Cybersecurity Headlines

FBI email system reportedly hacked to send fake DHS cyberattack messages FBI email hacker blames poor coding US Education Department urged to boost K-12 schools' ransomware defenses Thanks to our episode sponsor, Vulcan Cyber Cyber risk isn't easy to quantify, much less mitigate. Use the same approach endorsed by leading security teams at Honeywell, Zoom, and Wells Fargo to tackle cyber risk. Attend the Vulcan Cyber virtual summit on December 9th and learn how the new Vulcan Security Posture Rating will give you the insights you need to reduce risk and secure your business. Go to vulcan.io and click the button at the top of the screen to register for the event. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines - Week in Review, Nov 8-12, is hosted by Rich Stroffolino with our guest, John Overbaugh, CISO, Alpine Software Group Thanks to our episode sponsor, Vulcan Cyber The fact that CISA felt the need to release the massive "Known Exploited Vulnerabilities Catalog" recently says everything we need to know about the state of our collective cyber debt. Attend the Vulcan Cyber virtual summit on December 9th and learn how your peers are working to take on cyber risk and mitigate known vulnerabilities at scale. Go to vulcan.io and click the button at the top of the screen to register for the event. All links and the video of this episode can be found on CISO Series.com

EU pharmaceutical giants run old, vulnerable apps and fail to use encryption in login forms Gmail accounts are used in 91% of all baiting email attacks Microsoft warns of uptick in HTML smuggling Thanks to our episode sponsor, Vulcan Cyber The fact that CISA felt the need to release the massive "Known Exploited Vulnerabilities Catalog" recently says everything we need to know about the state of our collective cyber debt. Attend the Vulcan Cyber virtual summit on December 9th and learn how your peers are working to take on cyber risk and mitigate known vulnerabilities at scale. Go to vulcan.io and click the button at the top of the screen to register for the event. For the stories behind the headlines, head to CISOseries.com.

Trend Micro details long running hacker-for-hire group WP Reset PRO plugin works a little too well Zero-day found in Palo Alto Networks security appliances Thanks to our episode sponsor, Vulcan Cyber Vulnerability scanners are commoditized. Cloud service providers provide free scanners. Open source scanners are plentiful. Your team doesn't need another scanner, but they need to get better at identifying and prioritizing the risk that is buried in that scan data. Attend the Vulcan Cyber virtual user conference and learn how to assess and mitigate risk across all of your surfaces. Go to vulcan.io and click the button at the top of the screen to register for the event.

Robinhood breach impacts millions of customers Meta shares bullying and harassment numbers for the first time Meta to remove sensitive ad-targeting categories as new bill takes aim at online platform algorithms Thanks to our episode sponsor, Vulcan Cyber Matt Hurewitz is the associate director of application security at Best Buy. Matt has a theory that a risk-based approach to application security is more effective than a faith-based approach. We agree. Attend the Vulcan Cyber virtual summit on December 9th to hear how Matt and the Best Buy team approach application security. Learn from the best. Registration is free for your entire team. Go to vulcan.io and click the button at the top of the screen to register for the event. For the stories behind the headlines, head to CISOseries.com

US infrastructure bill includes cybersecurity provisions Chipmakers respond to US call for supply chain info REvil hackers arrested Thanks to our episode sponsor, Vulcan Cyber Ryan Gurney spent years as CSO and security exec for companies like Google Looker, Zendesk, Engine Yard, and eBay. Ryan has seen a few things and is done pretending cyber security is something it isn't. Attend the Vulcan Cyber virtual summit on December 9th to get Ryan's take on the difference between negligent and effective cyber security. It's a fine line. Go to vulcan.io and click the button at the top of the screen to register for the event.

Feds likely to fall short of deadline for strengthening encryption, multifactor authentication Experts spot phishing campaign impersonating security firm Proofpoint Facebook outage a prime example of insider threat by machine Thanks to our episode sponsor, Vulcan Cyber Cyber risk isn't easy to quantify, much less mitigate. Use the same approach endorsed by leading security teams at Honeywell, Zoom, and Wells Fargo to tackle cyber risk. Attend the Vulcan Cyber virtual summit on December 9th and learn how the new Vulcan Security Posture Rating will give you the insights you need to reduce risk and secure your business. Go to vulcan.io and click the button at the top of the screen to register for the event. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Nov 1-5, is hosted by Rich Stroffolino with our guest, Davi Ottenheimer, vp, trust and digital ethics, Inrupt Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021, a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test your skills and win prizes in the 24-hr CLOUDSEC Challenge, a hands-on immersive experience that has something for everyone – from novice application coders to experienced security practitioners! Join for FREE on November 16th, for free. Sign up at cloudsec.com All links and the video of this episode can be found on CISO Series.com

Expired certificate breaks Windows 11 snipping tool, emoji panel, and more Iranian hacking group leaks patient and LGBTQ info Popular 'coa' npm library hijacked to steal user passwords Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021, a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test your skills and win prizes in the 24-hr CLOUDSEC Challenge, a hands-on immersive experience that has something for everyone – from novice application coders to experienced security practitioners! Join for FREE on November 16th, for free. Sign up at cloudsec.com For the stories behind the headlines, head to CISOseries.com.

CISA creates exploited bug catalog Bots used to scam 2FA codes US sanctions companies selling hacking tools Thanks to our episode sponsor, Trend Micro Reimage your Cloud! That's the theme for CLOUDSEC 2021, a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role's unique challenges. Test your skills and win prizes in the 24-hr CLOUDSEC Challenge, a hands-on immersive experience that has something for everyone – from novice application coders to experienced security practitioners! Join for FREE on November 16th, for free. Sign up at cloudsec.com