All Posts

“Hacking RSA” – Super Cyber Friday

“Hacking RSA” – Super Cyber Friday

David Spark -
Please join us on Friday, March 10th, 2023 for Super Cyber Friday. Our topic of discussion will be “Hacking RSA: An hour of critical thinking…
Cybersecurity News: Apple updates advisories, US military email leak, Russian TV website crash

Cybersecurity News: Apple updates advisories, US military email leak, Russian TV website crash

Steve Prentice -
Apple updates advisories as security firm discloses new class of vulnerabilities Apple has updated some of its recent security advisories to add new iOS and…
How to Calculate Which Vulnerabilities Need to Be Fixed First

How to Calculate Which Vulnerabilities Need to Be Fixed First

David Spark -
I see all my problems, and I don’t know if my team can fix them fast enough. But you don’t need to fix them all.…
This Unwanted Cold Call Made Possible Thanks to This Month’s Sales Quota

This Unwanted Cold Call Made Possible Thanks to This Month’s Sales Quota

David Spark -
A CISO calls on security vendors to stop the spamming and cold calling. Are these annoyances the direct result the way salespeople are measured? Is…
Cybersecurity News: Samsung guards against zero-clicks, ransomware cat and mouse, Norway seizes Lazarus crypto

Cybersecurity News: Samsung guards against zero-clicks, ransomware cat and mouse, Norway seizes Lazarus crypto

Rich Stroffolino -
Samsung guards against zero-click attacks  One of the things that makes spyware, like NSO Group’s Pegagus, hard to guard against is because they require no…
Cybersecurity News: Hackers backdoor Microsoft IIS, Twitter limits SMS 2FA, Fortinet issues patches

Cybersecurity News: Hackers backdoor Microsoft IIS, Twitter limits SMS 2FA, Fortinet issues patches

Steve Prentice -
Hackers backdoor Microsoft IIS servers with new Frebniis  malware The new malware, spelled ‘Frebniis’ on Microsoft’s Internet Information Services (IIS) stealthily executes commands sent via…
Cybersecurity News Week in Review: Clop’s GoAnywhere claims, Bing search injection attack, AI flies F-16

Cybersecurity News Week in Review: Clop’s GoAnywhere claims, Bing search injection attack, AI flies F-16

Steve Prentice -
This week’s Cyber Security Headlines – Week in Review, February 13-17, is hosted by Sean Kelly with our guest, George Al-Koura, CISO, Ruby Cyber Security…
Cybersecurity News: VM Server problems, Google Translate BEC, DFIR burnout increases

Cybersecurity News: VM Server problems, Google Translate BEC, DFIR burnout increases

Steve Prentice -
February updates break some Windows Server 2022 VMs According to Microsoft, some Windows Server 2022 virtual machines might not boot up following the installation of…
What Leads a Security Program: Risk or Maturity?

What Leads a Security Program: Risk or Maturity?

David Spark -
When you think about building a plan (and budget!) for your security program, do you lead with risk, maturity, or something else? Check out this…
Cybersecurity News: Exposed Israeli influence group, a record DDoS attack, Cut cables knocks out airline

Cybersecurity News: Exposed Israeli influence group, a record DDoS attack, Cut cables knocks out airline

Rich Stroffolino -
Israeli influence group exposed The Guardian published a report looking at an Israeli hacking group known as Team Jorge, which purports to have manipulated over…
Cybersecurity News: Hackers breached Pepsi Bottling, AI flies F-16 fighter jet, Hyundai and Kia issue security update

Cybersecurity News: Hackers breached Pepsi Bottling, AI flies F-16 fighter jet, Hyundai and Kia issue security update

Sean Kelly -
Hackers breached Pepsi Bottling network Pepsi Bottling Ventures (PBV) has disclosed a breach of its network in an email sent to consumers this past Friday…
Adversaries Beef Up Their Shiny Object Distraction Campaign

Adversaries Beef Up Their Shiny Object Distraction Campaign

David Spark -
We are all very easily distracted, and adversaries know that. So they’ll try any little trick to make us not pay attention, look away, or…
Cybersecurity News: Namecheap phishes customers, Bing hit with injection attack, regulators stop BUSD minting

Cybersecurity News: Namecheap phishes customers, Bing hit with injection attack, regulators stop BUSD minting

