Avsnitt
-
This week's Department of Know is hosted by Rich Stroffolino, with guests Brett Conlon, CISO, American Century Investments, and Jason Thomas, senior director, technology security, governance, and risk, Cystic Fibrosis Foundation.
Missed the live show? Check it out on YouTube.
The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com.
Huge thanks to our episode sponsor, DoppelCybercriminals don't respect your security silos. They use one connected attack chain to hit your brand externally, infiltrate your inbox, and manipulate your team. Stop playing whack-a-mole with fragmented tools. Doppel unifies Digital Risk Protection, Human Risk Management, and Email Security into one unified platform. One attack chain. Three pillars of defense. Zero blind spots. Secure your enterprise relentlessly at doppel.com.
-
Fortinet patches a new critical FortiSandbox flaw
GitHub to disable npm install scripts by default to stop supply chain attacks
Nottingham University announces data breach
Get the show notes here: https://cisoseries.com/cybersecurity-news-fortinet-patches-fortisandbox-github-disables-npm-scripts-nottingham-university-breach/
Thanks to our episode sponsor, Doppel
Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception. We fight relentlessly to protect your business, brand, and people. Doppel. Outpacing what's next in social engineering. Learn more at doppel.com. -
Saknas det avsnitt?
-
Patch Tuesday for the books 'Nightmare Eclipse' drops Windows 0-day
Claude Fable restricted at Microsoft
Get the show notes here: https://cisoseries.com/cybersecurity-news-big-patch-tuesday-nightmare-eclipse-drops-windows-0-day-claude-fable-restricted-at-microsoft/
Thanks to our episode sponsor, Doppel
Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception. We fight relentlessly to protect your business, brand, and people. Doppel. Outpacing what's next in social engineering. Learn more at doppel.com. -
Anthropic releases Claude Fable 5
French government messaging service breached
CISA rethinking risk evaluations
Get the show notes here: https://cisoseries.com/cybersecurity-news-claude-fable-5-tchap-hacked-cisa-priorities/
Thanks to our episode sponsor, Doppel
Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception. We fight relentlessly to protect your business, brand, and people. Doppel. Outpacing what's next in social engineering. Learn more at doppel.com. -
Microsoft malware hits Claude and Gemini users
Mythos can exploit new flaws in hours
AI tool abuse behind Instagram hacks
Get the show notes here: https://cisoseries.com/cybersecurity-news-claude-gemini-malware-mythos-sneaky-flaws-instagram-ai-abuse/
Thanks to our episode sponsor, Doppel
Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception. We fight relentlessly to protect your business, brand, and people. Doppel. Outpacing what's next in social engineering. Learn more at doppel.com. -
Palantir executive considered for CISA leadership
EU unveils tech sovereignty package to cut reliance on U.S., Chinese suppliers
Hackers now exploit SolarWinds Serv-U flaw to crash servers
Get the show notes here: https://cisoseries.com/cybersecurity-news-cisa-palantir-director-eu-tech-sovereignty-solarwinds-serv-u-flaw/
Thanks to our episode sponsor, Doppel
Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception. We fight relentlessly to protect your business, brand, and people. Doppel. Outpacing what's next in social engineering. Learn more at doppel.com. -
This week's Department of Know is hosted by Rich Stroffolino, with guests Robb Dunewood, host, Daily Tech News Show, and David Cross, CISO, Atlassian.
Get the show notes here.
Missed the live show? Check it out on YouTube.
The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com.
Your team just added its 67th AI tool. And unfortunately, also your 67th security blind spot.
The good news: The Vanta Agent works like a GRC engineer in the background, finding every app your team uses, scoring the risk, and drafting fixes for you.
Vanta is the platform used by over sixteen thousand fast-moving companies like Ramp, Cursor, and Harvey who are shaping the future with AI, AND staying ahead of AI risk.
