Cyber Security Headlines

Microsoft WSUS vulnerability could allow for remote code execution Fake LastPass death claims used to breach password vaults New CoPhish attack steals OAuth tokens via Copilot Studio agents Huge thanks to our sponsor, Conveyor If security questionnaires make you feel like you're drowning in chaos, you're not alone. Endless spreadsheets, portals, and questions—always when you least expect them. Conveyor brings calm to the storm. With AI that auto-fills questionnaires and a trust center that shares all your docs in one place, you'll feel peace where there used to be panic. Find your security review zen at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests David Cross, CISO, Atlassian, and davidcrosstravels.com, and Montez Fitzpatrick, CISO, Navvis Thanks to our show sponsor, ThreatLocker   Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats — stop them with ThreatLocker. All links and the video of this episode can be found on CISO Series.com      

Jingle Thief hackers steal millions in gift cards by exploiting cloud infrastructure Lazarus hackers targeted European defense companies Deep Tech work culture pushes for 72 hour workweeks  Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats — stop them with ThreatLocker. Find the stories behind the headlines at CISOseries.com.

TP-Link urges updates for Omada gateways MuddyWater targets organizations in espionage campaign "SessionReaper" flaw exploited in Adobe Commerce Huge thanks to our sponsor, ThreatLocker Cybercriminals don't knock — they sneak in through the cracks other tools miss. That's why organizations are turning to ThreatLocker. As a zero-trust endpoint protection platform, ThreatLocker puts you back in control, blocking what doesn't belong and stopping attacks before they spread. Zero Trust security starts here — with ThreatLocker

Russian state hackers replace burned malware with new tools Recent Windows updates cause login issues on some PCs Sophisticated campaign targets servers of high-profile organizations Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats — stop them with ThreatLocker.

DNS failure leads to AWS outage China accuses NSA of hacking national time center Chrome store flooded with high-risk WhatsApp automation Huge thanks to our sponsor, ThreatLocker Cybercriminals don't knock — they sneak in through the cracks other tools miss. That's why organizations are turning to ThreatLocker. As a zero-trust endpoint protection platform, ThreatLocker puts you back in control, blocking what doesn't belong and stopping attacks before they spread. Zero Trust security starts here — with ThreatLocker  

Europol dismantles 49 million fake account SIM farm Envoy Air confirms Oracle E-Business Suite compromise Cybercrime group Everest claims Collins Aerospace hack Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats — stop them with ThreatLocker. Find the stories behind the headlines at CISOseries.com.  

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Tom Hollingsworth, networking technology advisor, The Futurum Group, as well as on BlueSky, and Brett Conlon, CISO, American Century Investments Thanks to our show sponsor, Vanta What's your 2 AM security worry?   Is it "Do I have the right controls in place?"   Or "Are my vendors secure?"    ….or the really scary one: "how do I get out from under these old tools and manual processes?   Enter Vanta.   Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME. With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep.   Get started at vanta.com/headlines All links and the video of this episode can be found on CISO Series.com

Sotheby's suffers cyberattack Hackers exploit Cisco SNMP flaw in "Zero Disco' attacks Microsoft revokes more than 200 certificates to disrupt ransomware campaign Huge thanks to our sponsor, Vanta What's your 2 AM security worry?   Is it "Do I have the right controls in place?"   Or "Are my vendors secure?"   ....or the really scary one: "how do I get out from under these old tools and manual processes?   Enter Vanta.   Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires.   Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale.   Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME.   With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep.   Get started at vanta.com/headlines   Find the stories behind the headlines at CISOseries.com.

MANGO discloses data breach Threat group 'Jewelbug' infiltrates Russian IT network F5 discloses breach tied to nation-state threat actor Huge thanks to our sponsor, Vanta What's your 2 AM security worry?   Is it "Do I have the right controls in place?"   Or "Are my vendors secure?"   ....or the really scary one: "how do I get out from under these old tools and manual processes?   Enter Vanta.   Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires.   Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale.   Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME.   With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep.   Get started at vanta.com/headlines  

Legacy Windows protocols still expose theft Fortra admits exploitation of GoAnywhere defect Taiwan claims surge in Chinese attack efforts Huge thanks to our sponsor, Vanta What's your 2 AM security worry?   Is it "Do I have the right controls in place?"   Or "Are my vendors secure?"   ....or the really scary one: "how do I get out from under these old tools and manual processes?   Enter Vanta.   Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires.   Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale.   Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME.   With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep.   Get started at vanta.com/headlines  

Millions of records exposed in Salesforce data leak SimonMed breach grows from hundreds to over a million Dutch government freezes Chinese-owned chipmaker Huge thanks to our sponsor, Vanta What's your 2 AM security worry?   Is it "Do I have the right controls in place?"   Or "Are my vendors secure?"   ....or the really scary one: "how do I get out from under these old tools and manual processes?   Enter Vanta.   Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires.   Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale.   Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME.   With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep.   Get started at vanta.com/headlines  

  Huge thanks to our sponsor, Vanta What's your 2 AM security worry?   Is it "Do I have the right controls in place?"   Or "Are my vendors secure?"   ....or the really scary one: "how do I get out from under these old tools and manual processes?   Enter Vanta.   Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires.   Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale.   Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME.   With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep.   Get started at vanta.com/headlines   Find the stories behind the headlines at CISOseries.com.  

Link to episode page This week's Cyber Security Headlines - Week in Review is hosted by Rich Stroffolino with guests Mike Lockhart, CISO Eagleview, and Dustin Sachs, chief technologist at CyberRisk collaborative, and author of Behavioral Insights in Cybersecurity Thanks to our show sponsor, ThreatLocker Cybercriminals don't knock — they sneak in through the cracks other tools miss. That's why organizations are turning to ThreatLocker. As a zero-trust endpoint protection platform, ThreatLocker puts you back in control, blocking what doesn't belong and stopping attacks before they spread. Zero Trust security starts here — with ThreatLocker" All links and the video of this episode can be found on CISO Series.com      

Azure outage blocks access to Microsoft 365 services and admin portals Major U.S. law firm suffers cyberattack Hacktivists aiming for critical infrastructure get pwned Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats — stop them with ThreatLocker. Learn more at ThreatLocker.com. Find the stories behind the headlines at CISOseries.com.