Tag: CISO Series

Boeing confirms $200 million ransomware extortion attempt Following up on the stories regarding LockBit that we covered last week, as well as a story we covered in November, Boeing has […] The post Cybersecurity News: Boeing confirms ransomware, Dell announces…

Read more →

F5 Networks warns of new Big-IP vulnerabilities The vulnerabilities, numbered CVE-2024-26026 and CVE-2024-21793, exist in the BIG-IP Next Central Manager (NCM), a single-pane-of-glass management and orchestration solution provided by F5. […] The post Cyber Security Headlines: F5 Big-IP warning, UK…

Read more →

Lockbit takes credit for Wichita attack The pernicious ransomware organization added the city of Wichita to its leak site, giving officials until May 15th to pay an unspecified ransom. We […] The post Cyber Security Headlines: Lockbit hit Wichita, AI…

Read more →

Lots of vendors claim to offer zero-trust solutions. But is that framework even applicable to some product categories? Check out this post for the discussion that is the basis of […] The post Understanding the Zero-Trust Landscape appeared first on…

Read more →

US indicts LockBit ransomware ringleader On Tuesday, the U.S. Department of Justice (DoJ) charged the mastermind behind the notorious LockBit ransomware-as-a-service (RaaS) operation. The DoJ unmasked 31-year-old Russian National, Dimitry […] The post Cyber Security Headlines: LockBit ringleader indicted, DocGo…

Read more →

For years, we’ve talked about the blurring line between work and personal devices. But increasingly we’re seeing signs that that line no longer exists for employees. If that’s the reality, […] The post Can’t Talk, I’m Onboarding My Kids To…

Read more →

NSC’s Neuberger suggests operational approach for on mitigating cyberattacks In an interview with Click Here a podcast from Recorded Future News, deputy national security adviser for cyber and emerging technologies […] The post Cyber Security Headlines: Neuberger proposes improvements, Olympic…

Read more →

Goldoon botnet exploits D-Link routers The exploit involves a security flaw that is almost 10 years old, specifically CVE-2015-2051 which has a CVSS score of 9.8. It affects D-Link’s DIR-645 […] The post Cyber Security Headlines: Goldoon exploits D-Link, CISA…

Read more →

Season 2 of Capture the CISO is not over. We still have the finals! And it’s going to be LIVE on Friday, May 17th, 2024 at 1 PM ET/10 AM […] The post Join Us 05-17-24 for the Capture the…

Read more →

Chinese disinformation proving ineffectual We’ve had several election cycles haunted by the threat of Chinese disinformation campaigns, made only more ominous with the advent of modern generative AI tools. But […] The post Cyber Security Headlines: Chinese disinformation, NCSC AMS,…

Read more →

Scaling least privilege in the cloud remains challenging. Throwing more people at the problem isn’t feasible, so how are you managing it? Check out this post for the discussion that […] The post Scaling Least Privilege for the Cloud appeared…

Read more →

Welcome to episode three of Capture the CISO Season 2! Our host is Rich Stroffolino and our judges are Christina Shannon, CIO, KIK Consumer Products and Dan Walsh, CISO, Paxos. Our contestants: […] The post Capture the CISO S2E3: BugProve, Egress, and Zenity…

Read more →

UnitedHealth Group CEO faces congress & cause of hack revealed The CEO of UnitedHealth Group, the parent company of Change Healthcare, is set to testify before a congressional committee today, […] The post Cyber Security Headlines: UnitedHealth Group CEO faces…

Read more →

USPS phishing sites are popular In October 2023, researchers at Akamai began observing traffic to combosquatting phishing domains impersonating the US Postal Service, all using the same malicious JavaScript file. […] The post Cyber Security Headlines: USPS phishing, UK IoT…

Read more →

Technical debt is an inevitability in any organization. But how do you go about “paying it down?” This requires a framework to understand the risk the technical debt represents to […] The post I Really Shouldn’t Have Agreed to Variable…

Read more →

For many organization, risk programs are driven by compliance requirements. What compliance framework you use will directly impact what processes you have in place around risk, noted Kim Elias, Senior […] The post How Compliance Can Launch Your Risk Program…

Read more →

Kaiser Permanente website tracking tools may have compromised customer data The healthcare giant is alerting more than 13 million customers that their personal information may have been shared with third-party […] The post Cyber Security Headlines: Kaiser Permanente breach, DSH…

Read more →

Going to the RSA Conference? Looking forward to having some fun, win prizes, and enjoy lunch? Then come to our CISO Series game show that will be happening on Tuesday, […] The post PREVIEW: CISO Series Game Show During RSA…

Read more →

Google postpones third-party cookie deprecation Google has announced that it is once again delaying its plans to deprecate third-party tracking cookies in its Chrome web browser. This time the reason […] The post Cyber Security Headlines: Google postpones cookies, Brocade…

Read more →

Knowing what data your organization holds is critical to using it effectively. But organizations don’t know where to start getting their data in order. In this video Greg Clark, director […] The post The Importance of Data Hygiene with OpenText…

Read more →

Chinese keyboard app flaws exposed Last year, researchers at Citizen Lab found that the popular Sogou Chinese keyboard app failed to use TLS when sending keystroke data to the cloud […] The post Cyber Security Headlines: Chinese keyboard flaws, hacked…

Read more →

Ask any CISO how they feel about sales pitches and be prepared for a litany of sins. But when do these legitimate complaints cross the line to sounding entitled? Check […] The post Should CISOs Be More Empathetic Towards Salespeople?…

Read more →

Welcome to episode one of Capture the CISO Season 2! Our judges are Arvin Bansal, CISO, C&S Wholesale Grocers and  Brett Conlon, CISO, American Century Investments. Our contestants: And don’t forget to join […] The post Capture the CISO S2E2: HYAS, Nudge Security, and…

Read more →

Iranian nationals charged with hacking U.S. companies and agencies On Tuesday, four Iranian nationals (Hossein Harooni, Reza Kazemifar, Komeil Baradaran Salmani, and Alireza Shafie Nasab) were indicted in a Manhattan […] The post Cyber Security Headlines: Iranian hackers charged, Siemens…

Read more →

RedLine stealer variant delivers Lua bytecode by disguising as game cheat According to McAfee Labs, this off-the-shelf variant of RedLine malware gathers saved credentials, autocomplete data, credit card information, and […] The post Cyber Security Headlines: RedLine GitHub connection, MITRE…

Read more →

TikTok ban passes the US House The bill passed as part of a larger foreign aid package by a vote of 360-58. THe House passed a similar standalone TikTok ban […] The post Cyber Security Headlines: TikTok ban update, Sandworm…

Read more →

Lots of businesses pledge to never pay ransomware demands. That sounds good, but priorities quickly change when you need to get the business back to normal after an attack occurs. […] The post We’ll Invest in Resilience as Soon as…

Read more →