Link to episode page

This week's Department of Know is hosted by Rich Stroffolino with guests Davi Ottenheimer, vp, digital trust and ethics, Inrupt, and Rob Teel, Field CTO, GigaOm

Thanks to our show sponsor, ThreatLocker

Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats — stop them with ThreatLocker.

All links and the video of this episode can be found on CISO Series.com

Australia warns of BADCANDY attacks exploiting Cisco IOS XE

Chinese hackers exploiting Cisco ASA firewalls used by governments worldwide

OpenAI's Aardvark GPT-5 agent finds and fixes code flaws automatically

Huge thanks to our sponsor, ThreatLocker

Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats — stop them with ThreatLocker.

Find the stories behind the headlines at CISOseries.com.

Huge thanks to our sponsor, ThreatLocker

Cybercriminals don't knock — they sneak in through the cracks other tools miss. That's why organizations are turning to ThreatLocker. As a zero-trust endpoint protection platform, ThreatLocker puts you back in control, blocking what doesn't belong and stopping attacks before they spread. Zero Trust security starts here — with ThreatLocker

AMD warns of new Meltdown, Spectre-like bugs affecting CPUs

Multiple vulnerabilities in Mozilla Thunderbird could allow for arbitrary code execution

Bitcoin Depot breach exposes data of nearly 27,000 crypto users, More than $40 million stolen from GMX crypto platform

Huge thanks to our sponsor, Vanta

Do you know the status of your compliance controls right now? Like...right now?

We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks.

But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001.

They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC.

Get started at Vanta.com/headlines

FBI uncovers Chinese and Huawei misdeeds

5.4 million Twitter accounts available for sale

Microsoft warns that new Windows updates may break printing

Thanks to today's episode sponsor, Snyk

Developers want to code fast and security wants to ship securely. And that's why they both choose Snyk.
Backed by industry-leading security intelligence, Snyk provides real-time scanning with automated fixes and remediation advice right from the tools and workflows developers use.

Code, dependencies, containers, cloud infrastructure... all of it.

And while developers are building securely, Snyk gives security teams a bird's eye view of all of their projects, so they can prioritize and focus their efforts in the right places.

Developer tested. Security approved. Start your free Snyk account at snyk.co/cybersecurity.

 For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post

This week's Cyber Security Headlines – Week in Review, June 6-10, is hosted by Rich Stroffolino with our guest, Renee Guttmann, Former CISO, Campbell Soup, Coca Cola, Time Warner

Thanks to this week's sponsor, 6clicks

6clicks is your AI-powered GRC platform, featuring a fully-integrated content library. 6clicks provides organizations with a powerful GRC platform to build highly scalable risk and compliance functions and advisors with the tools to streamline and scale their services, saving everyone enormous time and money. Reimagine risk. Improve cybersecurity. Demonstrate compliance. For more information visit 6clicks.com/cisoseries.

All links and the video of this episode can be found on CISO Series.com

Microsoft Teams outage also takes down Microsoft 365 services

Heatwave forced Google and Oracle to shut down in London

Hackers for hire: adversaries employ "cyber mercenaries"

Thanks to today's episode sponsor, 6clicks

Experience the magic of Hailey, the 6clicks artificial intelligence engine for risk and compliance. With Hailey, organizations can automatically show cross-compliance between regulations or identify gaps to external compliance requirements in their policies. Eliminate manual and costly risk and compliance processes by joining the hundreds of businesses that trust 6clicks. For more information visit 6clicks.com/cisoseries.

For the stories behind the headlines, head to CISOseries.com.

Microsoft cuts security jobs amidst weakening economy

Is your cute little Neopet leaking your personal data?

Russia disguises malware as Ukrainian app for hacking Russia

Thanks to today's episode sponsor, 6clicks

The 6clicks GRC solution comes with a fully integrated content library full of hundreds of standards, assessment templates, libraries, playbooks, and more. With the content library included in every 6clicks license, organizations can get started on their GRC implementation faster than ever before. For more information visit 6clicks.com/content.

For the stories behind the headlines, head over to CISOseries.com

Car GPS tracker exposes location data

Russian malware groups spoof pro-Ukraine apps

MacOS backdoor speaks to the cloud

Thanks to today's episode sponsor, 6clicks

Your GRC solution is only as valuable as the reports it can generate. Provide an exceptional analytics experience for all your GRC stakeholders with the 6clicks reporting suite. Unlock powerful insights and prove compliance using dashboards and charts, pixel perfect reporting, presentations, and data storytelling via LiveDocs. For more information visit 6clicks.com/analytics/overview.

