Cyber Security Headlines

Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.

Website : http://cisoseries.com/

RSS Feed : https://cisoseries.libsyn.com/rss  

Last Episode : March 28, 2025 7:00am

Last Scanned : 1.9 hours ago

Episodes

Episodes currently hosted on IPFS.

Confirmed 3
JavaScript injection campaign, solar power vulnerabilities, SIM swap lawsuit
150,000 sites compromised by JavaScript injection Vulnerabilities in numerous solar power systems found T-Mobile pays $33 million in SIM swap lawsuit Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com. Find the stories behind the headlines at CISOseries.com.
Expires in 40 hours
Published Friday
Confirmed 6
Ransomware group claims attack on US telecom firm, New ReaderUpdate malware variants target macOS users, Oracle customers claim stolen data
New ransomware group claims attack on US Telecom firm WideOpenWest NSA warned of vulnerabilities in Signal app a month before Houthi strike chat New ReaderUpdate malware variants target macOS users Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
Expires in 16 hours
Published Thursday
1
EncryptHub exploit, Copilot agents, PETs in government
EncryptHub linked to Microsoft Management Console exploit Security Copilot gets AI agents A call for more PETs in government Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
Published Wednesday
1
Hundreds of cyber criminals arrested, 23andMe data, Ukraine railway partially taken down
More than 300 cyber criminals arrested in Africa 23andMe bankruptcy puts millions of DNA records at risk Ukraine’s state railway partially down after attack Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
Published Tuesday
1
Tornado cash sanctions lifted, Russia Cloudflare outage, Microsoft Trust abused
U.S. Treasury lifts sanctions on Tornado Cash Web service outage in Russia due to reported Cloudflare block Microsoft Trust Signing service abused to code-sign malware Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com. Find the stories behind the headlines at CISOseries.com.
Published Monday
1
Week in Review: Google acquires Wiz, water utility improvements, more GitHub attacks
Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Christina Shannon, CIO, KIK Consumer Products Thanks to our show sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find – and remove – your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals.   With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/CISO and use promo code CISO at checkout.  All links and the video of this episode can be found on CISO Series.com  
Published Friday
1
Stalkerware company breach, Microsoft Zero Day, Global Jira attack
Stalkerware company SpyX suffers data breach Nation-state groups hit organizations with Microsoft Windows zero-day Swiss telecom Ascom the latest victim of HellCat’s Jira campaign Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find – and remove – your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals.   With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/CISO and use promo code CISO at checkout.  Find the stories behind the headlines at CISOseries.com
Published 03/21
1
PA teachers union breach, Infosys settles lawsuit, Sperm bank data theft
Attackers swipe data from Pennsylvania teachers union Infosys settles $17.5M lawsuit after third-party breach Top U.S. sperm bank discloses data breach Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find – and remove – your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals.   With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/CISO and use promo code CISO at checkout.  For the stories behind the headlines, visit CISOseries.com.
Published 03/20
1
Google Acquires Wiz, CISA must reinstate terminated employees, Commerce Department bans DeepSeek
CISA scrambles to contact fired employees after court rules layoffs ‘unlawful’ Google acquires cybersecurity firm Wiz for $32 billion US Commerce department bureaus ban China's DeepSeek on government devices, sources say   Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find – and remove – your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals.   With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/CISO and use promo code CISO at checkout. 
Published 03/19
1
GitHub repositories targeted, Apache Tomcat RCE exploit, BEC campaigns target Microsoft 365
23,000 repositories targeted in popular GitHub action Apache Tomcat RCE exploit hits servers—no authentication required Microsoft 365 users targeted in new BEC campaigns Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find – and remove – your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals.   With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/CISO and use promo code CISO at checkout. 
Published 03/18
1
VPN brute-force attacks, water utilities bill, LockBit developer extradited
Black Basta creates tool to automate VPN brute-force attacks Bipartisan Senate bill offers improved cybersecurity for water utilities LockBit developer extradited from Israel, appears in New Jersey court Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find – and remove – your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals.   With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/CISO and use promo code CISO at checkout.  Find the stories behind the headlines at CISOseries.com.
Published 03/17
1
Week in Review: ONCD dominates cyber, undocumented Bluetooth commands, DoJ Google breakup
Link to episode page Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks.  But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, And helps you get security questionnaires done 5 times faster with AI.  Now that’s…a new way to GRC. Get started at Vanta.com/headlines All links and the video of this episode can be found on CISO Series.com  
Published 03/14