Cybersecurity Headlines

This week's Department of Know is hosted by Rich Stroffolino, with guests Janet Heins, CISO, ChenMed, and TC Niedzialkowski, Head of IT & Security, Opendoor.
Missed the live show? Check it out on YouTube.
The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com.
Get the show notes here: https://cisoseries.com/cybersecurity-news-critical-cpanel-zero-day-swiss-black-axe-arrests-hhs-data-center-questions/
Thanks to our episode sponsor, Guardsqaure

Attackers are treating your mobile app like an open book. Sixty-three percent of security leaders recently detected app tampering, cloning, or unauthorized modifications. When your code runs in an untrusted environment, you need runtime self-protection and code hardening to keep attackers out. Address tampering before it starts. Learn more at Guardsquare.com.

Critical cPanel and WHM bug exploited as zero-day
Swiss police arrest suspected members of Black Axe group
HHS ponders government posture for protecting data centers
Get the show notes here: https://cisoseries.com/cybersecurity-news-critical-cpanel-zero-day-swiss-black-axe-arrests-hhs-data-center-questions/
Thanks to our episode sponsor, Guardsqaure

Attackers are treating your mobile app like an open book. Sixty-three percent of security leaders recently detected app tampering, cloning, or unauthorized modifications. When your code runs in an untrusted environment, you need runtime self-protection and code hardening to keep attackers out. Address tampering before it starts. Learn more at Guardsquare.com.

Hackers arrested for selling Roblox accounts
Microsoft's patch for a 0-day falls short
US & China partner on Dubai scam takedown
Get the show notes here: https://cisoseries.com/cybersecurity-news-roblox-hackers-arrested-microsoft-0-day-falls-short-dubai-scam-takedown/
Thanks to our episode sponsor, Guardsqaure

AI is speeding up development, but at what cost? While ninety-six percent of teams now use AI tools, eighty-one percent report that AI-generated code has introduced new vulnerabilities into their mobile apps. In a world with automated threats, you need multi-layered, polymorphic security to stay ahead of the curve. Learn more at Guardsquare.com.

FIDO Alliance working on securing AI agent payments
Germany suspects Russia in Signal phishing
RCE flaw in open-source robotics platform
Get the show notes here: https://cisoseries.com/cybersecurity-news-agent-payments-russian-phishing-lerobot-rce-flaw/ 
Thanks to our episode sponsor, Guardsqaure

Is your mobile app truly protected? Relying on the OS isn't enough. A global study of thirteen-hundred security and developer leaders found that ninety-six percent of teams using layered protection reported significantly fewer security incidents. Don't wait for a breach to harden your defenses. Get the protection needed for modern secuirty risks. Learn more at Guardsquare.com.

PhantomRPC flaw enables privilege escalation
Checkmarx confirms GitHub data hit dark web
PyPI package hacked to push infostealer
Get the show notes here: https://cisoseries.com/cybersecurity-news-phantomrpc-flaw-checkmarx-github-dark-web-data-pypi-package-infostealer/
Thanks to our episode sponsor, Guardsqaure

Your backend is only as secure as your frontend. Research shows that client-side compromise is now a primary driver of API risk. With sixty-three percent of leaders detecting mobile app tampering or cloning last year, don't leave your mobile app security to chance. Get multilayered protection for your entire mobile app ecosystem from the outside in. Learn more at Guardsquare.com.