Albania hit with cyberattack

Vendors not patching for speculative execution

DARPA looks into open-source

Thanks to today's episode sponsor, 6clicks

6clicks has pioneered a unique Hub & Spoke architecture to underpin its AI-powered GRC solution and cater to markets requiring scalable, multi-tenanted GRC. This model enables organizations to deploy multiple, autonomous GRC entities connected to a single hub for roll-up reporting, management, and visibility. For more information visit 6clicks.com/lp-enterprise-hub-spoke.

Dozens of cities and towns are paying tech workers to abandon Silicon Valley

CISA orders agencies to patch new Windows zero-day used in attacks

Password recovery tool infects industrial systems with Sality malware

Thanks to today's episode sponsor, 6clicks

The 6clicks AI-powered GRC platform with an integrated content library is the most intelligent way to get ISO 27001 certified. It allows you to automate audits, manage risks, track assets, and report in real-time. Join hundreds of businesses that trust 6clicks and start your ISO 27001 journey today. For more information visit 6clicks.com/lp-iso-27001.

For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post

This week's Cyber Security Headlines – Week in Review, June 6-10, is hosted by Rich Stroffolino with our guest, Carla Sweeney, VP Information Security Red Ventures

Thanks to our episode sponsor, Edgescan

Edgescan simplifies Vulnerability Management by delivering a single full-stack solution (SaaS) integrated with world-class security professionals. Instead of managing a plethora of point scanning tools for each layer of the attack surface and squandering precious staff resources manually removing false positives, Edgescan offers automated and accurate contextualized alerts across the entire attack surface into a single source of truth.

All links and the video of this episode can be found on CISO Series.com

Ex-C.I.A. engineer convicted in biggest theft ever of Agency secrets

Chinese hackers targeted U.S. political reporters just ahead of January 6 attack, researchers say

Twitter outage briefly hits thousands

Thanks to today's episode sponsor, Edgescan

Edgescan simplifies Vulnerability Management by delivering a single full-stack solution (SaaS) integrated with world-class security professionals. Instead of managing a plethora of point scanning tools for each layer of the attack surface and squandering precious staff resources manually removing false positives, Edgescan offers automated and accurate contextualized alerts across the entire attack surface into a single source of truth.

For the stories behind the headlines, head to CISOseries.com.

Microsoft warns of massive phishing operation

Android malware downloaded over 3 million times

More speculative-execution attacks found for x86

Thanks to today's episode sponsor, Edgescan

Scalable automated and continuous Attack Surface Management (ASM) and vulnerability detection integrated with a world-class cyber security team provide 100% false-positive-free alerts and expert remediation guidance.

Four members of President Trump's cabinet impersonated

Is this some kind of a game?

Batavia attacks Russian industrial companies

Huge thanks to our sponsor, Vanta

Do you know the status of your compliance controls right now? Like...right now?

We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks.

But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001.

They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC.

Get started at Vanta.com/headlines

FTC is cracking down on false claims of anonymizing data

TikTok halts privacy policy change in Europe

Government contractor pays $9 million over whistleblower allegations

Thanks to today's episode sponsor, Edgescan

Edgescan combines full-stack coverage with integrated reporting and business-level prioritization to deliver a single source of truth for your entire vulnerability management program with zero false positives.

For the stories behind the headlines, head to CISOseries.com

Ransomware hits French telco

NSO Group acquisition called off

Krebs on Experian security

Thanks to today's episode sponsor, Edgescan

Edgescan offers a single platform solution that covers the full stack, from Web Applications to APIs to the Network and data layer. Continuous Attack Surface Management coupled with automated & strategic Pen-testing as a Service (PTaaS) yields fully scalable coverage.

China tries to censor what could be biggest data hack in history

Pentagon: We'll pay you if you can find a way to hack us

Tech's red-hot hiring spree shows signs of cooling

Thanks to today's episode sponsor, Edgescan

Edgescan simplifies Vulnerability Management by delivering a single full-stack solution (SaaS) integrated with world-class security professionals. Instead of managing a plethora of point scanning tools for each layer of the attack surface and squandering precious staff resources manually removing false positives, Edgescan offers automated and accurate contextualized alerts across the entire attack surface into a single source of truth.

