Cybersecurity Headlines

NYC mayoral inauguration bans Flipper Zero and Raspberry Pi devices Crypto must now share account details with UK tax officials Finland seizes suspected cable sabotage ship Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. Find the stories behind the headlines at CISOseries.com.

Hackers drain millions from Unleash Protocol DarkSpectre campaigns exposed Shai-Hulud attack led Trust Wallet heist Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 atztw.com.

Silver Fox targets Indian users Mustang Panda deploys ToneShell Will prompt injection ever be 'solved'? Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 atztw.com.

Coupang recovers laptop allegedly thrown into river Trust Wallet reports 2k+ wallets drained Sax discloses 2024 data breach Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 atztw.com.

Link to episode page To end off a tumultuous year, our final Department of Know episode of 2025 features a chat between host Rich Stroffolino and producer Steve Prentice. Join them as they chat about the biggest stories of 2025, the trends we are seeing, and what we can expect in the new year. Thanks to our show sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. All links and the video of this episode can be found on CISO Series.com

Rainbow Six Siege suffers breach, gamers go shopping Diesel generators and aircraft engines in high demand to power AI LastPass 2022 breach reverberates through crypto world Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. Find the stories behind the headlines at CISOseries.com.

Active exploitation of Fortinet VPN bypass utility observed Google possibly allowing users to change default gmail address June Aflac attack resulted in data theft Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. Find the stories behind the headlines at CISOseries.com

Coordinated scams target MENA region Pen Test Partners accused of 'blackmail' Hackers steal record $2.7B in crypto in 2025 Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

ServiceNow to acquire cybersecurity startup Armis MacSync Stealer adopts quieter installation Nissan customer data stolen in Red Hat raid Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

Spotify music library scraped DDoS disrupts France's postal and banking services Fake delivery websites hit holiday shoppers Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Jason Taule, CISO, Luminis Health, and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. All links and the video of this episode can be found on CISO Series.com

President signs defense bill funding Cyber Command, Pentagon phone security Iranian APT Infy resurfaces with new malware Massive Android botnet Kimwolf launches DDoS attack Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. Find the stories behind the headlines at CISOseries.com.

Recent Windows updates break RemoteApp connections France arrests threat actors for installing malware on Italian ferry Senate Intel chair urges safeguard against open-source software threats Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Security training fails when it's generic. Adaptive's platform personalizes training and runs deepfake simulations across email, SMS, voice, and video. And with Adaptive's AI Content Creator, you can drop in a breaking threat or compliance doc and instantly turn it into interactive, multilingual training – no designers, no delays. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.

FTC orders crypto to pay New exploit of React2Shell Ukraine-based fraud ring taken down Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. In deepfake scams, the tells aren't glitchy video anymore – it's behavior: "Do this right now," or "keep it secret." If you hear urgency and secrecy together, stop and verify through a second channel. Call a known number, start a chat thread, or ask something only the real person would know. Adaptive trains teams against exactly these tactics. Learn more at adaptivesecurity.com.

Rogue NuGet package steals data Venezuela's PDVSA suffers attack Patched Fortinet flaws exploited Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Picture a "new hire" who interviews well… except they're synthetic: AI video, AI voice, AI backstory. Once they're in, they go after payroll, internal docs, and access. That's the new reality: the attack surface is trust itself. Adaptive fights back with realistic deepfake simulations and training that actually sticks. Learn more at adaptivesecurity.com.

US turns to private firms in cyber offensive Microsoft updates cause queuing failures Phishing campaign delivers Phantom stealer Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Attackers don't need malware anymore; they need trust. Tip: set a simple passphrase for high-risk actions, like wire requests or "urgent" account recovery – especially within finance teams and families. If the caller can't answer it, pause and verify. Adaptive runs deepfake and vishing simulations so employees practice this before it's real. Learn more at adaptivesecurity.com.

