Cyber Security Headlines

US indicts LockBit ransomware ringleader

DocGo discloses cyberattack that compromised patient health data

Payroll data breach exposed data of UK military personnel

Huge thanks to our sponsor, Vanta

Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like your SOC 2 or ISO 27001 and provide real-time evidence for passing controls. And when a security questionnaire is required, Vanta takes the first pass for you. Visit vanta.com/ciso to take a tour.

For the stories behind the headlines, visit CISOseries.com.

LockBit’s website is back

Germany takes action amid alleged Russian attack

Chinese-linked ArcaneDoor targets global network infrastructure

Huge thanks to our sponsor, Vanta

Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like your SOC 2 or ISO 27001 and provide real-time evidence for passing controls. And when a security questionnaire is required, Vanta takes the first pass for you. Visit vanta.com/ciso to take a tour.

NSC’s Neuberger suggests operational approach for on mitigating cyberattacks

French cybersecurity teams prepare for “unprecedented” Olympic threat

Feds warn about North Korean exploitation of improperly configured DMARC

Huge thanks to our sponsor, Vanta

Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like your SOC 2 or ISO 27001 and provide real-time evidence for passing controls. And when a security questionnaire is required, Vanta takes the first pass for you. Visit vanta.com/ciso to take a tour.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Phil Beyer, former CISO, Etsy

Thanks to today’s episode sponsor, Dropzone.ai

Dropzone.ai’s AI Autonomous Analyst is transforming cybersecurity as we know it. By replicating the techniques of elite analysts and autonomously investigating every alert, our patented system force multiplies your SOC team by 10X without adding headcount. Experience the future of threat detection and response at dropzone.ai. Request a trial today!

All links and the video of this episode can be found on CISO Series.com

Goldoon botnet exploits D-Link routers

CISA adds Gitlab flaw to its KEV catalog

Dropbox discloses breach of digital signature service

Thanks to our episode sponsor, Dropzone AI

Dropzone.ai's AI Autonomous Analyst is transforming cybersecurity as we know it. By replicating the techniques of elite analysts and autonomously investigating every alert, our patented system force multiplies your SOC team by 10X without adding headcount. Experience the future of threat detection and response at dropzone.ai. Request a trial today!

For the stories behind the headlines, head to CISOseries.com.

Chinese disinformation proving ineffectual

NCSC release Advanced Mobile Solutions risk model

China implements new State Secrets Law

Thanks to our episode sponsor, Dropzone AI

Cybersecurity leaders, are you being asked to leverage the power of Gen AI in your SOC? Dropzone.ai's AI Autonomous Analyst empowers your team to thoroughly investigate every alert. No playbooks, no code, just intelligent, adaptable alert investigation. Test drive on dropzone.ai to immediately see the results for yourself.

UnitedHealth Group CEO faces congress & cause of hack revealed

Major U.S. wireless carriers face $200M FCC fine

Marriott backtracks claims of encryption protection

Thanks to our episode sponsor, Dropzone AI

Dropzone.ai is proud to announce our selection as a Top 10 Finalist for the prestigious RSA Innovation Sandbox. Our AI Autonomous Analyst is revolutionizing the way SOC teams operate, replicating the techniques of elite analysts and autonomously investigating every alert. Meet us at RSAC and book a time at dropzone.ai.

USPS phishing sites are popular

UK bans bad IoT credentials

USB malware attacks targeting industrial sites

Thanks to our episode sponsor, Dropzone AI

Attention cybersecurity professionals! Are you investigating 100% of the alerts from your IT and security systems? Dropzone.ai's AI Analyst autonomously investigates every alert without playbooks or code, enabling you to turn over every rock. Visit dropzone.ai to learn more and request a trial. Offload your tier-1 analysis to an AI analyst that never sleeps so you can.

Kaiser Permanente website tracking tools may have compromised customer data

DHS announces AI safety board

Okta warns of “unprecedented” credential stuffing attacks on customers

Thanks to our episode sponsor, Dropzone AI

Introducing Dropzone.ai, the industry's first AI Autonomous SOC Analyst. Their patented LLM replicates the techniques of elite analysts, autonomously investigating every alert without playbooks or code. Force multiply your SOC team by 10X without adding headcount. Visit dropzone.ai to request a trial and experience the power of AI-driven cybersecurity.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Christina Shannon, CIO, KIK Consumer Products

Thanks to our show sponsor, Veracode

Get ready to experience the future of application security at RSAC 2024 with Veracode. Join us as we unveil cutting-edge innovations and insights to tackle today’s most pressing security challenges. From live demos showcasing our newest products to engaging discussions with industry experts. See you at RSAC! 

All links and the video of this episode can be found on CISO Series.com

Google postpones third-party cookie deprecation

Brocade SAN appliances and switches exposed to hacking

ICICI Bank exposes credit cards to wrong users

Thanks to this week's episode sponsor, Veracode

Don't miss out on this opportunity to elevate your cybersecurity strategy. Build and scale secure software from code to cloud with speed and trust. Visit our booth #2045 at RSAC 2024 to discover how Veracode is shaping the future of Application Security in the AI era.

For the stories behind the headlines, head to CISOseries.com.

