Cyber Security Headlines

A new ransomware group has targeted the US telecom firm WideOpenWest, sparking concerns about rising threats. Malware variants specifically designed for macOS users are causing major security worries. The NSA previously warned about vulnerabilities in the Signal app, highlighting the need for vigilance. Additionally, Oracle customers report issues with stolen data. The discussion also touches on the ongoing debate regarding entry-level positions in cybersecurity as phishing scams increase alongside major cyber breaches.

A recent cybersecurity vulnerability exploited by EncryptHub linked to the Microsoft Management Console raises alarms. Exciting advancements feature AI agents in security automation, while calls for increased investment in privacy technologies grow louder. The podcast highlights the ongoing threat from Raspberry Robin and a phishing incident involving a well-known cybersecurity figure. Additionally, advanced Android malware techniques and a phishing campaign targeting gamers show the need for better defenses in an increasingly complex threat landscape.

Over 300 cyber criminals were arrested in Africa, highlighting a significant crackdown on cyber crime. The bankruptcy of 23andMe raises concerns for millions of DNA records, posing new risks to personal data security. Meanwhile, a cyber attack has partially disrupted Ukraine's state railway, adding to the nation’s ongoing challenges. Additionally, there’s a critical vulnerability discovered in the Next.js framework that demands immediate action from users to secure their systems.

Sanctions on the Tornado Cash service have been lifted, stirring debates about its ties to North Korean cybercrime. A major Cloudflare outage created chaos in Russia due to governmental restrictions. Additionally, Microsoft’s Trust Signing Service was misused to sign malware, raising alarms about cybersecurity risks. The conversation highlights the ongoing challenges in protecting data amid increasing regulatory scrutiny and investigations into telecom firms evading U.S. restrictions. It's a rollercoaster of topics that spotlight the complexities of today's digital landscape.

Christina Shannon, CIO at KICK Consumer Products, shares her insights on critical cybersecurity trends. She discusses Google's acquisition of Wiz to enhance cloud security and the Senate's push for improved safety in water utilities, emphasizing urgent vulnerabilities. The conversation also delves into securing sensitive data in applications like JIRA and the ethical dilemmas posed by corporate tracking devices. Recent incidents, including a supply chain attack impacting GitHub, highlight the pressing need for robust security measures and community engagement.

A shocking data breach at SpyX exposed nearly 2 million people's information. Microsoft faces a serious zero-day vulnerability that puts many at risk. The hacker group Hellcat targets Swiss telecoms, showcasing the surge in cyber threats. Meanwhile, a cyber campaign aimed at Ukraine's defense sector uses sneaky tactics to deliver malware. Plus, there's a spotlight on how data brokers exploit online safety measures, highlighting the importance of privacy solutions.

Attackers swipe data from Pennsylvania teachers union Infosys settles $17.5M lawsuit after third-party breach Top U.S. sperm bank discloses data breach Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find – and remove – your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals.   With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/CISO and use promo code CISO at checkout.  For the stories behind the headlines, visit CISOseries.com.

CISA scrambles to contact fired employees after court rules layoffs ‘unlawful’ Google acquires cybersecurity firm Wiz for $32 billion US Commerce department bureaus ban China's DeepSeek on government devices, sources say   Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find – and remove – your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals.   With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/CISO and use promo code CISO at checkout. 

23,000 repositories targeted in popular GitHub action Apache Tomcat RCE exploit hits servers—no authentication required Microsoft 365 users targeted in new BEC campaigns Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find – and remove – your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals.   With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/CISO and use promo code CISO at checkout. 

Black Basta creates tool to automate VPN brute-force attacks Bipartisan Senate bill offers improved cybersecurity for water utilities LockBit developer extradited from Israel, appears in New Jersey court Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find – and remove – your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals.   With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/CISO and use promo code CISO at checkout.  Find the stories behind the headlines at CISOseries.com.