Rich Stroffolino -
Namecheap sent phishing emails to customers The domain registrar says the third-party provider it uses for its newsletter, Twilio-owned SendGrid, sent out apparent phishing emails…
Cybersecurity News: Reddit admits breach, Clop exploits GoAnywhere, CISA’s VMware fix

Cybersecurity News: Reddit admits breach, Clop exploits GoAnywhere, CISA’s VMware fix

Steve Prentice -
Reddit admits it was hacked and data stolen, says “don’t panic” Reddit announced Friday that “Reddit systems were hacked as a result of a sophisticated…
Cybersecurity News Week in Review: Critical CVEs predicted, FAA needs 7 years, background check breach 

Cybersecurity News Week in Review: Critical CVEs predicted, FAA needs 7 years, background check breach 

Steve Prentice -
This week’s Cyber Security Headlines – Week in Review, February 6-10, is hosted by Rich Stroffolino  with our guest, Ed Covert, head of Cyber Risk…
Cybersecurity News: Microsoft Outlook outage, UK/US ransomware sanctions, Killnet IPs published

Cybersecurity News: Microsoft Outlook outage, UK/US ransomware sanctions, Killnet IPs published

Steve Prentice -
Microsoft Outlook outage prevents users from sending, receiving emails Microsoft is investigating an outage affecting its Outlook webmail service. Users have been reporting issues while…
Limitations of Security Frameworks

Limitations of Security Frameworks

David Spark -
Why do strongly supported security frameworks have such severe limitations when building a security program? Check out this post for the discussions that is the basis…
Cybersecurity News: NIST IoT encryption, Chinese phones collect PII, the AI chatbot race is on

Cybersecurity News: NIST IoT encryption, Chinese phones collect PII, the AI chatbot race is on

Rich Stroffolino -
NIST standardizes crypto for IoT The U.S. National Institute of Standards and Technology announced that the Ascon family of encryption and hashing algorithms were designated…
“Hacking Vulnerability Remediation” – Super Cyber Friday

“Hacking Vulnerability Remediation” – Super Cyber Friday

David Spark -
Please join us on Friday, February 24th, 2023 for Super Cyber Friday. REGISTER HERE. Our topic of discussion will be “Hacking Vulnerability Remediation: An hour…
Cybersecurity News: Tech firms race to integrate AI, FAA needs until 2030 to fix system, Biden addresses children’s online safety

Cybersecurity News: Tech firms race to integrate AI, FAA needs until 2030 to fix system, Biden addresses children’s online safety

Sean Kelly -
ARMO, Microsoft, Google race to integrate AI into their products ARMO, creator of open-source Kubernetes security platform Kubescape, announced Tuesday that it has integrated ChatGPT’s…
21 “Dark Side”-Approved Ways to Threaten Your Prospects

21 “Dark Side”-Approved Ways to Threaten Your Prospects

David Spark -
For those security practitioners who leave a job to go work for a security vendor, please stop calling it “going to the dark side.” This…
Cybersecurity News: Cyber insurance predictions, British steel supplier cyber attack, Microsoft pins Charlie Hebdo attack

Cybersecurity News: Cyber insurance predictions, British steel supplier cyber attack, Microsoft pins Charlie Hebdo attack

Rich Stroffolino -
Cyber insurer predicts a rise in critical CVEs A new Cyber Threat Index from the insurance firm Coalition predicts 2023 will see an average of…
What’s the Next Thing I Should Do to Improve My Security Posture?

What’s the Next Thing I Should Do to Improve My Security Posture?

David Spark -
The Internet, security vendors, and your cybercolleagues are awash with advice on how to improve your security program. All of them are wrong. The only…
Cybersecurity News: Fortra zeroday, Tallahassee hospital cyberattack, sneaky fraudulent apps

Cybersecurity News: Fortra zeroday, Tallahassee hospital cyberattack, sneaky fraudulent apps

Steve Prentice -
Hackers actively exploiting zero-day in Fortra’s  GoAnywhere MFT Fortra’s GoAnywhere managed file transfer application is being actively exploited in the wild by zero-day vulnerability. The…
1...161718...88Page 17 of 88

ABOUT US

Acting as a media network for cyber information and exchange, CISO Series is just a member of this fantastic community that unfortunately has some conflicts. We're just putting ourselves at the center of the conversation, acting as couples counseling for security vendors and practitioners.

CISO Series: Delivering the most fun you'll have in cybersecurity.

Contact us: info@cisoseries.com

FOLLOW US

© 2023 CISO Series