For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post

Cyber Security Headlines – Week in Review – July 4-8, 2022   This week's Cyber Security Headlines – Week in Review, June 6-10, is hosted by Rich Stroffolino with our guest, David Cross, SVP/CISO Oracle SaaS Cloud

Thanks to today's episode sponsor, Votiro

Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything – including Microsoft 365. Learn more at Votiro.com.

All links and the video of this episode can be found on CISO Series.com

Cisco and Fortinet release security patches for multiple products

Canada's RCMP have been using powerful malware to snoop on people's communications

Online programming IDEs can be used to launch remote cyberattacks

Thanks to today's episode sponsor, Votiro

Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything – including Microsoft 365. Learn more at Votiro.com.

For the stories behind the headlines, head to CISOseries.com.

Attackers moving off Cobalt Strike

Cyberattacks against law enforcement on the rise

Apple announces lockdown mode

Thanks to today's episode sponsor, Votiro

Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything – including Microsoft 365. Learn more at Votiro.com.

Hacker may have stolen personal data of 1 billion Chinese citizens

Ukrainian police take down phishing gang behind payments scam

NIST unveils 'quantum-proof' cryptography algorithms

Thanks to today's episode sponsor, Votiro

Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything – including Microsoft 365. Learn more at Votiro.com.

For the stories behind the headlines, head to CISOseries.com

Jenkins discloses dozens of zero-day bugs in multiple plugins

Rogue HackerOne employee steals bug reports to sell on the side

Patchable and preventable security issues lead causes of Q1 attacks

Thanks to today's episode sponsor, Votiro

Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything – including Microsoft 365. Learn more at Votiro.com.

For the stories behind the headlines, head to CISOseries.com. 

A new sophisticated malware is attacking SOHO routers

New study shows over half of employees use prohibited apps

Google battles bots, puts Workspace admins on alert

Thanks to today's episode sponsor, Optiv

The modern enterprise needs a solution as unique as its business.

Optiv's Advanced Detection and Response (ADR) works with your organization to comb through the D&R clutter and find the ideal security solutions for your business. ADR delivers tailored detection and response backed by technology, real-time intel and deep expertise applied at touch. Bottom line: ADR finds and neutralizes threats fast, so you can focus on what matters.

If you'd like to learn more about Optiv ADR, please visit Optiv.com/adr.

For the stories behind the headlines, head to CISOseries.com.

NATO to create rapid response cyber force

FBI warns of deep fakes for remote work

Ship controls identified as another major attack surface

Thanks to today's episode sponsor, Optiv

The modern enterprise needs a solution as unique as its business.

Optiv's Advanced Detection and Response (ADR) works with your organization to comb through the D&R clutter and find the ideal security solutions for your business. ADR delivers tailored detection and response backed by technology, real-time intel and deep expertise applied at touch. Bottom line: ADR finds and neutralizes threats fast, so you can focus on what matters.

If you'd like to learn more about Optiv ADR, please visit Optiv.com/adr.

Call of Duty game pulled from PC store after reported exploit

U.S. military gets cybersecurity boost

Bank employee helped hackers steal $100M

Huge thanks to our sponsor, Vanta

Do you know the status of your compliance controls right now? Like...right now?

We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks.

But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001.

They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC.

Get started at Vanta.com/headlines

Stolen PII and deepfakes used to apply for tech jobs

Russia fines foreign firms for data violations

Premier League crypto sponsorships expose fans to big losses

Thanks to today's episode sponsor, Optiv

The modern enterprise needs a solution as unique as its business.

Optiv's Advanced Detection and Response (ADR) works with your organization to comb through the D&R clutter and find the ideal security solutions for your business. ADR delivers tailored detection and response backed by technology, real-time intel and deep expertise applied at touch. Bottom line: ADR finds and neutralizes threats fast, so you can focus on what matters.

If you'd like to learn more about Optiv ADR, please visit Optiv.com/adr.

 For the stories behind the headlines, head to CISOseries.com

Ransomware gang launches bug bounty

KillNet claims DDoS on Lithuania

ICS security bill passes House

Thanks to today's episode sponsor, Optiv

The modern enterprise needs a solution as unique as its business.

