Cybersecurity Headlines
CISO Series
Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
Episodes
Mentioned books
May 3, 2024 • 26min
Week in Review: Dropbox Sign breach, Cybersecurity consultant arrested, Ukraine Microsoft hack
Former CISO at Etsy, Phil Beyer, discusses Dropbox breach, cybersecurity consultant arrest, and Ukraine hack. Topics include supply chain trust, legacy vulnerabilities, UK IoT security, ransomware attacks, and Chinese disinformation campaigns.
May 3, 2024 • 9min
Goldoon exploits D-Link, CISA GitLab warning, Dropbox Sign breach
Discussion on Goldoon botnet exploiting D-Link routers, CISA's alert about GitLab flaw, and Dropbox's disclosure of a signature service breach. Cybersecurity consultant arrested for extortion, warnings on hacks, and hacker sentenced for ransomware. News on leak sites, medical practice attacks, and auction of a supercomputer.
May 2, 2024 • 7min
Chinese disinformation, NCSC AMS, new State Secrets law
The podcast covers Chinese disinformation challenges, NCSC's Advanced Mobile Solutions risk model, and China's new State Secrets Law. Other topics include Microsoft's security update, CISA's budget proposal, discovery of Cuddlefish malware, and machine learning for money laundering detection.
May 1, 2024 • 10min
UnitedHealth Group CEO faces congress, U.S. wireless carriers face majors fine, Marriott backtracks protection claims
Topics include CEO facing congress, $200M fine for U.S. wireless carriers, Marriott's encryption backtrack, espionage attempt, hacker's blackmail scheme, malware on Docker Hub, Philadelphia Inquirer data breach
Apr 30, 2024 • 7min
USPS phishing, UK IoT law, industrial USB attacks
Topics discussed include USPS phishing sites, UK IoT security regulations, and USB malware attacks on industrial systems. The episode sponsor is Dropzone AI offering AI analyst for cybersecurity professionals
Apr 29, 2024 • 8min
Kaiser Permanente breach, DSH Safety Board, Okta stuffing attack
Podcast discusses Kaiser Permanente breach, DHS AI Safety Board, and Okta's warning on credential stuffing attacks. Also covers California State Welfare breach, Windows Print Spooler exploit, and Developer Malware Scam.
Apr 26, 2024 • 23min
Week in Review: GitHub comments abused, networkless" attack techniques, Police bodycam AI reports
Christina Shannon, CIO at KIK Consumer Products, discusses malware distribution through GitHub, AI in red teaming, networkless attacks, AI-generated police reports, open-source vulnerabilities, challenges in patching, and AI in transcribing body cam events.
Apr 26, 2024 • 8min
Google postpones cookies, Brocade vulnerability warning, ICICI card gaffe
Topics include Google postponing cookie deprecation, Brocade SAN vulnerabilities, and ICICI Bank credit card exposure. The episode also features urgent patch advisories for Cisco and CRUSH FTP, federal vulnerabilities, and security threats like Brokewell and WordPress plugin vulnerabilities.
Apr 25, 2024 • 7min
Chinese keyboard flaws, hacked news story, TikTok on the clock
Chinese keyboard app flaws, fake assassination story, and TikTok divestment discussed. AI-generated code vulnerabilities highlighted. Google encryption updates and Windows 11 Start Menu ads also covered.
Apr 24, 2024 • 8min
Iranian hackers charged, Siemens fixing Palo bug, Russia hacks water plant
Iranian hackers charged with hacking U.S. companies, Siemens fixing Palo Alto bug, Russian cyberattack on Indiana water plant highlighted. Cybersecurity incidents include Microsoft alert rollback and defense contractor hacks. AI-generated police reports, Cyber skills enhancement, and upcoming podcast events discussed.