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Andy Ellis, Principal, Duha, and Johna Till Johnson, CEO and Founder, Nemertes Research Thanks to our show sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. AI is rewriting the cybersecurity rulebook, because attackers can now scale persuasion as easily as they scale code. The real target isn't just your systems anymore; it's human trust. If you aren't actively testing your organization against AI-driven phishing, vishing, and deepfakes, you're leaving a gap criminals will exploit. Adaptive runs realistic simulations and delivers tailored, engaging training so teams respond correctly when it counts. Learn more at adaptivesecurity.com. Learn more at adaptivesecurity.com. All links and the video of this episode can be found on CISO Series.com

16TB MongoDB database exposes nearly 4.3 billion professional records Apple posts updates after discovery of WebKit flaws Coupang data breach traced to ex-employee Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Deepfakes aren't science fiction anymore; they're a daily threat. Quick tip: if your voicemail greeting is your real voice, switch it to the default robot voice. A few seconds of audio can be enough to clone you. Adaptive helps teams spot and stop these AI-powered social engineering attacks. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.

'DroidLock' malware demands ransom Google fixes secret Chrome 0-day UK fines LastPass over 2022 breach Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Security training fails when it's generic. Adaptive's platform personalizes training and runs deepfake simulations across email, SMS, voice, and video. And with Adaptive's AI Content Creator, you can drop in a breaking threat or compliance doc and instantly turn it into interactive, multilingual training – no designers, no delays. Learn more at adaptivesecurity.com.

CEO of retail giant Coupang resigns Pro-Russia hactivists target US infrastructure Israeli cybersecurity funding hits record Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. In deepfake scams, the tells aren't glitchy video anymore – it's behavior: "Do this right now," or "keep it secret." If you hear urgency and secrecy together, stop and verify through a second channel. Call a known number, start a chat thread, or ask something only the real person would know. Adaptive trains teams against exactly these tactics. adaptivesecurity.com.

Spain arrest over data records Goodbye, dark Telegram Scammers poison AI search results Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Picture a "new hire" who interviews well… except they're synthetic: AI video, AI voice, AI backstory. Once they're in, they go after payroll, internal docs, and access. That's the new reality: the attack surface is trust itself. Adaptive fights back with realistic deepfake simulations and training that actually sticks. adaptivesecurity.com.

Ransomware payments pass $4.5 billion Cybercrime networks orchestrate real-world violence Three arrested over possessing hacking tools Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Attackers don't need malware anymore; they need trust. Tip: set a simple passphrase for high-risk actions, like wire requests or "urgent" account recovery – especially within finance teams and families. If the caller can't answer it, pause and verify. Adaptive runs deepfake and vishing simulations so employees practice this before it's real. adaptivesecurity.com.

Link to episode page This week's Department of Know is hosted by Sarah Lane with guests Jason Shockey, CISO, Cenlar FSB, and Mike Lockhart, CISO, Eagleview Thanks to our show sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. AI is rewriting the cybersecurity rulebook, because attackers can now scale persuasion as easily as they scale code. The real target isn't just your systems anymore; it's human trust. If you aren't actively testing your organization against AI-driven phishing, vishing, and deepfakes, you're leaving a gap criminals will exploit. Adaptive runs realistic simulations and delivers tailored, engaging training so teams respond correctly when it counts. Learn more at adaptivesecurity.com. All links and the video of this episode can be found on CISO Series.com

New wave of VPN login attempts on Palo Alto portals NATO holds its largest-ever cyberdefense exercise Chinese hackers exploiting React2Shell bug Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Deepfakes aren't science fiction anymore; they're a daily threat. Quick tip: if your voicemail greeting is your real voice, switch it to the default robot voice. A few seconds of audio can be enough to clone you. Adaptive helps teams spot and stop these AI-powered social engineering attacks. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.

Predator spyware spotted across several countries Russia blocks FaceTime Draft US cyber strategy set for January release Huge thanks to our episode sponsor, Vanta This message comes from Vanta. What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Get started at Vanta.com/CISO

Record-breaking DDoS attack React bug puts servers at risk RansomHouse attack Huge thanks to our episode sponsor, Vanta This message comes from Vanta. What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Get started at Vanta.com/CISO

Microsoft Defender outage disrupts threats Apple resists India's state-run app order MuddyWater strikes Israel with MuddyViper Huge thanks to our episode sponsor, Vanta This message comes from Vanta. What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Get started at Vanta.com/CISO

India orders web safety app Arrests over IP camera snooping Albiriox shows up on dark web Huge thanks to our episode sponsor, Vanta This message comes from Vanta. What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Get started at Vanta.com/CISO