Chinese keyboard app flaws exposed

Threat actors plant fake assassination story

ByteDance on the clock to divest TikTok

Thanks to this week's episode sponsor, Veracode

Research reveals AI-generated code mirrors human-written code's security flaws. Even seasoned programmers struggle to spot errors, with incorrect AI-generated answers abound. Veracode knows the stakes. While AI accelerates coding, relying on hunches won't suffice. Trust multi-faceted, data-driven insights to mitigate risk from the start. Don't compromise on security. Choose Veracode, your security partner in the AI-driven era of development.

Iranian nationals charged with hacking U.S. companies and agencies

Siemens working to fix device affected by Palo Alto firewall bug

Russian hackers claim cyberattack on Indiana water plant

Thanks to this week's episode sponsor, Veracode

 Are you truly listening to both your security and development teams? Make informed decisions with Veracode. Our developer-friendly security tools integrate with your existing tech stack to secure code from the start. Bridge the gap between security and development for more efficient operations and stronger defenses. Visit veracode.com for a collaborative approach to security.

For the stories behind the headlines, visit CISOseries.com.

TikTok ban passes the US House

Sandworm targets critical Ukrainian orgs 

North Koreans animating streaming shows

Thanks to this week's episode sponsor, Veracode

AI coding companions assist in generating high-quality code snippets, while Veracode swoops in to conduct thorough security assessments, identifying and fixing vulnerabilities quickly. With this dynamic duo, developers can innovate with confidence, knowing their code is both efficient and secure. Secure more code with Co-Pilot or any AI coding companion and Veracode. We’ll be your wingman anytime.

RedLine stealer GitHub connection

MITRE’s breached was through Ivanti zero-day vulnerabilities

Researchers find dozens of fake E-ZPass toll websites following FBI warning

Thanks to this week's episode sponsor, Veracode

Imagine your intelligent coding companion, backed by the robust security expertise of Veracode. Together, we form the ultimate duo, empowering developers to write better code while ensuring it's secure from the get-go. Learn more at RSAC 2024 with Veracode.

For the stories behind the headlines, head to CISOseries.com

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Dan Walsh, CISO, Paxos

Thanks to our show sponsor, Conveyor

Happy Friday! Are you tired of hearing about Conveyor’s AI security review automation software? We’ll stop talking about it if you book a call. Ready to give the market leading AI for security questionnaires a spin? Try a free proof of concept at www.conveyor.com.  Don’t forget to mention this podcast for 5 free questionnaire credits when you purchase a Pro plan.

All links and the video of this episode can be found on CISO Series.com

Police bust reveals sophisticated phishing-as-a-service platform

Overlooked Windows Fibers offer handy route for malicious payload deployment

Michigan healthcare organization suffers data breach

Thanks to today's episode sponsor, Conveyor

Happy Friday! Are you tired of hearing about Conveyor’s AI security review automation software? We’ll stop talking about it if you book a call. Ready to give the market leading AI for security questionnaires a spin? Try a free proof of concept at www.conveyor.com.  Don’t forget to mention this podcast for 5 free questionnaire credits when you purchase a Pro plan.

For the stories behind the headlines, head to CISOseries.com.

Sandworm-linked group tied to attack on water utilities

GPT-4 reads security advisories

Cell carrier workers solicited for SIM swaps

Thanks to today's episode sponsor, Conveyor

Conveyor is the market leading AI-powered platform that automates the entire customer security review process — from sharing your security posture and SOC 2 in a single portal to using that same information to automate answering security questionnaires with 90% accuracy.  Use Conveyor to fly through any customer security review in minutes. It might sound like every other software claim out there, but there’s a reason our customers have dubbed Conveyor their ‘favorite security tool of the year’. Test it out in a free proof of concept at www.conveyor.com

Cisco announces breach of multifactor authentication message provider

Bad bots drive 10% annual surge in account takeover attacks

LockBit 3.0 variant generates custom, self-propagating malware

Thanks to today's episode sponsor, Conveyor

Conveyor is the AI security review automation platform helping infosec teams automate everything from securely sharing a SOC 2 to one-click autofilling security questionnaires with AI so you can spend almost zero time on the manual tasks that make you want to cry into your laptop. Teams like Lucid Software are finding in a free proof of concept that our AI is better than the rest. Learn more at www.conveyor.com. Mention this podcast for 5 free questionnaire credits when you purchase a Pro plan.

For the stories behind the headlines, head to CISOseries.com.

Meta to close Threads in Turkey

Palo Alto fixes backdoor zero-day

Details on Microsoft’s security overhaul 

Thanks to today's episode sponsor, Conveyor 

What are infosec teams measuring these days? More often than not, their impact on sales. As infosec teams become hands on in the sales cycle, proving your value becomes key. A director of GRC said last week that the most direct value for their CEO was showing the efficiencies and the dollars that security has been able to bring in from enabling sales. See these trends and more in Conveyor’s ‘2024 State of the Security Review” report at www.conveyor.com. Click the banner at the top.

House passes reauthorization of U.S. surveillance program

Roku says 576,000 accounts compromised in latest security breach

Microsoft breach exposed federal agencies

Thanks to today's episode sponsor, Conveyor 

It’s Conveyor again, the market-leading AI software for answering security questionnaires and securely sharing your security posture and documents. Conveyor’s ‘State of the Security Review” report for 2024 was just released and it’s all about what the “new era” of infosec holds. Learn how positioning security and compliance early in the sales cycles increases win rates by 42% and what infosec teams need to prepare for as they move closer to the sales function. You can find the report at www.conveyor.com by clicking on the banner at the top.

