Cyber Security Headlines

REvil ransomware gang uses extended voice calls to pressure victims New Microsoft tool checks Exchange Servers for ProxyLogon hacks Ongoing phishing attacks target US brokers with fake FINRA audits Thanks to our episode sponsor, Trend Micro With organizations rapidly migrating to the cloud, CISOs have new challenges to address. Trend Micro Cloud One™ is a connected SaaS platform comprised of six solutions that address all your cybersecurity needs from workloads, to file storage,...

Fake (right-wing) news does better than real news on Facebook Security firm Qualys says it was victimized in Accelion zero-day CISA issues emergency ‘fix Exchange zero-days NOW!’ directive Thanks to our episode sponsor, TrustMAPP The last audit firm that assessed your security compliance did the interviews, wrote a report, and then left. That’s just half the job. Now you have to identify maturity gaps, cost out and prioritize remediations, and track improvement over time. That’s where...

Link to Blog Post https://cisoseries.com/cyber-security-headlines-week-in-review-march-1-5-2021 This week’s Cyber Security Headlines - Week in Review, March 1-5, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, John Overbaugh (@johnoverbaugh), vp, security, CareCentrix Thanks to our episode sponsor, TrustMAPP Maturity Assessment, Profile, and Plan Learn the MAPP methodology for managing security as a business. While the information security industry has undergone...

Virginia’s Consumer Data Protection Act signed into law Exchange Server zero-days exploited in the wild Facebook to lift political ad ban Thanks to our episode sponsor, TrustMAPP Does your board want to see yet more heat maps? No, they do not. They want to see that security investments align with business goals, and that their costs are objectively justified. TrustMAPP’s data visualization helps you communicate with your board in a way they can understand – and approve.

Microsoft announces end-to-end encryption support for Teams, plus passwordless logins U.S. unprepared for AI competition with China, commission finds Tom Cruise deepfake videos rattle security experts Thanks to our episode sponsor, TrustMAPP Are you a vCISO? Building your practice and client base is hard enough – don’t waste time building the tools you need to operate. TrustMAPP’s turnkey SaaS platform gets you up and running quickly, so you can focus on your business. For the stories...

Gab user data leaked Biden administration to keep tech export ban rules Hackers give websites great SEO before installing malware Thanks to our episode sponsor, TrustMAPP First it was GDRP in the EU, then California’s CCPA. Now Virginia is set to pass its own Consumer Data Protection Act. Are you ready? Get ready with TrustMAPP.

Ryuk ransomware now self-spreads to other Windows LAN devices Go malware sees 2000% increase, adopted by APTs and e-crime groups Former SolarWinds CEO blames intern for 'solarwinds123' password leak Thanks to our episode sponsor, TrustMAPP Attention defense contractors! Are you ready for CMMC? TrustMAPP addresses your CMMC and NIST 800-171 maturity and compliance assessments needs today, and automatically builds a roadmap to achieve your desired level of maturity posture. For more...

Biden orders review of supply chain security China uses malicious Firefox Extension to spy on Tibetans Attackers scan for unpatched VMware servers after PoC exploit release Thanks to our episode sponsor, PlexTrac PlexTrac is the Purple Teaming Platform. Use the Runbooks Module to facilitate your tabletop exercises, red team engagements, breach and attack simulations, and pentest automation to improve communication and collaboration. PlexTrac upgrades your program’s capabilities by...

Link to Blog Post This week’s Cyber Security Headlines – Week in Review, February 22-26, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Naomi Buckwalter (@ineedmorecyber), director of information security and IT, Beam Technologies Please join us live every Thursday at 4pm PT/7pm ET by registering for the open discussion. Thanks to our episode sponsor, PlexTrac PlexTrac is the solution to deal with your data. Aggregate findings from all assessments to produce the...

Microsoft and FireEye push for breach reporting rules US Federal Reserve hit with massive IT outage Path cleared for California’s net neutrality law Thanks to our episode sponsor, PlexTrac Solve your talent shortage with PlexTrac. Use PlexTrac to automate security tasks and workflows to keep your red, blue, and purple teams focused on the real security work. Gain precious time back in your team’s day and improve their morale by making them more effective with PlexTrac. Check out...

