Cybersecurity Headlines

Russia claims officials' surveillance
Project Glasswing access expands
CISA flags two-year-old Oracle flaw
Get the show notes here: https://cisoseries.com/cybersecurity-news-russia-claims-officials-surveillance-project-glasswing-expands-cisa-flags-two-year-old-oracle-flaw/
Huge thanks to our episode sponsor, Vanta

Your team just added its 67th AI tool. And unfortunately, also your 67th security blind spot.
 
The good news: The Vanta  [rhymes with Santa] Agent works like a GRC engineer in the background, finding every app your team uses, scoring the risk, and drafting fixes for you.
 
Vanta is the platform used by over sixteen thousand fast-moving companies like Ramp, Cursor, and Harvey who are shaping the future with AI, AND staying ahead of AI risk.
 
Get started at vanta.com/headlines.

Meta AI hands over Instagram account access
Dutch police dismantle huge botnet
RedHat packages get backdoored
Get the show notes here: https://cisoseries.com/meta-ai-hands-over-instagram-access-dutch-police-dismantle-botnet-redhat-packages-backdoored/
Huge thanks to our episode sponsor, Vanta

Your team just added its 67th AI tool. And unfortunately, also your 67th security blind spot.
 
The good news: The Vanta  [rhymes with Santa] Agent works like a GRC engineer in the background, finding every app your team uses, scoring the risk, and drafting fixes for you.
 
Vanta is the platform used by over sixteen thousand fast-moving companies like Ramp, Cursor, and Harvey who are shaping the future with AI, AND staying ahead of AI risk.
 
Get started at vanta.com/headlines.

Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
ChatGPT share links used to host fake outage pages to deliver malware
Federal audit reveals NIST's NVD problems
Get the show notes here: https://cisoseries.com/cybersecurity-news-globalprotect-vpn-exploited-chatgpt-share-links-exploits-feds-criticize-nist/
Huge thanks to our episode sponsor, Vanta

Your team just added its 67th AI tool. And unfortunately, also your 67th security blind spot.
 
The good news: The Vanta  [rhymes with Santa] Agent works like a GRC engineer in the background, finding every app your team uses, scoring the risk, and drafting fixes for you.
 
Vanta is the platform used by over sixteen thousand fast-moving companies like Ramp, Cursor, and Harvey who are shaping the future with AI, AND staying ahead of AI risk.
 
Get started at vanta.com/headlines.

This week's Department of Know is hosted by Rich Stroffolino, with guests Bruce Schneier, chief of security architecture, Inrupt, and Chris Ray, field CTO, GigaOm.
Missed the live show? Check it out on YouTube.
Huge thanks to our sponsor, Guardsquare

Mobile security incidents are no longer the exception—they are the norm. Last year, seventy-two percent of companies suffered a mobile app security incident. As the primary gateway to your APIs and data, your mobile app requires more than just basic encryption; it needs a multi-layered security strategy. Protect your brand and your bottom line with layered mobile app protection. Learn more at Guardsquare.com.

Fraud gang steals from World Cup fans
Pentagon says US military targeted by location
IBM and Red Hat commit to "Project Lightwell"
Check out your show notes here: https://cisoseries.com/cybersecurity-news-world-cup-fraud-us-military-location-targets-ibm-and-red-hat-go-project-lightwell/
Huge thanks to our sponsor, Guardsquare

Attackers are treating your mobile app like an open book. Sixty-three percent of security leaders recently detected app tampering, cloning, or unauthorized modifications. When your code runs in an untrusted environment, you need runtime self-protection and code hardening to keep attackers out. Address tampering before it starts. Learn more at Guardsquare.com.