Show cover of Cyber Security Headlines

Cyber Security Headlines

Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.

Tracks

Week in Review: Government hospital warning, Sisence breach, Financial firms lose $12b
Link to blog post This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Mike Levin, deputy CISO, 3M Thanks to our show sponsor, Vanta When it comes to ensuring your company has top-notch security practices, things can get complicated fast. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso. All links and the video of this episode can be found on CISO Series.com      
23:36 4/12/24
Palo Alto patches, CISA’s Sisense warning, GitHub repos gamed
Palo Alto Networks fixes several DoS vulnerabilities in PAN-OS operating system Sisense breach exposes customers to potential supply chain attack Threat actors gaming GitHub Search Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso. For the stories behind the headlines, head to CISOseries.com.
08:45 4/12/24
CISA malware analysis, "hunt forward" missions, Spectre v2
CISA expands automated malware analysis US Cyber Command launched “hunt forward” missions Spectre v2: Linux Boogaloo  CHECK OUT Capture the CISO season 2 here. Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso.
07:26 4/11/24
Ukraine cyber head suspended, LG TV vulns, Microsoft exposed passwords
Ukraine's head of cybersecurity suspended and assigned to combat zone Over 90,000 LG Smart TVs exposed to remote attack Microsoft exposed internal passwords in security lapse Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso. For the stories behind the headlines, visit CISOseries.com.
08:55 4/10/24
Cyberattack impacts vet firm, data privacy bill movement, DOJ hack exposes thousands
Cyberattack causes major disruptions for UK vet firm Data privacy bill pushes forward with bipartisan support Department of Justice hack exposes hundreds of thousands Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso.
09:23 4/9/24
Hospital hack warning, Five Eyes follow-up, NYC municipal hack
Government warns hospitals of hackers targeting IT help desks U.S. government contractor Acuity responds to alleged Five Eyes breach New York City becomes latest in municipal government hack attempts Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso. For the stories behind the headlines, head to CISOseries.com.
08:51 4/8/24
Week in Review: Five Eyes breach, Microsoft’s Chinese hack response, AT&T customer breach
Link to blog post This week’s Cyber Security Headlines – Week in Review is hosted by David Spark with guest Steve Gentry, Advisor, Clari Thanks to our show sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso. All links and the video of this episode can be found on CISO Series.com
27:37 4/5/24
Five Eyes breach, cancer center breach, Pixel zero-day flaw
Classified Five Eyes data theft announced Cancer center data breach affects 800,000 Android Pixel phone zero-day flaws being exploited by forensic companies Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso to learn more. For the stories behind the headlines, head to CISOseries.com.
07:55 4/5/24
Microsoft security failings, NIST NVD backlog, Chrome DBSC beta
Report criticizes Microsoft’s Chinese hack response NIST needs help with vulnerability backlog Chrome tests feature to prevent session hijacking  Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso to learn more.
07:42 4/4/24
Cyber incident reporting rule, Google blocks spoofed emails, PandaBuy breach
CISA releases draft rule for cyber incident reporting Google now blocks spoofed emails for better phishing protection Breach at online shopping platform PandaBuy affects 1.3 million customers Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso to learn more. For the stories behind the headlines, head to CISOseries.com.
07:26 4/3/24
Incognito settlement, hallucinated software, phone protocols vulnerable
Google to delete Incognito tracking data Hallucinated software packages as a security vulnerability FCC investigating phone infrastructure security Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso to learn more.
06:48 4/2/24
AT&T data leak, Linux backdoor discovery, DHS phone data policy
Data of 73 million AT&T customers leaked on dark web Accidental Linux backdoor discovery likely prevented thousands of infections DHS expected to stop buying access to your phone info Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso to learn more. For the stories behind the headlines, visit CISOseries.com.
07:22 4/1/24
Week in Review: Spyware boosts zero-days, MFA bombing targets Apple, Facebook snooped Snapchat
Link to blog post This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Yaron Levi, CISO, Dolby, and sageinsights.io Thanks to our show sponsor, Varonis Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today at varonis.com/cisoseries. All links and the video of this episode can be found on CISO Series.com      
24:36 3/29/24
17 billion records exposed, Treasury FinSec warning, Hot Topic attacks
17 billion personal records exposed in data breaches in 2023 U.S. Treasury warns financial sector about AI cybersecurity threats Retail chain Hot Topic hit by new credential stuffing attacks Thanks to today's episode sponsor, Varonis Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today at varonis.com/cisoseries. For the stories behind the headlines, head to CISOseries.com.
08:48 3/29/24
Zero-day rise, SharePoint vulnerability, Facebook sniffs app traffic
Spyware fuels rise in zero-day exploits CISA warns about Microsoft SharePoint vulnerability  Facebook snooped on encrypted Snapchat traffic Thanks to today's episode sponsor, Varonis Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today at varonis.com/cisoseries.  
07:09 3/28/24
APT31 targets families, UK newspaper attacked, Apple MFA bombing