Get started at vanta.com/headlines. -
Chinese cybercrime group sets record pace
Cisco warns of critical Unified CM flaw with PoC exploit code
Hackers spied on a stock exchange executive's Outlook mailbox for five months
Get the show notes here: https://cisoseries.com/cybersecurity-news-chinese-cybercrime-group-cisco-cm-flaw-cisa-faces-changes/
Huge thanks to our episode sponsor, Vanta
Your team just added its 67th AI tool. And unfortunately, also your 67th security blind spot. The good news: The Vanta [rhymes with Santa] Agent works like a GRC engineer in the background, finding every app your team uses, scoring the risk, and drafting fixes for you. Vanta is the platform used by over sixteen thousand fast-moving companies like Ramp, Cursor, and Harvey who are shaping the future with AI, AND staying ahead of AI risk. Get started at vanta.com/headlines. -
Law enforcement cracks down on illegal streamers
The European Commission releases digital sovereignty plan
The startup costs for US cyber force
Get the show notes here: https://cisoseries.com/cybersecurity-news-illegal-streamers-eu-digital-sovereignty-cost-of-a-cyber-force/
Huge thanks to our episode sponsor, Vanta
Your team just added its 67th AI tool. And unfortunately, also your 67th security blind spot. The good news: The Vanta [rhymes with Santa] Agent works like a GRC engineer in the background, finding every app your team uses, scoring the risk, and drafting fixes for you. Vanta is the platform used by over sixteen thousand fast-moving companies like Ramp, Cursor, and Harvey who are shaping the future with AI, AND staying ahead of AI risk. Get started at vanta.com/headlines. -
Russia claims officials' surveillance
Project Glasswing access expands
CISA flags two-year-old Oracle flaw
Get the show notes here: https://cisoseries.com/cybersecurity-news-russia-claims-officials-surveillance-project-glasswing-expands-cisa-flags-two-year-old-oracle-flaw/
Huge thanks to our episode sponsor, Vanta
Your team just added its 67th AI tool. And unfortunately, also your 67th security blind spot. The good news: The Vanta [rhymes with Santa] Agent works like a GRC engineer in the background, finding every app your team uses, scoring the risk, and drafting fixes for you. Vanta is the platform used by over sixteen thousand fast-moving companies like Ramp, Cursor, and Harvey who are shaping the future with AI, AND staying ahead of AI risk. Get started at vanta.com/headlines. -
Meta AI hands over Instagram account access
Dutch police dismantle huge botnet
RedHat packages get backdoored
Get the show notes here: https://cisoseries.com/meta-ai-hands-over-instagram-access-dutch-police-dismantle-botnet-redhat-packages-backdoored/
Huge thanks to our episode sponsor, Vanta
Your team just added its 67th AI tool. And unfortunately, also your 67th security blind spot. The good news: The Vanta [rhymes with Santa] Agent works like a GRC engineer in the background, finding every app your team uses, scoring the risk, and drafting fixes for you. Vanta is the platform used by over sixteen thousand fast-moving companies like Ramp, Cursor, and Harvey who are shaping the future with AI, AND staying ahead of AI risk. Get started at vanta.com/headlines. -
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
ChatGPT share links used to host fake outage pages to deliver malware
Federal audit reveals NIST's NVD problems
Get the show notes here: https://cisoseries.com/cybersecurity-news-globalprotect-vpn-exploited-chatgpt-share-links-exploits-feds-criticize-nist/
Huge thanks to our episode sponsor, Vanta
Your team just added its 67th AI tool. And unfortunately, also your 67th security blind spot. The good news: The Vanta [rhymes with Santa] Agent works like a GRC engineer in the background, finding every app your team uses, scoring the risk, and drafting fixes for you. Vanta is the platform used by over sixteen thousand fast-moving companies like Ramp, Cursor, and Harvey who are shaping the future with AI, AND staying ahead of AI risk. Get started at vanta.com/headlines. -
This week's Department of Know is hosted by Rich Stroffolino, with guests Bruce Schneier, chief of security architecture, Inrupt, and Chris Ray, field CTO, GigaOm.
Missed the live show? Check it out on YouTube.
Huge thanks to our sponsor, GuardsquareMobile security incidents are no longer the exception—they are the norm. Last year, seventy-two percent of companies suffered a mobile app security incident. As the primary gateway to your APIs and data, your mobile app requires more than just basic encryption; it needs a multi-layered security strategy. Protect your brand and your bottom line with layered mobile app protection. Learn more at Guardsquare.com.