For the stories behind the headlines, visit CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Mike Levin, deputy CISO, 3M

Thanks to our show sponsor, Vanta

When it comes to ensuring your company has top-notch security practices, things can get complicated fast. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso.

All links and the video of this episode can be found on CISO Series.com

Palo Alto Networks fixes several DoS vulnerabilities in PAN-OS operating system

Sisense breach exposes customers to potential supply chain attack

Threat actors gaming GitHub Search

Thanks to today's episode sponsor, Vanta

The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso.

For the stories behind the headlines, head to CISOseries.com.

CISA expands automated malware analysis

US Cyber Command launched “hunt forward” missions

Spectre v2: Linux Boogaloo 

CHECK OUT Capture the CISO season 2 here.

Thanks to today's episode sponsor, Vanta

The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso.

Ukraine's head of cybersecurity suspended and assigned to combat zone

Over 90,000 LG Smart TVs exposed to remote attack

Microsoft exposed internal passwords in security lapse

Thanks to today's episode sponsor, Vanta

The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso.

For the stories behind the headlines, visit CISOseries.com.

Cyberattack causes major disruptions for UK vet firm

Data privacy bill pushes forward with bipartisan support

Department of Justice hack exposes hundreds of thousands

Thanks to today's episode sponsor, Vanta

The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso.

Government warns hospitals of hackers targeting IT help desks

U.S. government contractor Acuity responds to alleged Five Eyes breach

New York City becomes latest in municipal government hack attempts

Thanks to today's episode sponsor, Vanta

The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta’s on-demand demo at vanta.com/ciso.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by David Spark with guest Steve Gentry, Advisor, Clari

Thanks to our show sponsor, Vanta

The average security pro spends nearly a full workday every week just on compliance.

With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA.

Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires.

Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time.

Watch Vanta’s on-demand demo at vanta.com/ciso.

All links and the video of this episode can be found on CISO Series.com

Classified Five Eyes data theft announced

Cancer center data breach affects 800,000

Android Pixel phone zero-day flaws being exploited by forensic companies

Thanks to today's episode sponsor, Vanta

The average security pro spends nearly a full workday every week just on compliance.

With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA.

Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires.

Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time.

Watch Vanta’s on-demand demo at vanta.com/ciso to learn more.

For the stories behind the headlines, head to CISOseries.com.

Report criticizes Microsoft’s Chinese hack response

NIST needs help with vulnerability backlog

Chrome tests feature to prevent session hijacking 

Thanks to today's episode sponsor, Vanta

The average security pro spends nearly a full workday every week just on compliance.

With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA.

Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires.

Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time.

Watch Vanta’s on-demand demo at vanta.com/ciso to learn more.

CISA releases draft rule for cyber incident reporting

Google now blocks spoofed emails for better phishing protection

Breach at online shopping platform PandaBuy affects 1.3 million customers

Thanks to today's episode sponsor, Vanta

The average security pro spends nearly a full workday every week just on compliance.

With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA.

Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires.

Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time.

Watch Vanta’s on-demand demo at vanta.com/ciso to learn more.

For the stories behind the headlines, head to CISOseries.com.

Google to delete Incognito tracking data

Hallucinated software packages as a security vulnerability

FCC investigating phone infrastructure security

Thanks to today's episode sponsor, Vanta

The average security pro spends nearly a full workday every week just on compliance.

With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA.

Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires.

Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time.

Watch Vanta’s on-demand demo at vanta.com/ciso to learn more.

Data of 73 million AT&T customers leaked on dark web

Accidental Linux backdoor discovery likely prevented thousands of infections

DHS expected to stop buying access to your phone info

Thanks to today's episode sponsor, Vanta

The average security pro spends nearly a full workday every week just on compliance.

With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA.

Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires.

Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time.

Watch Vanta’s on-demand demo at vanta.com/ciso to learn more.

For the stories behind the headlines, visit CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Yaron Levi, CISO, Dolby, and sageinsights.io

Thanks to our show sponsor, Varonis

Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today at varonis.com/cisoseries.

All links and the video of this episode can be found on CISO Series.com

17 billion personal records exposed in data breaches in 2023

U.S. Treasury warns financial sector about AI cybersecurity threats

Retail chain Hot Topic hit by new credential stuffing attacks

Thanks to today's episode sponsor, Varonis

Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today at varonis.com/cisoseries.

For the stories behind the headlines, head to CISOseries.com.

Spyware fuels rise in zero-day exploits

CISA warns about Microsoft SharePoint vulnerability 

Facebook snooped on encrypted Snapchat traffic

Thanks to today's episode sponsor, Varonis

Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today at varonis.com/cisoseries.

APT31 targeting family members to surveil targets

Ransomware gang attacks UK newspaper supporting the homeless

MFA bombing attacks target Apple users

Thanks to today's episode sponsor, Varonis

For the stories behind the headlines, visit CISOseries.com.

EU targets tech giants with DMA

China starts US tech ban in government

Think tank calls for US military cyber service

Thanks to today's episode sponsor, Varonis

Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today at varonis.com/cisoseries.

