-19, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Jesse Whaley , CISO, Amtrak Thanks to our episode sponsor, Trend Micro The conversation between you and your board of directors is not always a walk in the park. With more cloud projects coming your way, it's time to change the conversation to speak their language and start paving the way for a secure future. For more, go to http://trendmicro.com/CISO All links and the video of this episode can be found on CISO Series.com

Telcos targeted by Chinese attackers Mimecast source code stolen by SolarWinds attackers Hiding data in Twitter images Thanks to our episode sponsor, Trend Micro The conversation between you and your board of directors is not always a walk in the park. With more cloud projects coming your way, it's time to change the conversation to speak their language and start paving the way for a secure future. For more, go to http://trendmicro.com/CISO

Microsoft shares one-click ProxyLogon mitigation tool for Exchange servers Microsoft Teams, Exchange and more went down for four hours on Monday Signal is down in China after 100 million reported downloads Thanks to our episode sponsor, Trend Micro The conversation between you and your board of directors is not always a walk in the park. With more cloud projects coming your way, it's time to change the conversation to speak their language and start paving the way for a secure future. For more, go to http://trendmicro.com/CISO For the stories behind the headlines, head to CISOseries.com.

Cyber criminals impacted by OVH data center fire Journalist hit with $16 SMS attack Hackers steal NFTs Thanks to our episode sponsor, Trend Micro The conversation between you and your board of directors is not always a walk in the park. With more cloud projects coming your way, it's time to change the conversation to speak their language and start paving the way for a secure future. For more, go to http://trendmicro.com/CISO

DearCry ransomware using ProxyLogon exploits Google faces suit over snooping on "Incognito" browsing Detecting deepfakes by analyzing light reflections in the eyes Thanks to our episode sponsor, Trend Micro The conversation between you and your board of directors is not always a walk in the park. With more cloud projects coming your way, it's time to change the conversation to speak their language and start paving the way for a secure future. For more, go to http://trendmicro.com/CISO For the stories behind the headlines, head to CISOseries.com

Raided phone network Sky ECC says no, police didn't break our encryption 'Even 20-year-old interns' could watch unsecured webcam feeds Russia blocks itself by mistake Thanks to our episode sponsor, Trend Micro With organizations rapidly migrating to the cloud, CISOs have new challenges to address. Trend Micro Cloud One™ is a connected SaaS platform comprised of six solutions that address all your cybersecurity needs from workloads, to file storage, containers and more. Empower your IT teams to do more with less with Trend Micro Cloud One. Visit us at Trendmicro.com for more info.

Link to Blog Post https://cisoseries.com/cyber-security-headlines-week-in-review-march-8-12 This week's Cyber Security Headlines - Week in Review, March 8-12, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Dan Walsh, CISO, VillageMD Thanks to our episode sponsor, Trend Micro With organizations rapidly migrating to the cloud, CISOs have new challenges to address. Trend Micro Cloud One(tm) is a connected SaaS platform comprised of six solutions that address all your cybersecurity needs from workloads, to file storage, containers and more. Empower your IT teams to do more with less with Trend Micro Cloud One. Visit us at Trendmicro.com for more info. All links and the video of this episode can be found on CISO Series.com

Cloud hosting data centers burn down New initiative hopes to secure the open source supply chain Dependency confusion attacks flourishing Thanks to our episode sponsor, Trend Micro With organizations rapidly migrating to the cloud, CISOs have new challenges to address. Trend Micro Cloud One™ is a connected SaaS platform comprised of six solutions that address all your cybersecurity needs from workloads, to file storage, containers and more. Empower your IT teams to do more with less with Trend Micro Cloud One. Visit us at Trendmicro.com for more info.

Microsoft March Patch Tuesday fixes 82 flaws, 2 zero-days Hackers access surveillance cameras at Tesla, Cloudflare, banks, more CISA urges people get serious about Exchange Server exploitation Thanks to our episode sponsor, Trend Micro With organizations rapidly migrating to the cloud, CISOs have new challenges to address. Trend Micro Cloud One™ is a connected SaaS platform comprised of six solutions that address all your cybersecurity needs from workloads, to file storage, containers and more. Empower your IT teams to do more with less with Trend Micro Cloud One. Visit us at Trendmicro.com for more info. For the stories behind the headlines, head to CISOseries.com

SUPERNOVA malware linked to threat actor Spiral Intel working on FHE silicon Gender disparity remains an issue in cyber security Thanks to our episode sponsor, Trend Micro With organizations rapidly migrating to the cloud, CISOs have new challenges to address. Trend Micro Cloud One™ is a connected SaaS platform comprised of six solutions that address all your cybersecurity needs from workloads, to file storage, containers and more. Empower your IT teams to do more with less with Trend Micro Cloud One. Visit us at Trendmicro.com for more info.

REvil ransomware gang uses extended voice calls to pressure victims New Microsoft tool checks Exchange Servers for ProxyLogon hacks Ongoing phishing attacks target US brokers with fake FINRA audits Thanks to our episode sponsor, Trend Micro With organizations rapidly migrating to the cloud, CISOs have new challenges to address. Trend Micro Cloud One™ is a connected SaaS platform comprised of six solutions that address all your cybersecurity needs from workloads, to file storage, containers and more. Empower your IT teams to do more with less with Trend Micro Cloud One. Visit us at Trendmicro.com for more info. For the stories behind the headlines, head to CISOseries.com.

Fake (right-wing) news does better than real news on Facebook Security firm Qualys says it was victimized in Accelion zero-day CISA issues emergency 'fix Exchange zero-days NOW!' directive Thanks to our episode sponsor, TrustMAPP The last audit firm that assessed your security compliance did the interviews, wrote a report, and then left. That's just half the job. Now you have to identify maturity gaps, cost out and prioritize remediations, and track improvement over time. That's where TrustMAPP comes in.