APT31 targeting family members to surveil targets Ransomware gang attacks UK newspaper supporting the homeless MFA bombing attacks target Apple users Thanks to today's episode sponsor, Varonis Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today at varonis.com/cisoseries. For the stories behind the headlines, visit CISOseries.com.
07:51 3/27/24
EU targets tech giants, China bans US tech, US cyber force
EU targets tech giants with DMA China starts US tech ban in government Think tank calls for US military cyber service Thanks to today's episode sponsor, Varonis Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today at varonis.com/cisoseries.  
07:23 3/26/24
New Kimsuky technique, KDE Linux warning, Atlassian critical flaws
Kimsuky turns to compiled HTML Help files for cyberattacks KDE issues warning after theme wipes Linux user’s files Critical flaw in Atlassian Bamboo data center and server must be fixed immediately Thanks to today's episode sponsor, Varonis Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today at varonis.com/cisoseries. For the stories behind the headlines, head to CISOseries.com.  
07:42 3/25/24
Week in Review: McDonald’s outage explained, SIM swap fraud, spyware agreement support
Link to blog post This week’s Cyber Security Headlines – Week in Review, is hosted by Rich Stroffolino with guest Gerald Auger Ph.D., Chief Content Creator, Simply Cyber Thanks to our show sponsor, Vanta Managing the requirements for modern security programs is increasingly challenging. Vanta’s trust management platform helps you quickly assess risk, streamline security reviews, and automate compliance for SOC 2, ISO 27001, HIPAA, and more. Plus, you can save time by completing security questionnaires with Vanta AI. Join over 7,000 global companies that use Vanta to automate evidence collection, unify risk management, and secure customer trust. To learn more, go to vanta.com/ciso All links and the video of this episode can be found on CISO Series.com  
32:57 3/22/24
Microsoft Server crashes, npm package discrepancies, Nemesis marketplace raided
Microsoft confirms Windows Server issue behind domain controller crashes Over 800 npm packages found with discrepancies Nemesis darknet marketplace raided in Germany-led operation Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo. For the stories behind the headlines, head to CISOseries.com.  
07:20 3/22/24
Water task force, Loop DoS attacks, GitHub vulnerability fixer
US plans Water Sector Cybersecurity Task Force Loop DoS attack exploits the infinite regress of UDP GitHub tool uses AI to fix vulnerabilities Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.  
07:20 3/21/24
Mid-stream ESports hack, System glitch costs millions, LockBit reemerges with vengeance
Mid-stream hack postpones ESports league Bank loses $40 million after “systems glitch” LockBit reemerges with vengeance Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.  
09:57 3/20/24
Change Healthcare payout, FTC probe into Reddit, Japanese tech giant breached
UnitedHealth fronts over $2 billion in recovery efforts Spyware agreement gains more international support FTC probes Reddit's AI data licensing ahead of IPO Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.  
08:49 3/19/24
McDonald’s outage update, Chrome URL protection, Birmingham Alabama outage
Global McDonald’s outage blamed on third-party vendor, not cyberattack Google adds real-Time URL protection for Chrome Network outages hit Birmingham Alabama Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo. For the stories behind the headlines, head to CISOseries.com.
07:34 3/18/24
Week in Review: Russian Microsoft exfiltration, JetBrains Rapid7 feud, Change Healthcare fallout
Link to blog post This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Alexandra Landegger, Executive Director and CISO Collins Aerospace Thanks to our show sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo. All links and the video of this episode can be found on CISO Series.com
26:44 3/15/24
Change Healthcare fallout, Fortinet SQL warning, Yacht company breach
Change Healthcare - AHA asks for aid, HHS questions HIPAA compliance Fortinet warns of severe SQLi vulnerability in FortiClientEMS software Yacht company MarineMax announces cyberattack Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo. For the stories behind the headlines, head to CISOseries.com.
07:55 3/15/24
Gemini vulnerabilities, NYT-OpenAI drama, GitHub leak report
Researchers find vulnerabilities in Gemini New York Times denies it “hacked” OpenAI for lawsuit Leaked GitHub secrets up 28% Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.
07:57 3/14/24
LockBit claims hack, CISA understaffed, US and Russia election concerns
LockBit takes credit for hacking South African pension fund CISA’s OT attack response team understaffed US and Russia accuse each other of potential election cyberattacks Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.   For the stories behind the headlines, visit CISOseries.com.
09:37 3/13/24
Roku forces reset, French agencies targeted, Fintech firm taken offline
Roku forces reset after 15,000 accounts compromised French government agencies targeted in “unprecedented” attacks Fintech firm taken offline by ransomware attack Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo. For the stories behind the headlines, head to CISOseries.com.
09:02 3/12/24
Microsoft breach update, CISA flags JetBrains, ChatGPT creds sale
Microsoft says Russian hackers breached its systems, accessed source code CISA adds JetBrains TeamCity bug to its KEV catalog Over 225,000 compromised ChatGPT credentials for sale Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo. For the stories behind the headlines, head to CISOseries.com.
08:19 3/11/24

Similar podcasts