Cybersecurity Headlines

Grafana GitHub token breach leads to extortion attempt
Microsoft rejects Azure vulnerability report, researcher disputes decision
Funnel Builder flaw actively exploited to steal payment data
Get the show notes here: https://cisoseries.com/cybersecurity-news-grafan-github-extortion-microsoft-rejects-azure-report-funnel-builder-flaw/
Thanks to our episode sponsor, ThreatLocker

ThreatLocker is extending Zero Trust beyond endpoint control. With their recent release of Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

This week's Department of Know is hosted by Rich Stroffolino, with guests Gary Chan, CISO, SSM Health and Peter Liebert, CISO, Salesloft.
Missed the live show? Check it out on YouTube.
The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com.
Huge thanks to our sponsor, Doppel


Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.

But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.

We fight relentlessly to protect your business, brand, and people.

Doppel. Outpacing what's next in social engineering.

Learn more at doppel.com.

G7 countries release AI SBOM guidance
Dell confirms its SupportAssist software causes Windows BSOD crashes
Dirty Frag sequel arrives as Fragnesia 
Get the show notes here: https://cisoseries.com/cybersecurity-news-g7-releases-ai-sbom-dell-supportassist-bsod-dirty-frag-sequel/
Huge thanks to our episode sponsor, Doppel

Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.
 
But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.
 
We fight relentlessly to protect your business, brand, and people.
 
Doppel. Outpacing what's next in social engineering.
 
Learn more at doppel.com.

Foxconn confirms North American factory attack
BitLocker zero-day accesses protected drives
MDASH patches 16 Windows flaws
Get the show notes here: https://cisoseries.com/cybersecurity-news-foxconn-factory-attacks-bitlocker-zero-day-accesses-protected-drives-mdash-patches-windows-flaws/↗
Huge thanks to our episode sponsor, Doppel 

Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.
 
But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.
 
We fight relentlessly to protect your business, brand, and people.
 
Doppel. Outpacing what's next in social engineering.
 
Learn more at doppel.com.

Instructure reaches an "agreement" with ShinyHunters
Shai Hulud campaign is back
OpenAI launches Daybreak
Get the show notes here: https://cisoseries.com/cybersecurity-news-instructures-agreement-shai-hulud-campaign-openais-daybreak/
Huge thanks to our episode sponsor, Doppel

Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.
 
But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.
 
We fight relentlessly to protect your business, brand, and people.
 
Doppel. Outpacing what's next in social engineering.
 
Learn more at doppel.com.