Cybersecurity Headlines NSA dual-hat question, third-party report, GhostPoster extension continues
8 snips
Jan 19, 2026 A nominee is set to evaluate the complex dual-hat leadership at Cyber Command and NSA, potentially reshaping cybersecurity strategy. A staggering 64% of third-party apps mishandle sensitive data, raising alarm bells. GhostPoster browser extensions have hit 840,000 installs, with malicious activities lurking within. Meanwhile, law enforcement targets Black Basta operators, and a major phishing breach impacts 750,000 Canadian investors. Grubhub admits to a data theft and extortion incident, further highlighting rising cyber threats.
AI Snips
Chapters
Transcript
Episode notes
Dual-Hat Role Under Review
- Joshua Rudd will evaluate whether combining NSA and Cyber Command leadership remains efficient and effective.
- The nomination highlights scrutiny over the "dual hat" model after last year's leadership change.
Lock Down Third-Party Permissions
- Audit and limit third-party tool permissions to only what business needs require.
- Prioritize governance for tags and pixels like Google Tag Manager, Shopify, and Facebook Pixel.
Third-Party Access Spike
- Reflectiz found 64% of third-party apps access sensitive data without a business justification.
- The report shows unjustified access rose sharply from 51% in 2024, widening governance gaps.