Kimsuky turns to compiled HTML Help files for cyberattacks

KDE issues warning after theme wipes Linux user’s files

Critical flaw in Atlassian Bamboo data center and server must be fixed immediately

Thanks to today's episode sponsor, Varonis

Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today at varonis.com/cisoseries.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review, is hosted by Rich Stroffolino with guest Gerald Auger Ph.D., Chief Content Creator, Simply Cyber

Thanks to our show sponsor, Vanta

Managing the requirements for modern security programs is increasingly challenging. Vanta’s trust management platform helps you quickly assess risk, streamline security reviews, and automate compliance for SOC 2, ISO 27001, HIPAA, and more. Plus, you can save time by completing security questionnaires with Vanta AI. Join over 7,000 global companies that use Vanta to automate evidence collection, unify risk management, and secure customer trust. To learn more, go to vanta.com/ciso

All links and the video of this episode can be found on CISO Series.com

Microsoft confirms Windows Server issue behind domain controller crashes

Over 800 npm packages found with discrepancies

Nemesis darknet marketplace raided in Germany-led operation

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, head to CISOseries.com.

US plans Water Sector Cybersecurity Task Force

Loop DoS attack exploits the infinite regress of UDP

GitHub tool uses AI to fix vulnerabilities

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

Mid-stream hack postpones ESports league

Bank loses $40 million after “systems glitch”

LockBit reemerges with vengeance

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

UnitedHealth fronts over $2 billion in recovery efforts

Spyware agreement gains more international support

FTC probes Reddit's AI data licensing ahead of IPO

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

Global McDonald’s outage blamed on third-party vendor, not cyberattack

Google adds real-Time URL protection for Chrome

Network outages hit Birmingham Alabama

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Alexandra Landegger, Executive Director and CISO Collins Aerospace

Thanks to our show sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

All links and the video of this episode can be found on CISO Series.com

Change Healthcare - AHA asks for aid, HHS questions HIPAA compliance

Fortinet warns of severe SQLi vulnerability in FortiClientEMS software

Yacht company MarineMax announces cyberattack

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, head to CISOseries.com.

Researchers find vulnerabilities in Gemini

New York Times denies it “hacked” OpenAI for lawsuit

Leaked GitHub secrets up 28%

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

LockBit takes credit for hacking South African pension fund

CISA’s OT attack response team understaffed

US and Russia accuse each other of potential election cyberattacks

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, visit CISOseries.com.

Roku forces reset after 15,000 accounts compromised

French government agencies targeted in “unprecedented” attacks

Fintech firm taken offline by ransomware attack

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, head to CISOseries.com.

Microsoft says Russian hackers breached its systems, accessed source code

CISA adds JetBrains TeamCity bug to its KEV catalog

Over 225,000 compromised ChatGPT credentials for sale

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest David Cross, SVP/CISO, Oracle. Also check out David’s travel blog, DavidCrossTravels.com

Thanks to our show sponsor, Conveyor

Conveyor is the AI security review automation platform helping infosec teams automate everything from securely sharing a SOC 2 to one-click autofilling security questionnaires in OneTrust so you can spend almost zero time on the manual tasks that make you want to throw your computer out the window. Teams are finding in a free proof of concept that our AI is better than the rest. Learn more at www.conveyor.com. Mention this podcast for 5 free questionnaire credits when you purchase an Enterprise plan.

All links and the video of this episode can be found on CISO Series.com

Flipper Zero WiFi attack can unlock and steal Tesla cars

Former Google engineer indicted for stealing AI secrets for Chinese companies

PetSmart warns customers of credential stuffing attack

Thanks to today's episode sponsor, Conveyor

Conveyor is the AI security review automation platform helping infosec teams automate everything from securely sharing a SOC 2 to one-click autofilling security questionnaires in OneTrust so you can spend almost zero time on the manual tasks that make you want to throw your computer out the window. Teams are finding in a free proof of concept that our AI is better than the rest. Learn more at www.conveyor.com. Mention this podcast for 5 free questionnaire credits when you purchase an Enterprise plan.

For the stories behind the headlines, head to CISOseries.com.

Online fraud hits record losses

States urge Meta to crack down on scammers

Apple issues update for zero-day flaw

Thanks to today's episode sponsor, Conveyor

Happy Thursday. Are you tired of us talking about how Conveyor’s AI security review automation software? We’ll stop talking about it if you come talk to them.  Ready to give the market leading AI for security questionnaires a spin? Try a free proof of concept at www.conveyor.com.  Don’t forget to mention this podcast for 5 free questionnaire credits when you purchase an Enterprise plan.

For the stories behind the headlines, head to CISOseries.com.

US cybersecurity strategy update on the way

US Treasury issues first spyware sanctions

UK denies responsibility for ALPHV takedown

Thanks to today's episode sponsor, Conveyor

Conveyor is the only GPT-powered customer trust portal that automates the entire customer security review process — from sharing your security posture and documents in a single portal to automating security questionnaire responses with 90% accuracy so you can fly through any customer security review in minutes. It might sound like every other compliance software claim out there, but there’s a reason our customers have dubbed Conveyor their ‘favorite security tool of the year’. Test our market-leading AI in a free proof of concept at www.conveyor.com

North Korea targets semiconductor industry

ALPHV infrastructure goes dark

China to offer computing vouchers to AI startups

Thanks to today's episode sponsor, Conveyor

AI is getting pretty smart so you shouldn’t settle for mediocre security questionnaire automation software that only generates the right answer 20 to 50 percent of the time or have to wait a day for the vendor’s team to check the answers. Conveyor's security questionnaire automation tool not only boasts industry leading AI accuracy reducing time spent on security reviews by 80%, but now also autofills in OneTrust portal questionnaires with a single click. Trying a proof of concept with your own data is always free. Learn more at www.conveyor.com. Mention this podcast for 5 free questionnaire credits when you purchase an Enterprise plan.