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Mathew Biby, director, cybersecurity, TixTrack, and Derek Fisher, Director of the Cyber Defense and Information Assurance Program, Temple University Thanks to our show sponsor, Vanta This message comes from Vanta. What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Get started at Vanta.com/CISO All links and the video of this episode can be found on CISO Series.com

Japanese brewer Asahi provides details regarding October ransomware attack California law regulating web browsers might impact national data privacy Microsoft to speed up Teams Huge thanks to our episode sponsor, Vanta This message comes from Vanta. What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Get started at Vanta.com/CISO Find the stories behind the headlines at CISOseries.com.

Microsoft to block unauthorized scripts in Entra ID logins with 2026 CSP update New legislation targets scammers that use AI to deceive ASUS firmware patches critical AiCloud vulnerability Huge thanks to our episode sponsor, KnowBe4 Cybersecurity isn't just a tech problem—it's a human one. That's why KnowBe4's Human Risk Management platform allows you to measure, quantify and actually reduce human risk across your organization. With AI-powered risk scoring, automated coaching and reporting, HRM+ helps you surface your highest risk users and reduce the risk of data breaches and cyberattacks proactively. Ready to move from awareness to action? Request a demo of HRM+ today at knowbe4.com. Find the stories behind the headlines at CISOseries.com.

AWS outage botnet smacks 28 countries LLMs help malware authors evade detection Anthropic questioned over Claude espionage Huge thanks to our episode sponsor, KnowBe4 Cybersecurity isn't just a tech problem—it's a human one. That's why KnowBe4's Human Risk Management platform allows you to measure, quantify and actually reduce human risk across your organization. With AI-powered risk scoring, automated coaching and reporting, HRM+ helps you surface your highest risk users and reduce the risk of data breaches and cyberattacks proactively. Ready to move from awareness to action? Request a demo of HRM+ today at knowbe4.com.

CISA warns of app break-ins StealC V2 spread through blender files Russia arrests cybersecurity entrepreneur for treason Huge thanks to our episode sponsor, KnowBe4 Cybersecurity isn't just a tech problem—it's a human one. That's why KnowBe4's Human Risk Management platform allows you to measure, quantify and actually reduce human risk across your organization. With AI-powered risk scoring, automated coaching and reporting, HRM+ helps you surface your highest risk users and reduce the risk of data breaches and cyberattacks proactively. Ready to move from awareness to action? Request a demo of HRM+ today at knowbe4.com.

CISA orders feds to patch OIM Delta Dental of Virginia incurs data breach Systems down at postal operator in Ukraine Huge thanks to our episode sponsor, KnowBe4 Cybersecurity isn't just a tech problem—it's a human one. That's why KnowBe4's Human Risk Management platform allows you to measure, quantify and actually reduce human risk across your organization. With AI-powered risk scoring, automated coaching and reporting, HRM+ helps you surface your highest risk users and reduce the risk of data breaches and cyberattacks proactively. Ready to move from awareness to action? Request a demo of HRM+ today at knowbe4.com.

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Keith Townsend, Keith Townsend, host CTO Advisor Podcast, founder of The Advisor Bench, and creator of the Virtual CTO Advisor; and Howard Holton, CEO, GigaOm Thanks to our show sponsor, Knowbe4 Cybersecurity isn't just a tech problem—it's a human one. That's why KnowBe4's Human Risk Management platform allows you to measure, quantify and actually reduce human risk across your organization. With AI-powered risk scoring, automated coaching and reporting, HRM+ helps you surface your highest risk users and reduce the risk of data breaches and cyberattacks proactively. Ready to move from awareness to action? Request a demo of HRM+ today at knowbe4.com. All links and the video of this episode can be found on CISO Series.com

CrowdStrike catches insider feeding information to hackers Spanish airline Iberia suffers breach and data leak AI is too risky to insure, say insurers Huge thanks to our episode sponsor, KnowBe4 Cybersecurity isn't just a tech problem—it's a human one. That's why KnowBe4's Human Risk Management platform allows you to measure, quantify and actually reduce human risk across your organization. With AI-powered risk scoring, automated coaching and reporting, HRM+ helps you surface your highest risk users and reduce the risk of data breaches and cyberattacks proactively. Ready to move from awareness to action? Request a demo of HRM+ today at knowbe4.com. Find the stories behind the headlines at CISOseries.com.

