Huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

Malicious npm and VS Code packages stealing data

Nova Scotia Power confirms ransomware attack

Researchers claim ChatGPT o3 bypassed shutdown in controlled test

Huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

Find the stories behind the headlines at CISOseries.com.

CISA warns Commvault clients of campaign targeting cloud applications

Russian hacker group Killnet returns with slightly adjusted mandate

Fake VPN and browser NSIS installers used to deliver Winos 4.0 malware

Huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

Find the stories behind the headlines at CISOseries.com.

Link to episode page

This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest George Finney, CISO, The University of Texas System – check out George’s new book plus all his other achievements at his website, WellAwareSecurity.

Thanks to our show sponsor, Conveyor

Still spending hours maintaining a massive spreadsheet of Q&A pairs or using RFP tools to answer security questionnaires? Conveyor’s AI doesn’t need hand-holding and gets you accurate answers every time with limited knowledge base maintenance. It reads directly from your connected sources—documents, wikis, websites, Confluence, Google drive, and even your Conveyor trust center. You don’t maintain a knowledge base. You connect to one. And our AI does the rest for you. See what real auto-fill magic looks like at www.conveyor.com

All links and the video of this episode can be found on CISO Series.com

Signal adds Recall blocker

Critical Windows Server 2025 dMSA vulnerability warning

Pathology lab suffers data breach

Huge thanks to our sponsor, Conveyor

Still spending hours maintaining a massive spreadsheet of Q&A pairs or using RFP tools to answer security questionnaires?

Conveyor’s AI doesn’t need hand-holding and gets you accurate answers every time with limited knowledge base maintenance.

It reads directly from your connected sources—documents, wikis, websites, Confluence, Google drive, and even your Conveyor trust center.

You don’t maintain a knowledge base. You connect to one.

And our AI does the rest for you. See what real auto-fill magic looks like at www.conveyor.com

Find the stories behind the headlines at CISOseries.com.

Ransomware attack knocks out Kettering Health

Lumma malware operation disrupted

Federal agencies impacted by “major lapse” at Opexus

Huge thanks to our sponsor, Conveyor

Half-baked AI answers to security questionnaires are worse than no answer at all. Conveyor’s AI gets it right the first time—with market-leading accuracy rates and full citations for every response.

Because “good enough” doesn’t cut it when you’re filling in questionnaires daily. Accuracy isn’t just a feature—it’s the foundation. Because we know that when AI gets it wrong, you’re stuck with more work.

If AI isn’t living up to its promise with other tools, check out Conveyor at www.conveyor.com

Huge thanks to our sponsor, Conveyor

What if your sales team could answer security questions themselves—without blowing up your Slack or email every 10 minutes?

With Conveyor, they can. Conveyor is the trust center and security questionnaire automation tool your infosec friends love to use. Whether through Slack or the Conveyor app, sales and presales teams can easily get AI-generated answers to any customer security question, with your pre-set rules and reviews in place. Free up your team and keep deals moving at www.conveyor.com

UK’s Legal Aid Agency breached

NHS patients put at risk from cyberattacks

23andMe has a buyer

Huge thanks to our sponsor, Conveyor

Ever spent an hour in a clunky portal questionnaire with UI from 1999 just to lose your work because it timed out?

Conveyor’s got you.

Our browser extension completes questionnaires in the most tedious portals for you by auto-importing all the questions and generating AI answers. For popular portals, it can go full autopilot and fill in reviewed answers into the portal on one click. You shouldn’t have to fight a portal just to prove your security posture.

Learn more at www.conveyor.com.