NSO Group to ordered to give Pegasus code to WhatsApp

Change Healthcare confirms BlackCat, Schumer asks for aid

Law firm announces data breach affecting 325,000 people

Thanks to today's episode sponsor, Conveyor

We’ve got a returning sponsor this week – Conveyor. They’re the AI security review automation platform helping infosec teams automate everything from securely sharing a SOC 2 to one-click autofilling security questionnaires in OneTrust so you can spend almost zero time on the manual tasks that make you want to throw your computer out the window. Teams are finding in a free proof of concept that their AI is better than the rest. Learn more at www.conveyor.com. Mention this podcast for 5 free questionnaire credits when you purchase an Enterprise plan.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Russ Ayres, SVP of Cyber & Deputy CISO, Equifax

Thanks to our show sponsor, Egress

People are the biggest risk to your organization’s security, and they are most vulnerable when using email.

With more advanced threats getting through secure email gateway detection every day, Egress provides AI-powered email security that eliminates both inbound phishing attacks and outbound data breaches. What's more, Egress' adaptive security architecture personalizes security for each user based on their real-time risk score. 

Visit egress.com to learn more about Egress’ Intelligent Cloud Email Security suite and start detecting email threats your secure email gateway is missing today.

All links and the video of this episode can be found on CISO Series.com

Pharma giant Cencora announces data breach

GenAI drives surge in BEC attacks

Popular video doorbell easy hijacked

Thanks to today's episode sponsor, Egress

People are the biggest risk to your organizations' security and they are most vulnerable when using email. With more advanced threats getting through secure email gateway detection every day, Egress provides AI-powered email security that eliminates both inbound phishing attacks and outbound data breaches. What's more, Egress' adaptive security architecture personalizes security for each user based on their real-time risk score.  Visit egress.com to learn more about Egress' Intelligent Cloud Email Security suite and start detecting email threats your secure email gateway is missing today.

For the stories behind the headlines, head to CISOseries.com.

Biden signs order limiting the sale of personal data

Australia claims its seeing unprecedented “foreign interference”

Lazarus Group targeting Windows and PyPi

Thanks to today's episode sponsor, Egress

People are the biggest risk to your organizations' security and they are most vulnerable when using email. With more advanced threats getting through secure email gateway detection every day, Egress provides AI-powered email security that eliminates both inbound phishing attacks and outbound data breaches. What's more, Egress' adaptive security architecture personalizes security for each user based on their real-time risk score.  Visit egress.com to learn more about Egress' Intelligent Cloud Email Security suite and start detecting email threats your secure email gateway is missing today.

NIST releases cybersecurity framework 2.0

Optum attack linked to BlackCat ransomware

ScreenConnect exploitations continue

Thanks to today's episode sponsor, Egress

People are the biggest risk to your organizations' security and they are most vulnerable when using email. With more advanced threats getting through secure email gateway detection every day, Egress provides AI-powered email security that eliminates both inbound phishing attacks and outbound data breaches. What's more, Egress' adaptive security architecture personalizes security for each user based on their real-time risk score.  Visit egress.com to learn more about Egress' Intelligent Cloud Email Security suite and start detecting email threats your secure email gateway is missing today.

SolarWinds attackers changing tactics

Brand domains used in spam operation

Steel giant hit with cyberattack

Thanks to today's episode sponsor, Egress

People are the biggest risk to your organizations' security and they are most vulnerable when using email. With more advanced threats getting through secure email gateway detection every day, Egress provides AI-powered email security that eliminates both inbound phishing attacks and outbound data breaches. What's more, Egress' adaptive security architecture personalizes security for each user based on their real-time risk score.  Visit egress.com to learn more about Egress' Intelligent Cloud Email Security suite and start detecting email threats your secure email gateway is missing today.

British police taunt LockBit administrator

PayPal files patent for new stolen cookies detector

Vending machine crash reveals face recognition tech 

Thanks to today's episode sponsor, Egress

People are the biggest risk to your organizations' security and they are most vulnerable when using email. With more advanced threats getting through secure email gateway detection every day, Egress provides AI-powered email security that eliminates both inbound phishing attacks and outbound data breaches. What's more, Egress' adaptive security architecture personalizes security for each user based on their real-time risk score.  Visit egress.com to learn more about Egress' Intelligent Cloud Email Security suite and start detecting email threats your secure email gateway is missing today.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Thom Langford, CISO, Velonetic

Thanks to our show sponsor, Conveyor

Conveyor AI is so good, it can now autofill OneTrust portal questionnaires in one click. Yes, we’ve been talking about it all week. Conveyor's security questionnaire automation tool not only boasts industry leading AI accuracy, but now fills in One Trust portals with a single click. Trying a proof of concept with your own data is always free. Learn more at www.conveyor.com. Mention this podcast for 5 free questionnaire credits when you purchase an Enterprise plan.