Optiv's Advanced Detection and Response (ADR) works with your organization to comb through the D&R clutter and find the ideal security solutions for your business. ADR delivers tailored detection and response backed by technology, real-time intel and deep expertise applied at touch. Bottom line: ADR finds and neutralizes threats fast, so you can focus on what matters.

If you'd like to learn more about Optiv ADR, please visit Optiv.com/adr.

New phishing method bypasses MFA using Microsoft WebView2 apps

Russian threat actors may be behind the explosion at Texas liquefied natural gas plant

Google reveals sophisticated Italian spyware campaign targeting victims in Italy, Kazakhstan

Thanks to today's episode sponsor, Optiv

The modern enterprise needs a solution as unique as its business.

Optiv's Advanced Detection and Response (ADR) works with your organization to comb through the D&R clutter and find the ideal security solutions for your business. ADR delivers tailored detection and response backed by technology, real-time intel and deep expertise applied at touch. Bottom line: ADR finds and neutralizes threats fast, so you can focus on what matters.

If you'd like to learn more about Optiv ADR, please visit Optiv.com/adr

For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post

This week's Cyber Security Headlines – Week in Review, June 6-10, is hosted by Rich Stroffolino with our guest, Marnie Wilking, CISO, Wayfair

Thanks to today's episode sponsor, Optiv

Modernizing your identity control plane from AD to the cloud is complex. Ralph Martino, who is leading the identity and access management (IAM) group for Optiv, discusses what challenges CISOs are facing in today's ever-changing climate:
• Increasing security
• Decreasing risk
• Lowering cost
Learn more at www.optiv.com/IAM-Microsoft.

All links and the video of this episode can be found on CISO Series.com

Cloud email threats soar 101% in a year

NHS warns of scam COVID-19 text messages

Fancy Bear uses nuke threat lure to exploit 1-click bug

Thanks to today's episode sponsor, Optiv

Modernizing your identity control plane from AD to the cloud is complex. Ralph Martino, who is leading the identity and access management (IAM) group for Optiv, discusses what challenges CISOs are facing in today's ever-changing climate:
• Increasing security
• Decreasing risk
• Lowering cost
Learn more at www.optiv.com/IAM-Microsoft.

For the stories behind the headlines, head to CISOseries.com.

Daycare apps found insecure

Encryption flaws found in Mega

Microsoft retires cloud facial recognition

Thanks to today's episode sponsor, Optiv

Modernizing your identity control plane from AD to the cloud is complex. Ralph Martino, who is leading the identity and access management (IAM) group for Optiv, discusses what challenges CISOs are facing in today's ever-changing climate:
• Increasing security
• Decreasing risk
• Lowering cost
Learn more at www.optiv.com/IAM-Microsoft.

Cloudflare outage impacts crypto exchanges

Biden signs a pair of cybersecurity bills

7-zip now supports Windows 'Mark-of-the-Web' security feature

Thanks to today's episode sponsor, Optiv

Modernizing your identity control plane from AD to the cloud is complex. Ralph Martino, who is leading the identity and access management (IAM) group for Optiv, discusses what challenges CISOs are facing in today's ever-changing climate:
• Increasing security
• Decreasing risk
• Lowering cost
Learn more at www.optiv.com/IAM-Microsoft.

For the stories behind the headlines, head to CISOseries.com

Windows downloads blocked in Russia

The importance of receipts

Chrome extensions can be used for fingerprinting

Thanks to today's episode sponsor, Optiv

Modernizing your identity control plane from AD to the cloud is complex. Ralph Martino, who is leading the identity and access management (IAM) group for Optiv, discusses what challenges CISOs are facing in today's ever-changing climate:
• Increasing security
• Decreasing risk
• Lowering cost
Learn more at www.optiv.com/IAM-Microsoft.

US DoJ announces shut down of Russian RSOCKS Botnet

Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS

Mixed results for Russia's aggressive Ukraine information war, experts say

Thanks to today's episode sponsor, Optiv

Modernizing your identity control plane from AD to the cloud is complex. Ralph Martino, who is leading the identity and access management (IAM) group for Optiv, discusses what challenges CISOs are facing in today's ever-changing climate:
• Increasing security
• Decreasing risk
• Lowering cost
Learn more at www.optiv.com/IAM-Microsoft.

