

Cybersecurity Headlines
CISO Series
Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
Episodes
Mentioned books

16 snips
May 15, 2025 • 8min
Attack on steel producer, EUVD online, CISA advisory overhaul
A cyberattack severely disrupted operations at a major steel producer, raising concerns about industrial security. The new European Vulnerability Database is now live, aiming to enhance transparency in cybersecurity threats. In a related update, the Cybersecurity and Infrastructure Security Agency is re-evaluating its advisory framework. Additionally, significant leadership changes at U.S. Cyber Command signal potential shifts in tradecraft and security measures, as threats from North Korean IT workers targeting cryptocurrencies loom.

17 snips
May 14, 2025 • 9min
Radware clarifies patch, retailer data stolen, Alabama suffers cyberattack
Radware has patched recent vulnerabilities related to WAF bypasses. Marks & Spencer revealed that they suffered a data breach due to a ransomware attack. Alabama is facing significant cybersecurity challenges affecting state operations. The discussion also highlights a North Korean cyber attack targeting Ukrainian government entities and a major Intel CPU vulnerability that could lead to data leakage. These incidents stress the need for proactive measures in cybersecurity.

9 snips
May 13, 2025 • 8min
GlobalX breach, Google settles lawsuits, UK software security guidelines
A major cyberattack on Global Crossing Airlines Group raises concerns about airline security. Google reaches a billion-dollar settlement over privacy lawsuits, spotlighting the ongoing battle over user data protection. Meanwhile, the UK introduces new voluntary software security guidelines aimed at enhancing the safety of software development. The podcast navigates through these pivotal issues, alongside recent cyber incidents and their implications for security advancements.

16 snips
May 12, 2025 • 8min
Japan finance hacks, Pearson suffers cyberattack, Teams blocks screen captures
Hackers orchestrated a massive financial heist in Japan, manipulating billions through hijacked accounts. Education giant Pearson experienced a cyberattack that exposed sensitive customer data. Meanwhile, Microsoft Teams is taking proactive measures by blocking screen captures during meetings to bolster security. These incidents show the ongoing battle against cyber threats and the need for enhanced protective measures in both finance and technology.

13 snips
May 9, 2025 • 30min
Week in Review: Agriculture ransomware increase, Congress challenges CISA cuts, Disney's slacker hacker
Dan Holden, CISO at BigCommerce, shares his expertise on the surge of ransomware attacks targeting the agriculture sector, revealing its unique vulnerabilities. He discusses challenges faced by CISA, particularly regarding funding and the evolving nature of critical infrastructure post-COVID-19. The conversation also dives into insider threats, spotlighting a plea deal, and the NSO Group's legal battles over spyware like Pegasus. Lastly, Holden emphasizes the need for accountability in cybersecurity as organizations grapple with increasing threats in a digital landscape.

7 snips
May 9, 2025 • 9min
Cisco IOS XE vulnerability, Pentagon CIO nomination, new SonicWall vulnerability
Discover the critical patch released by Cisco addressing a serious vulnerability in IOS XE, exposing unauthorized access risks. The nomination of a former Unilever CISO for a significant Pentagon role raises eyebrows in cybersecurity circles. Tune in for insights on a new zero-day vulnerability announced by SonicWall, along with the urgent need to protect systems amid rising cyber threats. Plus, hear about high-profile hacks, ransomware incidents, and the latest from the notorious Lockbit Ransomware Gang.

24 snips
May 8, 2025 • 7min
Europol shuts down DDoS-for-hire services, CrowdStrike lays off 500 workers, GOV.UK embraces passkeys
Europol has successfully shut down six notorious DDoS-for-hire services linked to global cyberattacks. In a surprising turn, CrowdStrike announces layoffs of 500 workers as they shift focus on revenue growth. Meanwhile, the UK government is adopting passkeys to enhance security for GOV.UK accounts against potential threats. The podcast also highlights rising cyberattacks, particularly in Poland, raising alarms over legal actions against those facilitating Russian cyber operations.

16 snips
May 7, 2025 • 9min
Congress challenges CISA cuts, Texas school breached, NSO pays WhatsApp
Congress is pushing back against proposed budget cuts that threaten CISA's effectiveness. A significant data breach in Texas affects over 47,000 individuals, raising alarm for cybersecurity measures in schools. Additionally, NSO Group faces a hefty $167 million payout to WhatsApp following legal disputes. The discussion also highlights modern threats like IoT exploitation and investment scams on social media, revealing vulnerabilities in widely used software.

8 snips
May 6, 2025 • 8min
Signal clones, easyjson warning, UK retail hacker
A recent cybersecurity breach involved a hack on Signal clones, raising concerns about the integrity of encrypted communications. A warning was issued about the easyjson package, highlighting potential vulnerabilities. Meanwhile, a ransomware group claimed responsibility for attacking UK retailers, showcasing the evolving threat landscape. The discussion also touched on other cyber threats faced by organizations in Europe, including notorious groups targeting sensitive information across nations.

7 snips
May 5, 2025 • 8min
Microsoft Authenticator passkeys, StealC malware upgraded, CISA budget slashed
Microsoft is shifting away from password autofill in its Authenticator app, signaling a move toward passwordless security. The StealC malware has received stealth upgrades, raising concerns over data theft. In a controversial move, the White House is proposing significant budget cuts to CISA, potentially jeopardizing federal cyber defense efforts. Additionally, ransomware attacks are increasingly targeting the food sector, revealing a pattern of underreported incidents and concerns for cybersecurity in critical industries.