All links and the video of this episode can be found on CISO Series.com

LockBit was building next gen encryptor before takedown

Thousands of wireless customers suffer outage

Prescription delays due to Change Healthcare cyberattack

Thanks to today's episode sponsor, Conveyor

Conveyor, the security questionnaire automation software one of their customers dubbed “my favorite security tool of the year”, is now even better. They’ve upgraded our browser extension for portal-based questionnaires and it can now autofill OneTrust portal questionnaires in one click. You can test the AI in a free proof of concept at www.conveyor.com. Mention this podcast for 5 free questionnaire credits when you purchase an Enterprise plan.

Get the stories behind the headlines at CISOSeries.com

Thanks to today's episode sponsor, Conveyor

Happy Thursday. Are you tired of us talking about how Conveyor’s AI can now autofill OneTrust security questionnaires in one-click? Well, we’ll stop talking about it if you come talk to them. Ready to give the market leading AI for security questionnaires a spin? Try a free proof of concept by booking a demo at www.conveyor.com. And mention this podcast for 5 free questionnaire credits when you purchase an Enterprise plan.

Get the stories behind the headlines at CISOSeries.com

LockBit takedown update

Signal now lets users keep phone numbers private

NSA Cybersecurity Director Rob Joyce to retire

Thanks to today's episode sponsor, Conveyor

No more portal scaries. Conveyor just launched AI autofill of OneTrust portal questionnaires. That means no more clicking question-by-question to copy-paste each answer when a customer sends you a OneTrust security questionnaire. Conveyor’s AI will read and autofill the whole page for you. Trying a proof of concept with your own data is always free. Learn more at www.conveyor.com. Mention this podcast for 5 free questionnaire credits when you purchase an Enterprise plan.

Get the stories behind the headlines at CISOSeries.com

LockBit disrupted by global police operation

Cactus leaks Schneider Electric data on dark web

ALPHV gang takes credit for LoanDepot, Prudential attacks

Thanks to today's episode sponsor, Conveyor

Conveyor, the security questionnaire automation software one of our customers dubbed “my favorite security tool of the year”, is now even better. They’ve upgraded their browser extension for portal-based questionnaires and it can now autofill OneTrust portal questionnaires in one click. You can test the AI in a free proof of concept at www.conveyor.com. Mention this podcast for 5 free questionnaire credits when you purchase an Enterprise plan.

Get the stories behind the headlines at CISOSeries.com

Google Chrome feature blocks attacks against home networks

Mastermind behind Zeus and IcedID malware pleads guilty

Air Canada must honor refund invented by its chatbot, says court

Thanks to today's episode sponsor, Conveyor

Conveyor AI is so good, it can now autofill OneTrust portal questionnaires in one click.  Yes, you heard us right. Conveyor's security questionnaire automation tool not only boasts industry leading AI accuracy, but now fills in One Trust portals with a single click. Trying a proof of concept with your own data is always free. Learn more at www.conveyor.com. Mention this podcast for 5 free questionnaire credits when you purchase an Enterprise plan.

Get the stories behind the headlines at CISOSeries.com

Link to blog post

This week’s Cyber Security Headlines - Week in Review is hosted by Rich Stroffolino with guest Trina Ford, CISO, iHeartMedia

Thanks to our show sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

All links and the video of this episode can be found on CISO Series.com

Microsoft warns of new Exchange Server zero-day

Neuberger: Pace of ransomware takedown operations isn’t enough

Gold Pickaxe malware steals your face

Huge thanks to our sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, head to CISOseries.com.

Trans-Northern Pipelines confirms cyberattack

Threat actors using LLMs to improve cyberattacks

Email provider published internal emails in plain text

Huge thanks to our sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

Prudential Financial data breached in cyberattack

Facebook Marketplace user records leaked on hacking forum

Bank of America customers at risk after third party breach

Huge thanks to our sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, visit CISOseries.com.

CISA releases repository security framework

Ransomware takes down Romanian healthcare management system

Ivanti flaw used to deploy backdoor

Huge thanks to our sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

Raspberry Robin – a new one-day exploit targeting Windows

Hyundai Europe suffers Black Basta ransomware attack

Cisco to cut thousands of jobs as it focuses on high growth areas

Huge thanks to our sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Doug Mayer, vp, CISO, WCG

Thanks to our show sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

All links and the video of this episode can be found on CISO Series.com

CISA, FBI issue sobering warning about Volt Typhoon

Cisco fixes critical Expressway flaws

3 million records from thousands of credit unions exposed

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging.

Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization.

Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk.

To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, visit CISOseries.com.

CISA collaboration initiative on thin ice

Iran focusing cyber efforts

Ransomware payments cross $1 billion in 2023

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging.

Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization.

Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk.

To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, visit CISOseries.com.

Tech giants and world govs unite to tackle spyware threats

Spyware vendors to blame for most Google zero-days

Insider data breach hits almost half of Verizon’s employee base

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging.

Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization.

Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk.

To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, visit CISOseries.com.

Spoutible API vulnerability leaks user data 

Illicit service cranks out fake IDs

Sudo coming to Windows

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging.

Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization.

Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk.

To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, visit CISOseries.com.