For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post

This week's Cyber Security Headlines – Week in Review, June 6-10, is hosted by Rich Stroffolino with our guest, Ariel Weintraub, CISO, MassMutual

Thanks to today's episode sponsor, Datadog

Check out Datadog's on-demand fireside chat with CTO Cormac Brady. Over the course of his 20+ year career at Thomson Reuters, Cormac consistently built bridges between technical teams—and in the process helped teams achieve superior results and earned himself senior leadership positions. Watch now at datadoghq.com/ciso/

All links and the video of this episode can be found on CISO Series.com

Ingram Micro suffers ransomware attack

Hacker leaks Telefónica data allegedly from new breach

ChatGPT prone to recommending wrong URLs, creating a new phishing opportunity

Huge thanks to our sponsor, Vanta

Do you know the status of your compliance controls right now? Like...right now?

We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks.

But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001.

They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC.

Get started at Vanta.com/headlines

Find the stories behind the headlines at CISOseries.com.

House Armed Services chair calls national security software, systems 'too vulnerable'

Microsoft Office 365 AutoSave can assist cloud ransomware attacks

OMIGOD! There's more to OMIGOD

Thanks to today's episode sponsor, Datadog

Watch Datadog's on-demand webinar for a 30-minute discussion on driving DevSecOps best practices in the enterprise with CTO Cormac Brady.
Over the course of his 20+ year career at Thomson Reuters, Cormac consistently built bridges between technical teams—and in the process helped teams achieve superior results and earned himself senior leadership positions.
Cormac shares stories and leadership lessons that are applicable to any enterprise technical leader looking to help their firm build and operate services in an increasingly competitive and treacherous digital economy. Watch now at datadoghq.com/ciso/

For the stories behind the headlines, head to CISOseries.com.

Cloudflare repels another record DDoS

Africa's largest supermarket chain hit with ransomware

Resurgence in travel not ignored by threat actors

Thanks to today's episode sponsor, Datadog

Check out Datadog's on-demand fireside chat with CTO Cormac Brady. Over the course of his 20+ year career at Thomson Reuters, Cormac consistently built bridges between technical teams—and in the process helped teams achieve superior results and earned himself senior leadership positions. Watch now at datadoghq.com/ciso/

US defense contractor discusses takeover of NSO spyware

DoJ will no longer prosecute ethical hackers

Attack on Kaiser Permanente exposes data of thousands of customers

Thanks to today's episode sponsor, Datadog

Watch Datadog's on-demand webinar for a 30-minute discussion on driving DevSecOps best practices in the enterprise with CTO Cormac Brady.
Over the course of his 20+ year career at Thomson Reuters, Cormac consistently built bridges between technical teams—and in the process helped teams achieve superior results and earned himself senior leadership positions.
Cormac shares stories and leadership lessons that are applicable to any enterprise technical leader looking to help their firm build and operate services in an increasingly competitive and treacherous digital economy. Watch now at datadoghq.com/ciso/

For the stories behind the headlines, head to CISOseries.com

Leaky continuous integration logs

Exchange servers used to deploy Black Cat

Bluetooth can be used to track phones

Thanks to today's episode sponsor, Datadog

Check out Datadog's on-demand fireside chat with CTO Cormac Brady. Over the course of his 20+ year career at Thomson Reuters, Cormac consistently built bridges between technical teams—and in the process helped teams achieve superior results and earned himself senior leadership positions. Watch now at datadoghq.com/ciso/

Amazon's chat app has a child sex abuse problem

Ransomware decryptors now for sale on gaming platform

China's biggest online influencers go dark

Thanks to today's episode sponsor, Datadog

Watch Datadog's on-demand webinar for a 30-minute discussion on driving DevSecOps best practices in the enterprise with CTO Cormac Brady.
Over the course of his 20+ year career at Thomson Reuters, Cormac consistently built bridges between technical teams—and in the process helped teams achieve superior results and earned himself senior leadership positions.
Cormac shares stories and leadership lessons that are applicable to any enterprise technical leader looking to help their firm build and operate services in an increasingly competitive and treacherous digital economy. Watch now at datadoghq.com/ciso/

For the stories behind the headlines, head to CISOseries.com

Link to Blog Post

This week's Cyber Security Headlines – Week in Review, June 6-10, is hosted by Rich Stroffolino with our guest, Upendra Mardikar, CSO, Snap Finance

PlexTrac is the platform that empowers your offensive security team to spend more time hacking and less time reporting. Build better reports in half the time, centralize your data, maximize your reusable content, and become more efficient and effective. PlexTrac clients report a "5X ROI in 1 year," a "30% increase in efficiency," have "cut their reporting cycle by 65%," and experienced a "18 to 22% time savings per engagement." 