Most firms now fear nation state attack Firefox 86 gets privacy boost with Total Cookie Protection Shadow attacks let attackers replace content in digitally signed PDFs Thanks to our episode sponsor, PlexTrac PlexTrac is the solution to deal with your data. Aggregate findings from all assessments to produce the analytics needed to make informed decisions. Produce data visualizations and add them to reports with one click to communicate effectively to leadership. PlexTrac is the premier...

SHAREit fixes security holes Organizations feel the impact of the Accellion exploit China spyware cribs the NSA Thanks to our episode sponsor, PlexTrac Gain a real-time view of security posture with PlexTrac by consolidating scanner findings, assessments, and bug bounty tools. Visualize your posture in the Analytics Module to quickly assess and prioritize, creating a more effective workflow. Map risks to the MITRE ATT&CK framework to create a living risk register. Check out...

Silver Sparrow malware found on 30,000 Macs has security pros stumped SolarWinds hackers stole source code for Microsoft Azure, Exchange, Intune New hack lets attackers bypass MasterCard PIN by using it as Visa card Thanks to our episode sponsor, PlexTrac PlexTrac is a powerful, yet simple, cybersecurity platform that centralizes all security assessments, pentest reports, audit findings, and vulnerabilities. PlexTrac transforms the risk management lifecycle, allowing security...

Dating-app video calls could have been spied on Microsoft pulls buggy Windows update that blocked security updates Windows, Linux servers targeted by new WatchDog botnet Thanks to our episode sponsor, Kenna Security Ready to shift gears to risk-based vulnerability management? Now’s the time. Through Kenna Security’s on-demand educational series Kenna Katalyst, you can learn the six steps needed to start your own risk-based vulnerability management program and make vulnerability...

Link to Blog Post This week’s Cyber Security Headlines - Week in Review, February 15-19, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Mike Johnson, co-Host CISO Vendor Relationship Podcast. Thanks to our episode sponsor, Kenna Security In just one hour, learn how to prioritize your riskiest vulnerabilities and lower your cyber risk through Kenna Katalyst, the newest on-demand educational series from Kenna Security designed to kickstart your risk-based...

SolarWinds attack launched from within the US Facebook restricts Australian news sharing Security researcher finds native Apple Silicon malware Thanks to our episode sponsor, Kenna Security Ready to shift gears to risk-based vulnerability management? Now’s the time. Through Kenna Security’s on-demand educational series Kenna Katalyst, you can learn the six steps needed to start your own risk-based vulnerability management program and make vulnerability management … well, more...

Security bugs left unpatched in Android app with one billion downloads LastPass will restrict free users to only one type of device starting next month North Korea accused of hacking Pfizer for Covid-19 vaccine data Thanks to our episode sponsor, Kenna Security In just one hour, learn how to prioritize your riskiest vulnerabilities and lower your cyber risk through Kenna Katalyst, the newest on-demand educational series from Kenna Security designed to kickstart your risk-based...

France links Russian Sandworm hackers to hosting provider attacks Privacy problems with Azure and Canonical Microsoft estimates thousands of developers touched SolarWinds malware Thanks to our episode sponsor, Kenna Security Kenna Katalyst is Kenna Security’s newest on-demand educational series designed to help you shift gears to risk-based vulnerability management. Get the six key steps you need to go risk-based along with actionable tips to help your team focus on the risks that...

SuperMicro supply chain hack used for counterintelligence for a decade Egregor ransomware operators arrested in Ukraine Scammers target US tax pros in ongoing IRS phishing attacks Thanks to our episode sponsor, Kenna Security Ready to shift gears to risk-based vulnerability management? Now’s the time. Through Kenna Security’s on-demand educational series Kenna Katalyst, you can learn the six steps needed to start your own risk-based vulnerability management program and make...

Pitiful password enabled recent water treatment facility hack Border patrol scans millions of faces, catches 0 imposters at airports India using a glitchy app to inoculate 300 million people by August Thanks to our episode sponsor Altitude Networks Wouldn’t it be great if you could INSTANTLY KNOW if a file containing sensitive information was shared in the wrong way, anywhere in your company AND security had a real time slack notification with a magic “undo button”?! Altitude Networks...