Cloudflare announces nation-state level breach

AnyDesk says hackers breached production servers, reset passwords

Chicago children’s hospital announces cyberattack

Thanks to today's episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging.

Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization.

Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk.

To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

For the stories behind the headlines, visit CISOseries.com.

Link to blog post

Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Mary Rose Martinez, vp, CISO Marathon Petroleum

Thanks to our show sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo.

All links and the video of this episode can be found on CISO Series.com

Mixin Network loses $200 million 

Kia and Hyundai exploit linked to massive car thefts

Stress testing voting equipment

Thanks to today's episode sponsor, AppOmni

Are you confident in your organization’s SaaS security? AppOmni surveyed 600+ security practitioners globally and 71% answered yes. But 79% experienced SaaS cybersecurity incidents. What’s behind this disconnect? CISOs believe they have a mature level of SaaS cybersecurity using CASB, MFA, and IdP. But these solutions lack unified risk visibility. Without SSPM, they’re blind to the true extent of their SaaS attack surface risk. Don’t gamble with your data. Get the visibility and insights you need to protect your SaaS environment with AppOmni.

Car audio manufacturer Clarion hacked – ALPHV claims responsibility

High-ranking Egyptian politician targeted by Predator spyware

City of Dallas issues report on May cyberattack

Thanks to today's episode sponsor, AppOmni

If you think CASBs effectively secure your SaaS data… think again. CASBs lack visibility into your SaaS estate. Nor can they address and detect risks that arise from SaaS apps’ unlimited endpoints. What you need is a robust SSPM designed to secure the dynamic and extensible nature of SaaS apps and their data. That’s where AppOmni comes in. We continuously monitor your SaaS estate to detect cyber risks and secure your company’s most critical data and workflows. Get started at AppOmni.com.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review, is hosted by Rich Stroffolino  with guest Shawn Bowen, CISO, World Kinect Corporation 

Thanks to our show sponsor, Hyperproof

Is your company scaling? Do you need to quickly add more compliance frameworks but don’t know where to start? Hyperproof has you covered. Hyperproof is a risk and compliance management platform that can help you manage compliance at scale. With Hyperproof, you can quickly add new frameworks, crosswalk controls between frameworks, view your risk posture, and manage your risks, all in one place. Visit hyperproof.io to get started today.

All links and the video of this episode can be found on CISO Series.com

UK launches comprehensive new online safety laws

Cisco buys Splunk

TransUnion denies breach 

Huge thanks to our sponsor, Hyperproof

Is your company scaling? Do you need to quickly add more compliance frameworks but don’t know where to start? Hyperproof has you covered. Hyperproof is a risk and compliance management platform that can help you manage compliance at scale. With Hyperproof, you can quickly add new frameworks, crosswalk controls between frameworks, view your risk posture, and manage your risks, all in one place. Visit hyperproof.io to get started today.

For the stories behind the headlines, head to CISOseries.com.

Cyber attack disrupted Canadian airports

Huawei ships chips for surveillance cameras

Signal adds quantum-resistant encryption

Huge thanks to our sponsor, Hyperproof

It’s more critical than ever to focus on strategically addressing risk, but how can you do it when working with limited resources? That’s where Hyperproof comes in: Hyperproof is a risk and compliance operations platform that helps you automate evidence collection, task management, and collaboration within your organization so you can focus on what matters most: keeping your company secure by prioritizing strategy, not manual processes. Get a demo at Hyperproof.io.

DHS council seeks to simplify cyber incident reporting rules

UK passes the Online Safety Bill

Finland and Europol take down PIILOPUOTI marketplace

Huge thanks to our sponsor, Hyperproof

We get it. You’re a risk manager or compliance professional, and you’re overworked. You’re trying to do the right thing by keeping your company safe and secure, but your technology is holding you back. Why not upgrade to Hyperproof? Hyperproof is a platform that not only eliminates the manual tasks you dread, but helps you scale security. Get a demo today at hyperproof.io.

For the stories behind the headlines, visit CISOseries.com.

Microsoft leaks terabytes of internal data

UK CMA outlines principles for AI regulation

Germany warns of attacks on LNG terminals 

Huge thanks to our sponsor, Hyperproof

Imagine. You have an audit coming up, but instead of the usual rush, you actually feel prepared. You’ve collected your evidence. You can see which risks have been mitigated. And best of all, you don’t have to send out any last-minute emails to other teams begging them for that one screenshot. Sounds like a dream, right? With Hyperproof’s risk and compliance platform, this could be your reality. Get a demo at hyperproof.io.

Lazarus Group suspected in CoinEx robbery

Thailand financial company CardX discloses leak

Ransomware hits trucking software provider

Huge thanks to our sponsor, Hyperproof

Tired of managing risk and compliance in spreadsheets? Sick of tracking down stakeholders to find evidence? Worried about whether that evidence is up to date for your next audit? Hyperproof has you covered. With Hyperproof, you can efficiently manage multiple compliance frameworks and risks in a single place so you can focus on what matters most: keeping your company secure and growing. Visit hyperproof.io to get a demo.

