Cyber Security Headlines

A malware scheme has hijacked Uyghur language software, putting users at risk. Meanwhile, Cloudflare reports a significant rise in DDoS attacks, raising alarms in the cybersecurity community. The controversial forum 4chan is back online after a hacking incident caused a major disruption. Additionally, a phishing campaign targeting WooCommerce is exploiting vulnerabilities under the guise of critical security updates. Experts emphasize the need for better security measures to combat these emerging threats.

SAP zero-day vulnerability under widespread active exploitation Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts Cybersecurity firm CEO charged with installing malware on hospital systems Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Bethany De Lude, CISO Emeritus of The Carlyle Group, brings her deep expertise to discuss key shifts in cybersecurity. She highlights the implications of leadership exits from CISA's Secure by Design initiative, raising concerns about corporate commitment to security standards. The rise of large language models is explored, especially regarding vulnerability exploitation. Additionally, Bethany addresses alarming cybercrime statistics and the need for enhanced community awareness, particularly in combatting romance scams and improving collaboration in security practices.

The podcast dives into the alarming use of Android malware targeting the Russian military, cleverly hidden in a mapping app. It examines the vulnerabilities plaguing edge devices and discusses the implications of recent security flaws, particularly a critical warning about Commvault Command Center. Additionally, the conversation touches on the productivity drain caused by alert investigations and introduces a game-changing AI solution that streamlines security processes, allowing teams to focus on thwarting genuine threats.

Blue Shield of California shared private health data of millions with Google The FBI issues its 2024 IC3 report Ex-Army sergeant jailed for selling military secrets Huge thanks to our sponsor, Dropzone AI Security analysts need practical experience to build investigation skills, but getting expert guidance for every alert is impossible. That's why Dropzone AI created COACH—a free Chrome extension that serves as an AI security mentor for SOC analysts at any level. COACH reads alerts across all major security platforms, explains their context, provides alternative hypotheses, and guides analysts through industry-standard investigation methodologies. Unlike our AI SOC Analyst product, COACH doesn't do the work for you—it teaches you how to think through investigations yourself. It supplements human mentoring with always-available guidance that respects your data with zero retention. Develop your security team's skills at Dropzone.ai/coach. For the stories behind the headlines, head to CISOseries.com.

Microsoft is recalling the Copilot Plus feature due to major security flaws. Meanwhile, Russian organizations are facing targeted attacks through deceptive updates masquerading as security tools. SSL.com is racing to address a vulnerability in its certificate issuance process, highlighting ongoing threats in the digital landscape. The podcast also discusses a surge in ransomware attacks impacting over 100 victims and the need for stronger cybersecurity measures to combat increasingly sophisticated global cyber scams.

A recent surge in cyber threats includes the misuse of Google OAuth in a DKIM replay attack. Japan tightens warnings as unauthorized trading scams proliferate. North Korean hackers are exploiting Zoom’s Remote Control feature for nefarious purposes. Additionally, the spotlight is on the impacts of leadership changes at CISA and Microsoft’s proactive steps to bolster security amid increasing breaches. These developments highlight the continuously evolving landscape of cybersecurity challenges.

Widespread Microsoft Entra lockouts cause by new security feature rollout Malware delivered through diplomatic wine-tasting invites British companies told to hold in-person interviews to thwart North Korea job scammers Huge thanks to our sponsor, Dropzone AI Growing your MSSP client roster while your alerts are multiplying? Dropzone AI works alongside your team, investigating alerts just like your best human analysts would. Our AI SOC Analyst cuts investigation time from an hour to minutes while handling five times more alerts per analyst. Unlike complex SOAR solutions, Dropzone deploys quickly and adapts to your environment without the need for playbooks or coding. Eliminate backlogs, reduce false positives, and deliver the detailed investigations your clients expect. Ready to scale your MSSP without scaling your team? Meet us at booth ESE-60 at RSA. Find the stories behind the headlines at CISOseries.com.

Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by David Spark with guest Trina Ford, CISO, iHeartMedia Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that’s…a new way to GRC. Get started at Vanta.com/headlines. All links and the video of this episode can be found on CISO Series.com

A bipartisan initiative aims to renew a vital cyberthreat sharing law for better collaboration between businesses and the government. State-sponsored hackers have taken a liking to the ClickFix technique. GoDaddy's miscommunication led to a significant 90-minute Zoom service disruption. The discussion also highlights critical vulnerabilities, including risks linked to SonicWall's SMA-100 series and the activities of the Mustang Panda APT. Stay informed on the latest cybersecurity threats and how to mitigate them.