Week in Review: Microsoft Trust abuse, 23andMe bankruptcy risks, NIST’s growing backlog
Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Jonathan Waldrop, CISO, The Weather Company Jonathan will be speaking at The CrowdStrike Crowd Tour, on Tuesday, April 15, 2025 in Atlanta – details here. He will also be speaking at the C Vision International Think Tank on April 24, 2025, also in Atlanta – details here. Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com. All links and the video of this episode can be found on CISO Series.com
--------
23:50
JavaScript injection campaign, solar power vulnerabilities, SIM swap lawsuit
150,000 sites compromised by JavaScript injection Vulnerabilities in numerous solar power systems found T-Mobile pays $33 million in SIM swap lawsuit Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com. Find the stories behind the headlines at CISOseries.com.
--------
8:16
Ransomware group claims attack on US telecom firm, New ReaderUpdate malware variants target macOS users, Oracle customers claim stolen data
New ransomware group claims attack on US Telecom firm WideOpenWest NSA warned of vulnerabilities in Signal app a month before Houthi strike chat New ReaderUpdate malware variants target macOS users Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
--------
6:35
EncryptHub exploit, Copilot agents, PETs in government
EncryptHub linked to Microsoft Management Console exploit Security Copilot gets AI agents A call for more PETs in government Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
--------
7:50
Hundreds of cyber criminals arrested, 23andMe data, Ukraine railway partially taken down
More than 300 cyber criminals arrested in Africa 23andMe bankruptcy puts millions of DNA records at risk Ukraine’s state railway partially down after attack Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
Portugal