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review, is hosted by Rich Stroffolino with guest Davi Ottenheimer, VP, Trust and Ethics, Inrupt

Thanks to our show sponsor, Conveyor

The team at Lucid software reduced the time spent answering customer security questionnaires by a whopping 91% with Conveyor’s security questionnaire automation software – powered by OpenAI. Compared to the tools on the market, Conveyor’s AI auto-generates the most accurate answers to entire questionnaires so you can spend almost zero time on them. That’s it. That’s the ad. We’ll let you get back to the show, but if you want to take away the pain of questionnaires, try a free proof of concept at www.conveyor.com.

All links and the video of this episode can be found on CISO Series.com

Caesars reportedly paid millions to stop Scattered Spider

Cybersecurity incident impacts Canada’s Weather Network

Blocked LockBit affiliate deploys 3AM instead

Huge thanks to our sponsor, Conveyor

The team at Lucid software reduced the time spent answering customer security questionnaires by a whopping 91% with Conveyor’s security questionnaire automation software - powered by OpenAI. Compared to the tools on the market, Conveyor’s AI auto-generates the most accurate answers to entire questionnaires so you can spend almost zero time on them. That’s it. That’s the ad. We’ll let you get back to the headlines, but if you want to take away the pain of questionnaires, try a free proof of concept at www.conveyor.com.

For the stories behind the headlines, head to CISOseries.com.

NSC asks governments not to pay ransoms

CISA’s open source software security roadmap

Save the Children hit with ransomware

Huge thanks to our sponsor, Conveyor

Got a scary security questionnaire to complete and you’d rather have AI do it? Your infosec friends are making the switch from outdated RFP and compliance tools to Conveyor - the most accurate security questionnaire automation software on the market. The proof is in the AI. Customers are seeing 80-90% accurate answers and decreasing the time spent on questionnaire answering by 91%. We’re excited about the success customers like Lucid and Carta have seen using Conveyor. Try a free proof of concept at www.conveyor.com.

MGM Resorts slot machines and ATMs disrupted by "cybersecurity incident"

Hackers access sensitive data of thousands of Airbus vendors

Cryptoqueen’s sidekick sentenced for $4 billion scam

Huge thanks to our sponsor, Conveyor

Here’s how to measure if your security questionnaire answering software is effective. We benchmarked the RFP and compliance tools on the market and most are only generating accurate responses to questionnaires 20-50% of the time. Ready for 80-90% auto-generated accurate answers so you can fly through your review? Then you should try Conveyor’s AI-security questionnaire automation tool. Don’t believe us? Try a free proof of concept at www.conveyor.com

For the stories behind the headlines, visit CISOseries.com.

UK government sees record critical IT infrastructure attacks

Charming Kitten unleashes Sponsor backdoor

Ransomware costs Sri Lankan government months of data

Huge thanks to our sponsor, Conveyor

The team at Lucid software reduced the time spent answering customer security questionnaires by a whopping 91% with Conveyor’s security questionnaire automation software - powered by OpenAI. Compared to the tools on the market, Conveyor’s AI auto-generates the most accurate answers to entire questionnaires so you can spend almost zero time on them. That’s it. That’s the ad. We’ll let you get back to the headlines, but if you want to take away the pain of questionnaires, try a free proof of concept at www.conveyor.com.

Evil Telegram fake apps send spyware

Akamai announces mitigation of largest DDoS on a US financial company

Rhysida attacks three more hospitals

Huge thanks to our sponsor, Conveyor

What’s scarier than the Sunday scaries? Opening your inbox to a 200 question, 15 tab macro-enabled workbook containing a customer security questionnaire to complete. Let Conveyor's AI security questionnaire automation tool, powered by OpenAI, help your answering process go a lot faster. Spend 91% less time on questionnaires when you get precise answers auto-generated for you. Try a free proof of concept to see how fast you can get through questionnaires with Conveyor at www.conveyor.com

For the stories behind the headlines, head to CISOseries.com.

Link to blog post

This week’s Cyber Security Headlines – Week in Review, is hosted by Rich Stroffolino  with guest Dan Walsh, CISO, VillageMD

Thanks to our show sponsor, Comcast DataBee

DataBee™, from Comcast Technology Solutions, is a cloud-native security, risk and compliance data fabric platform that transforms your security data chaos into connected outcomes. Built by security professionals for security professionals, DataBee makes your data a gold mine, rich with information that enables you to examine the past, react to the present, and protect the future of your business. Learn more at https://comca.st/DataBee.

All links and the video of this episode can be found on CISO Series.com

How Chinese hackers stole a Microsoft signing key

The ICC to prosecute cyberwar crimes

North Korean cyberattacks against Russian targets

Thanks to today's episode sponsor, Comcast

DataBee™, from Comcast Technology Solutions, is a cloud-native security, risk and compliance data fabric platform that transforms your security data chaos into connected outcomes. Built by security professionals for security professionals, DataBee makes your data a gold mine, rich with information that enables you to examine the past, react to the present, and protect the future of your business. Learn more at https://comca.st/DataBee.

CISA close to finalizing incident reporting rules

Krebs on cracked LastPass keys

Connected cars not great for privacy and security

Thanks to today's episode sponsor, Comcast

Are you still using whiteboards and pivoting between tools to find out who owns what data sources and the relationships between data points? It’s time to improve your OODA loop and enhance your security and compliance efforts with  DataBee, from Comcast Technology Solutions. Learn how DataBee weaves together and enriches data from across the enterprise to provide deeper insights into your security, risk and compliance posture. Visit https://comca.st/DataBee.