Category: Cybersecurity Headlines

Link to the episode This week’s Department of Know is hosted by Rich Stroffolino, with guests Jonathan Waldrop, CISO, Acoustic, and Jason Elrod, CISO, MultiCare Health System. Missed the live show? Check it out on YouTube. The Department of Know is live every Friday at 4:00…

Read more →

PAN-OS RCE exploit under active use enabling root access and espionage Polish intelligence says hackers attacked water treatment control systems Ivanti warns of new EPMM flaw exploited in zero-day attacks Get the show notes here: https://cisoseries.com/cybersecurity-news-pan-os-rce-exploit-poland-water-hacks-ivanti-epmm-flaw/ Thanks to our episode…

Read more →

Google Chrome installs 4GB AI model on devices Daemon Tools disk app backdoored in supply-chain attack Crypto’s ‘decentralised finance’ sector hit by investor exodus Get the show notes here: Thanks to our episode sponsor, Vanta Risk and regulation ramping up—and…

Read more →

Video game platform hit by supply chain attack Bleeding Llama could expose your data US gets more early LLM access Get the show notes here: https://cisoseries.com/cybersecurity-news-video-game-supply-chain-attack-bleeding-llama-us-gets-early-llm-access/  Thanks to our episode sponsor, Vanta Risk and regulation ramping up—and customers expect proof…

Read more →

Instructure discloses breach amid leak threats DigiCert revokes certificates Silver Fox targets Indian and Russian orgs Get the show notes here: Thanks to our episode sponsor, Vanta Risk and regulation ramping up—and customers expect proof of security just to do…

Read more →

Telegram Mini Apps deliver Android malware CISA orders Federal agencies to patch cPanel bug by Sunday British cyber agency warns of looming ‘patch wave’ due to speedy AI flaw discovery Get the show notes here: https://cisoseries.com/cybersecurity-news-telegram-mini-apps-malware-cpanel-is-sorry-patch-wave-warning/ Thanks to our episode…

Read more →

This week’s Department of Know is hosted by Rich Stroffolino, with guests Janet Heins, CISO, ChenMed, and TC Niedzialkowski, Head of IT & Security, Opendoor. Missed the live show? Check it out on YouTube. The Department of Know is live every Friday…

Read more →

Critical cPanel and WHM bug exploited as zero-day Swiss police arrest suspected members of Black Axe group HHS ponders government posture for protecting data centers Get the show notes here: https://cisoseries.com/cybersecurity-news-critical-cpanel-zero-day-swiss-black-axe-arrests-hhs-data-center-questions/ Thanks to our episode sponsor, Guardsqaure Attackers are treating…

Read more →

Hackers arrested for selling Roblox accounts Microsoft’s patch for a 0-day falls short US & China partner on Dubai scam takedown Get the show notes here: https://cisoseries.com/cybersecurity-news-roblox-hackers-arrested-microsoft-0-day-falls-short-dubai-scam-takedown/ Thanks to our episode sponsor, Guardsqaure AI is speeding up development, but at…

Read more →

FIDO Alliance working on securing AI agent payments Germany suspects Russia in Signal phishing RCE flaw in open-source robotics platform Get the show notes here: https://cisoseries.com/cybersecurity-news-agent-payments-russian-phishing-lerobot-rce-flaw/  Thanks to our episode sponsor, Guardsqaure Is your mobile app truly protected? Relying on…

Read more →

PhantomRPC flaw enables privilege escalation Checkmarx confirms GitHub data hit dark web PyPI package hacked to push infostealer Get the show notes here: https://cisoseries.com/cybersecurity-news-phantomrpc-flaw-checkmarx-github-dark-web-data-pypi-package-infostealer/ Thanks to our episode sponsor, Guardsqaure Your backend is only as secure as your frontend. Research…

Read more →

ADT says customer data stolen in cyberattack SMS blasting comes to Toronto Researchers find pre-Stuxnet malware targeting engineering software Get the show notes here: https://cisoseries.com/cybersecurity-news-adt-data-breach-toronto-sms-blasting-pre-stuxnet-malware-discovery/ Thanks to our episode sponsor, Guardsquare Mobile app security isn’t just a tech issue; it’s…

Read more →

Link to episode This week’s Department of Know is hosted by Rich Stroffolino, with guests Brett Conlon, CISO, American Century Investments, and Michael Bickford, former CISO, New York State Gaming Commission.  Missed the live show? Check it out on YouTube. The Department of…

Read more →

Cosmetics giant Rituals discloses data breach Apple fixes iOS flaw exploited by the FBI Microsoft Teams Helpdesk impersonation Get the show notes here: https://cisoseries.com/cybersecurity-news-rituals-cosmetics-breach-fbi-ios-flaw-fixed-teams-helpdesk-malware-impersonation/ Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their…

Read more →

OpenAI shares cyber product with government orgs Unauthorized Mythos access, Firebox bugs fixed by Mythos Insurers move to cap LLMjacking cyber payouts Get the show notes here: https://cisoseries.com/cybersecurity-news-new-openai-cyber-product-unauthorized-mythos-access-insurers-to-cap-llmjacking-payouts/ Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond…

Read more →

CISA lacks Mythos access Lovable denies data leak YouTube opens up deepfake detection tool Get the show notes here: https://cisoseries.com/cybersecurity-news-cisa-lacks-mythos-lovables-leak-by-design-youtubes-deepfake-detection/ Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust…

Read more →

Vercel confirms breach, stolen data for sale ZionSiphon targets water infrastructure Bluesky blames outage on DDoS Get the show notes here: https://cisoseries.com/cybersecurity-news-vercel-breach-zionsiphon-targets-water-infrastructure-bluesky-ddos/ Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof…

Read more →

London hospitals continue to suffer from 2024 ransomware attack Four arrested in PowerOFF takedown Microsoft Defender “RedSun” zero-day  Get the show notes here: https://cisoseries.com/cybersecurity-news-london-hospital-ransomware-legacy-poweroff-takedown-microsoft-redsun-zero-day/ Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their…

Read more →

Link to episode page This week’s Department of Know is hosted by Rich Stroffolino, with guests Andrew Storms, security engineering, Kilo Code, and Eduardo Ortiz-Romeu, VP, global head of cybersecurity, Techtronic Industries.  Missed the live show? Check it out on YouTube.…

Read more →

Cisco posts urgent Webex Services warning Splunk issues fixes for Enterprise vulnerability Git identity spoof tricks Claude into approving bad code Get the show notes here: https://cisoseries.com/cybersecurity-news-cisco-webex-warning-splunks-enterprise-fix-git-spoof-tricks-claude/ Huge thanks to our sponsor, Conveyor Happy Friday. Hope there isn’t a fresh…

Read more →