Link to Blog Post https://cisoseries.com/cyber-security-headlines-week-in-review-march-1-5-2021 This week's Cyber Security Headlines - Week in Review, March 1-5, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, John Overbaugh (@johnoverbaugh), vp, security, CareCentrix Thanks to our episode sponsor, TrustMAPP Maturity Assessment, Profile, and Plan Learn the MAPP methodology for managing security as a business. While the information security industry has undergone convulsive change, it is coalescing around maturity-based management of key business processes. The MAPP approach provides practical implementation of the maturity model. This paper describes a three-step maturity-centric approach—Maturity Assessment, a Profile, and a Plan (MAPP). An information security MAPP empowers the CISO to evaluate, track, report, and strategize the organization's security priorities. All links and the video of this episode can be found on CISO Series.com

Virginia's Consumer Data Protection Act signed into law Exchange Server zero-days exploited in the wild Facebook to lift political ad ban Thanks to our episode sponsor, TrustMAPP Does your board want to see yet more heat maps? No, they do not. They want to see that security investments align with business goals, and that their costs are objectively justified. TrustMAPP's data visualization helps you communicate with your board in a way they can understand – and approve.

Microsoft announces end-to-end encryption support for Teams, plus passwordless logins U.S. unprepared for AI competition with China, commission finds Tom Cruise deepfake videos rattle security experts Thanks to our episode sponsor, TrustMAPP Are you a vCISO? Building your practice and client base is hard enough – don't waste time building the tools you need to operate. TrustMAPP's turnkey SaaS platform gets you up and running quickly, so you can focus on your business. For the stories behind the headlines, head to CISOseries.com.

Gab user data leaked Biden administration to keep tech export ban rules Hackers give websites great SEO before installing malware Thanks to our episode sponsor, TrustMAPP First it was GDRP in the EU, then California's CCPA. Now Virginia is set to pass its own Consumer Data Protection Act. Are you ready? Get ready with TrustMAPP.

Ryuk ransomware now self-spreads to other Windows LAN devices Go malware sees 2000% increase, adopted by APTs and e-crime groups Former SolarWinds CEO blames intern for 'solarwinds123' password leak Thanks to our episode sponsor, TrustMAPP Attention defense contractors! Are you ready for CMMC? TrustMAPP addresses your CMMC and NIST 800-171 maturity and compliance assessments needs today, and automatically builds a roadmap to achieve your desired level of maturity posture. For more information, visit TrustMAPP.com For the stories behind the headlines, head to CISOseries.com.

Biden orders review of supply chain security China uses malicious Firefox Extension to spy on Tibetans Attackers scan for unpatched VMware servers after PoC exploit release Thanks to our episode sponsor, PlexTrac PlexTrac is the Purple Teaming Platform. Use the Runbooks Module to facilitate your tabletop exercises, red team engagements, breach and attack simulations, and pentest automation to improve communication and collaboration. PlexTrac upgrades your program's capabilities by making the most of every team member and tool. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs!

Link to Blog Post This week's Cyber Security Headlines – Week in Review, February 22-26, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Naomi Buckwalter (@ineedmorecyber), director of information security and IT, Beam Technologies Please join us live every Thursday at 4pm PT/7pm ET by registering for the open discussion. Thanks to our episode sponsor, PlexTrac PlexTrac is the solution to deal with your data. Aggregate findings from all assessments to produce the analytics needed to make informed decisions. Produce data visualizations and add them to reports with one click to communicate effectively to leadership. PlexTrac is the premier product for security data management. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! All links and the video of this episode can be found on CISO Series.com

Microsoft and FireEye push for breach reporting rules US Federal Reserve hit with massive IT outage Path cleared for California's net neutrality law Thanks to our episode sponsor, PlexTrac Solve your talent shortage with PlexTrac. Use PlexTrac to automate security tasks and workflows to keep your red, blue, and purple teams focused on the real security work. Gain precious time back in your team's day and improve their morale by making them more effective with PlexTrac. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs!

Most firms now fear nation state attack Firefox 86 gets privacy boost with Total Cookie Protection Shadow attacks let attackers replace content in digitally signed PDFs Thanks to our episode sponsor, PlexTrac PlexTrac is the solution to deal with your data. Aggregate findings from all assessments to produce the analytics needed to make informed decisions. Produce data visualizations and add them to reports with one click to communicate effectively to leadership. PlexTrac is the premier product for security data management. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! For the stories behind the headlines, head to CISOseries.com.

SHAREit fixes security holes Organizations feel the impact of the Accellion exploit China spyware cribs the NSA Thanks to our episode sponsor, PlexTrac Gain a real-time view of security posture with PlexTrac by consolidating scanner findings, assessments, and bug bounty tools. Visualize your posture in the Analytics Module to quickly assess and prioritize, creating a more effective workflow. Map risks to the MITRE ATT&CK framework to create a living risk register. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs!

Silver Sparrow malware found on 30,000 Macs has security pros stumped SolarWinds hackers stole source code for Microsoft Azure, Exchange, Intune New hack lets attackers bypass MasterCard PIN by using it as Visa card Thanks to our episode sponsor, PlexTrac PlexTrac is a powerful, yet simple, cybersecurity platform that centralizes all security assessments, pentest reports, audit findings, and vulnerabilities. PlexTrac transforms the risk management lifecycle, allowing security professionals to generate better reports faster, aggregate and visualize analytics, and collaborate on remediation in real-time. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! For the stories behind the headlines, head to CISOseries.com.