Sturnus Android Trojan captures encrypted chats and hijacks devices Canadian regulators say schools share blame for PowerSchool hack Bill reintroduced to bolster cybersecurity at Securities and Exchange Commission Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything — and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filter—it's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523. Find the stories behind the headlines at CISOseries.com.

Cloudflare blames database Crypto heist takedown WhatsApp flaw exposed billions Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything — and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filter—it's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523.

FCC to torch rules from Salt Typhoon Group claims hits on Danish party websites MI5 warns Chinese spies are using LinkedIn Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything — and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filter—it's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523.

Azure hit by DDoS using 500K IPs Kenyan government websites back online EVALUSION emerges Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything — and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filter—it's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523.

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Robb Dunewood, Host, Daily Tech News Show, and Howard Holton, CEO, GigaOm Thanks to our show sponsor, KnowBe4 Your email gateway isn't catching everything — and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filter—it's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523. All links and the video of this episode can be found on CISO Series.com

Microsoft warns of potential Windows 10 update failure China-backed hackers launch first large-scale autonomous AI cyberattack Feds fumbled Cisco patches requirements, says CISA Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything — and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filter—it's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523. Find the stories behind the headlines at CISOseries.com.

Two key cyber laws are back as president signs bill to end shutdown Microsoft's screen capture prevention for Teams users is finally rolling out FBI calls Akira top five ransomware variant out of 130 targeting U.S. businesses Huge thanks to our sponsor, Vanta What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" ....or the really scary one: "how do I get out from under these old tools and manual processes? Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME. With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep. Get started at vanta.com/headlines Find the stories behind the headlines at CISOseries.com.

Mobile internet blackout for Russian travelers Windows 11 supports 3rd-party passkey apps Synology patches BeeStation flaw Huge thanks to our sponsor, Vanta What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" ....or the really scary one: "how do I get out from under these old tools and manual processes? Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME. With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep. Get started at vanta.com/headlines

Google's Find Hub turns into remote-wipe weapon Qilin ransomware activity surges GootLoader is back Huge thanks to our sponsor, Vanta What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" ....or the really scary one: "how do I get out from under these old tools and manual processes? Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME. With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep. Get started at vanta.com/headlines

CISA reauthorization Denmark and Norway investigating electric bus "kill switches" European Commission looking to simplify privacy laws for AI Huge thanks to our sponsor, Vanta What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" ....or the really scary one: "how do I get out from under these old tools and manual processes? Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME. With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep. Get started at vanta.com/headlines

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Jacob Coombs, CISO, Tandem Diabetes Care, and Ross Young, Co-host, CISO Tradecraft Thanks to our show sponsor, Vanta What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" ….or the really scary one: "how do I get out from under these old tools and manual processes? Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME. With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep. Get started at vanta.com/headlines All links and the video of this episode can be found on CISO Series.com

runC flaws could allow hackers to escape Docker containers Lost iPhone scam warning Landfall Android spyware targets Samsung Galaxy phones Huge thanks to our sponsor, Vanta What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" ....or the really scary one: "how do I get out from under these old tools and manual processes? Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME. With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep. Get started at vanta.com/headlines Find the stories behind the headlines at CISOseries.com.

Hackers use Windows Hyper-V to evade EDR detection Critical Cisco UCCX flaw lets attackers run commands as root The Louvre's video security password was reportedly Louvre Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats — stop them with ThreatLocker. Find the stories behind the headlines at CISOseries.com.

Google uncovers PROMPTFLUX malware CISA warns of CentOS Web Panel bug Threat group targets academics Huge thanks to our sponsor, ThreatLocker Cybercriminals don't knock — they sneak in through the cracks other tools miss. That's why organizations are turning to ThreatLocker. As a zero-trust endpoint protection platform, ThreatLocker puts you back in control, blocking what doesn't belong and stopping attacks before they spread. Zero Trust security starts here — with ThreatLocker