Check out PlexTrac.com/CISOSeries to learn how PlexTrac can help your team deliver results.

All links and the video of this episode can be found on CISO Series.com

MFA could be long haul for some federal agencies says CISA official

New Emotet variant stealing users' credit card information from Google Chrome

Symantec: More malware operators moving in to exploit Follina

Thanks to today's episode sponsor, PlexTrac

PlexTrac is the platform that empowers your offensive security team to spend more time hacking and less time reporting. Build better reports in half the time, centralize your data, maximize your reusable content, and become more efficient and effective. PlexTrac clients report a "5X ROI in 1 year," a "30% increase in efficiency," have "cut their reporting cycle by 65%," and experienced a "18 to 22% time savings per engagement." 

Check out PlexTrac.com/CISOSeries to learn how PlexTrac can help your team deliver results.

For the stories behind the headlines, head to CISOseries.com.

Lack of reporting hurting the ransomware fight

CISA warns of China-linked network snooping

Personal information marketplace taken down

Thanks to today's episode sponsor, PlexTrac

PlexTrac is the platform that empowers your offensive security team to spend more time hacking and less time reporting. Build better reports in half the time, centralize your data, maximize your reusable content, and become more efficient and effective. PlexTrac clients report a "5X ROI in 1 year," a "30% increase in efficiency," have "cut their reporting cycle by 65%," and experienced a "18 to 22% time savings per engagement." 

Check out PlexTrac.com/CISOSeries to learn how PlexTrac can help your team deliver results.

Passwords are finally dead

Hackers steal credit cards from online gun shops

Shields data breach affects 2 million patients

Thanks to today's episode sponsor, PlexTrac

The best penetration tests begin and end with PlexTrac. PlexTrac can improve efficiency and effectiveness at every phase of your proactive assessments. By centralizing the data from all your automation tools, cataloging important reusable content for easy access, and promoting communication and visibility at every phase of an assessment, PlexTrac cuts reporting time in half and adds value between reports. 

Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the premier pentest reporting and management platform. 

For the stories behind the headlines, head to CISOseries.com

The once and future AlphaBay

Karakurt adopts bill collector tactics

China concludes its cybersecurity review of Didi

Thanks to today's episode sponsor, PlexTrac

PlexTrac is the platform that empowers your offensive security team to spend more time hacking and less time reporting. Build better reports in half the time, centralize your data, maximize your reusable content, and become more efficient and effective. PlexTrac clients report a "5X ROI in 1 year," a "30% increase in efficiency," have "cut their reporting cycle by 65%," and experienced a "18 to 22% time savings per engagement." 

Check out PlexTrac.com/CISOSeries to learn how PlexTrac can help your team deliver results.

Undetectable Android spyware leaks user logins

Hunters ransomware group shuts doors

Medical device company Surmodics reports cyberattack

Huge thanks to our sponsor, Palo Alto Networks

You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them.

Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities.

Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response

Find the stories behind the headlines at CISOseries.com.

Evasive phishing mixes reverse tunnels and URL shortening services

Exploit released for Atlassian Confluence RCE bug, patch now

Lawmakers are racing to pass tech antitrust reforms before midterms

Thanks to today's episode sponsor, PlexTrac

The best penetration tests begin and end with PlexTrac. PlexTrac can improve efficiency and effectiveness at every phase of your proactive assessments. By centralizing the data from all your automation tools, cataloging important reusable content for easy access, and promoting communication and visibility at every phase of an assessment, PlexTrac cuts reporting time in half and adds value between reports. 

Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the premier pentest reporting and management platform. 

For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post

This week's Cyber Security Headlines – Week in Review, May 30-June 3, is hosted by Rich Stroffolino with our guest, Steve Zalewski, Co-host, Defense in Depth

Thanks to today's episode sponsor, Feroot

All links and the video of this episode can be found on CISO Series.com