Cybersecurity Headlines

Ukraine takes down social media bot farm Federal use of cell siphoning tech on the rise Microsoft expands security business Thanks to our episode sponsor, Datadog Datadog's Cloud Security Platform delivers real-time threat detection and continuous configuration audits across your entire production environment, so you can bring speed and scale to your security organization. The Cloud Security Platform is built on top of Datadog's observability platform, which breaks down silos between Security and DevOps teams and aligns them to shared organizational goals. To learn more about how Datadog Security Monitoring can solve cloud complexity challenges with a unified platform, download the product brief at datadoghq.com/ciso/

DOJ arrests New York couple, seizing $3.6 billion in bitcoin Google sees 50% drop in compromises after 2SV enrollment Puma employee data stolen as a result of Kronos attack Thanks to our episode sponsor, Datadog Datadog Security Monitoring is part of the Datadog Cloud Security Platform, which protects an organization's production environment and provides threat detection, posture management, workload security, and application security in a single pane of glass. In this Datadog Security Monitoring product brief, you'll learn how to: Solve cloud complexity challenges with threat detection tools, detect and analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework. Download the brief today to learn more at datadoghq.com/ciso/ For the stories behind the headlines, head to cisoseries.com

Stolen crypto used to fund North Korean missile program Microsoft disables protocol used by malware Meta may pull out of the EU Thanks to our episode sponsor, Datadog Datadog's Cloud Security Platform delivers real-time threat detection and continuous configuration audits across your entire production environment, so you can bring speed and scale to your security organization. The Cloud Security Platform is built on top of Datadog's observability platform, which breaks down silos between Security and DevOps teams and aligns them to shared organizational goals. To learn more about how Datadog Security Monitoring can solve cloud complexity challenges with a unified platform, download the product brief at datadoghq.com/ciso/

US House passes bill to boost chip manufacturing and R&D One in seven ransomware extortion attempts leak key operational tech records New Argo CD bug could let hackers steal secret info from Kubernetes apps Thanks to our episode sponsor, Datadog Datadog Security Monitoring is part of the Datadog Cloud Security Platform, which protects an organization's production environment and provides threat detection, posture management, workload security, and application security in a single pane of glass. In this Datadog Security Monitoring product brief, you'll learn how to: Solve cloud complexity challenges with threat detection tools, detect and analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework. Download the brief today to learn more at datadoghq.com/ciso/ For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Jan 24-Feb 4, is hosted by Rich Stroffolino with our guest, Brian Lozada, CISO, HBOMax Thanks to our episode sponsor, Pentera Align validation to the MITRE ATT&CK framework and the OWASP Top 10. By aligning to industry standards, security teams ensure that their testing covers the latest adversary techniques. Most attacks succeed by leveraging the most common TTPs, so challenging the attack surface against these frameworks provides comprehensive coverage of adversary techniques in the wild. In addition, it allows security executives to clearly report to management on security control efficacy and enterprise readiness against potential threats. Find out more at pentera.io All links and the video of this episode can be found on CISO Series.com

iPhone flaw exploited by second Israeli spy firm Target shares its own web skimming detection tool with the world MFA adoption pushes phishing actors to reverse-proxy solutions Thanks to our episode sponsor, Pentera Align validation to the MITRE ATT&CK framework and the OWASP Top 10. By aligning to industry standards, security teams ensure that their testing covers the latest adversary techniques. Most attacks succeed by leveraging the most common TTPs, so challenging the attack surface against these frameworks provides comprehensive coverage of adversary techniques in the wild. In addition, it allows security executives to clearly report to management on security control efficacy and enterprise readiness against potential threats. Find out more at pentera.io For the stories behind the headlines, head to CISOseries.com.

Iran-linked APT activity on the rise Hacker claims responsibility for North Korean internet disruptions TikTok: the once and future national security threat Thanks to our episode sponsor, Pentera To continuously know the exploitable attack surface, automate your validation. Security validation must be as dynamic as the attack surface it's securing. Periodical and manual tests aren't enough to challenge the changes an organization undergoes. Security teams need to have an on-demand view of their assets and exposures, and the only way to get there is by automating your testing. Find out more at pentera.io

Cyber attack disrupts German oil firm operations Tesla recalls Full Self Driving feature that lets cars roll through stop signs FBI recommends using burner phones at the Olympics Thanks to our episode sponsor, Pentera To understand the exploitable attack surface, security teams need to cover the full scope of potential attacks. Adversaries take the path of least resistance to the critical assets. This means using a variety of techniques to progress an attack, leveraging any vulnerability and its relevant correlations along the way. For this reason, the validation methods used must match - they need to go beyond the static vulnerability scan or control attack simulation to include a full penetration test scope. Find out more at pentera.io For the stories behind the headlines, head to CISOseries.com

Your GPU knows your secrets UPnP behind Eternal Silence router campaign DeFi platform hacked for $80 million Thanks to our episode sponsor, Pentera To understand the exploitable attack surface, take the adversarial perspective. The way to know which vulnerabilities are exploitable is to…well, exploit them. This way, security teams get a concise attack vector pointing to the organization's weakest link. From here remediation requests handed to IT are focused, manageable, and based on true business impact. Find out more at pentera.io

Novel device registration trick enhances multi-stage phishing attacks US bans major Chinese telecom over national security risks Over 20,000 data center management systems exposed to hackers Thanks to our episode sponsor, Pentera Pentera introduces Automated Security Validation! The newly-minted unicorn out of Israel takes a whole new approach to penetration testing - allowing every organization to continuously test the integrity of all cybersecurity layers - including against ransomware - leveraging proprietary ethical exploits to emulate real-world attacks at scale. All day, everyday. This week Pentera will discuss how to identify your exploitable attack surface, so stay tuned for their 'Tip of the Day'. Or visit pentera.io to find out more. For the stories behind the headlines, head to CISOseries.com.