-
Fraud gang steals from World Cup fans
Pentagon says US military targeted by location
IBM and Red Hat commit to "Project Lightwell"
Check out your show notes here: https://cisoseries.com/cybersecurity-news-world-cup-fraud-us-military-location-targets-ibm-and-red-hat-go-project-lightwell/
Huge thanks to our sponsor, Guardsquare
Attackers are treating your mobile app like an open book. Sixty-three percent of security leaders recently detected app tampering, cloning, or unauthorized modifications. When your code runs in an untrusted environment, you need runtime self-protection and code hardening to keep attackers out. Address tampering before it starts. Learn more at Guardsquare.com.
-
Glassworm botnet gets shattered
China overhauls world's biggest surveillance network
Charter confirms ShinyHunters data breach
Check out your show notes here: https://cisoseries.com/cybersecurity-news-glassworm-botnet-shattered-china-overhauls-surveillance-charter-confirms-shinyhunters-breach/
Huge thanks to our sponsor, Guardsquare
AI is speeding up development, but at what cost? While ninety-six percent of teams now use AI tools, eighty-one percent report that AI-generated code has introduced new vulnerabilities into their mobile apps. In a world with automated threats, you need multi-layered, polymorphic security to stay ahead of the curve. Learn more at Guardsquare.com.
-
Nimbus Manticore learning new tricks
Phishing moves to real-time credential harvesting
India wants 12-hour patches
Check out your show notes here: https://cisoseries.com/cybersecurity-news-nimbus-manticore-real-time-credential-harvesting-12-hour-patches/
Huge thanks to our sponsor, Guardsquare
Is your mobile app truly protected? Relying on the OS isn't enough. A global study of thirteen-hundred security and developer leaders found that ninety-six percent of teams using layered protection reported significantly fewer security incidents. Don't wait for a breach to harden your defenses. Get the protection needed for modern secuirty risks. Learn more at Guardsquare.com.
-
'Megalodon' infects GitHub repositories
Netherlands seizes 800 servers over cyberattacks
Ghost CMS exploited for ClickFix attacks
Check out your show notes here: https://cisoseries.com/cybersecurity-news-megalodon-infects-github-netherlands-server-seize-ghost-cms-exploited-for-clickfix/
Huge thanks to our sponsor, Guardsquare
Your backend is only as secure as your frontend. Research shows that client-side compromise is now a primary driver of API risk. With sixty-three percent of leaders detecting mobile app tampering or cloning last year, don't leave your mobile app security to chance. Get multilayered protection for your entire mobile app ecosystem from the outside in. Learn more at Guardsquare.com.
-
CISA adds Drupal Core flaw to KEV
Underminr hides malicious connections behind trusted domains
Canadian man charged with running KimWolf DDoS botnet
Check out your show notes here: https://cisoseries.com/cybersecurity-news-drupal-kev-addition-underminr-revives-domain-fronting-canadian-kimwolf-arrest/
Huge thanks to our sponsor, Guardsquare
Mobile app security isn't just a tech issue; it's a revenue issue. A recent global study found that seventy-two percent of organizations experienced a mobile app security incident last year. Even worse? Sixty-five percent saw customer churn or uninstalls as a result. Protect your brand and your bottom line with layered mobile app protection. Learn more at Guardsquare.com.
-
This week's Department of Know is hosted by Rich Stroffolino, with guests Kathleen Mullin, former CISO, MyCareGorithm, and Nick Espinosa, host, Deep Dive Radio Show.
Missed the live show? Check it out on YouTube.
The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com.
Huge thanks to our sponsor, ThreatLockerThreatLocker is extending Zero Trust beyond endpoint control. With their recent release
of Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on
credentials alone, it requires the right user, the right device, and the right conditions.
Because as we've seen in recent large-scale CRM breaches, stolen credentials and
misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is
exposed, and access is limited to exactly what's needed. Learn more and start your free
trial today at ThreatLocker.com/CISO. -
Cisco issues 10.0 Secure Workload admin flaw warning
Spammers abuse internal Microsoftonline account
Google's surge in Chrome vulnerability announcements
Get the show notes here: https://cisoseries.com/cybersecurity-news-ciscos-10-0-vulnerability-microsoft-email-spammed-chrome-vulnerability-surge/
Thanks to our episode sponsor, ThreatLocker
ThreatLocker is extending Zero Trust beyond endpoint control. With their recent release of Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.
- Visa fler
