Department of Know: SaaS apps enable breaches, real-time cyber protection, IoT botnet takedown

New DarkSword exploit hits GitHub Gemini AI agents scour the dark web Trivy supply chain attack expands Check out our show notes for all story links: https://cisoseries.com/cybersecurity-news-darksword-exploit-hits-github-gemini-ai-agents-scour-dark-web-trivy-supply-chain-attack-expands/ Huge thanks to our sponsor, ThreatLocker Ransomware doesn't need to be sophisticated if it's allowed to execute. A growing number of security teams are shifting focus from detecting ransomware to preventing execution in the first place — controlling applications, scripts, and installers so unauthorized code never gets the chance to run. Learn more at ThreatLocker.com

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Bil Harmer, CISO, Supabase, and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, ThreatLocker Many security strategies still assume everything is allowed until proven malicious. Attackers understand that model well. That's why more organizations are rethinking endpoint security — shifting from detection-first tools to control-first approaches that reduce attack surface before an incident occurs. Learn more at ThreatLocker.com All links and the video of this episode can be found on CISO Series.com  

Law enforcement seizes botnet infrastructure California city and LA transit agency report cybersecurity issues Microsoft Azure Monitor alerts used for callback phishing attacks  Check out our show notes for all story links: https://cisoseries.com/cybersecurity-news-cybersecurity-news-international-botnet-takedown-california-city-ransomed-azure-monitor-phishing/ Huge thanks to our sponsor, ThreatLocker Most breaches don't start with a zero-day — they start because something unexpected was allowed to run. One way organizations reduce risk is by shrinking the attack surface: deciding what software should be allowed to execute and blocking everything else by default. Fewer unknowns means fewer opportunities for attackers. Learn more at ThreatLocker.com

Critical Microsoft SharePoint flaw now exploited in attacks 1stProtect reveals endpoint security platform intended to prevent cyberattacks in real time CISA urges U.S. organizations to secure Microsoft Intune systems following Stryker breach Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-critical-sharepoint-flaw-real-time-cyberattack-prevention-cisas-intune-warning/ Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Picture a "new hire" who interviews well… except they're synthetic: AI video, AI voice, AI backstory. Once they're in, they go after payroll, internal docs, and access. That's the new reality: the attack surface is trust itself. Adaptive fights back with realistic deepfake simulations and training that actually sticks. Learn more at  adaptivesecurity.com.

DarkSword emerges from suspected Russian hackers "ShieldGuard" dismantled after malware discovery North Korea's fake IT worker army rakes in $500M/year Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-darksword-emerges-shieldguard-dismantled-nk-it-worker-army-rakes-in-money/ Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Picture a "new hire" who interviews well… except they're synthetic: AI video, AI voice, AI backstory. Once they're in, they go after payroll, internal docs, and access. That's the new reality: the attack surface is trust itself. Adaptive fights back with realistic deepfake simulations and training that actually sticks. Learn more at adaptivesecurity.com.

Energy Department to release first cyber strategy Tech giants sign on to fight scammers Font-rendering hides malicious commands from AI in plain sight Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-energy-strategy-scammer-accord-font-rendering-attack/ Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Attackers don't need malware anymore; they need trust. Tip: set a simple passphrase for high-risk actions, like wire requests or "urgent" account recovery – especially within finance teams and families. If the caller can't answer it, pause and verify. Adaptive runs deepfake and vishing simulations so employees practice this before it's real. Learn more at  adaptivesecurity.com.

Stryker hospital tools safe, digital ordering services down Models apply to be the face of AI scams Cybercrime up 245% since Iran conflict Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-stryker-hospital-tools-safe-models-apply-to-power-ai-scams-cybercrime-up-245/ Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Today's phishing doesn't just hit inboxes — it can sound like your CFO or look like your CEO on Zoom. AI voices, video, and deepfakes are turning trust into the attack surface. Adaptive fights back with AI-driven risk scoring, deepfake simulations featuring your own executives, and interactive training your team will actually remember. Take a three-minute tour or request a CEO deepfake demo at adaptivesecurity.com.

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Jonathan Waldrop, CISO, Acoustic, and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Deepfakes aren't science fiction anymore; they're a daily threat. Quick tip: if your voicemail greeting is your real voice, switch it to the default robot voice. A few seconds of audio can be enough to clone you. Adaptive helps teams spot and stop these AI-powered social engineering attacks. Learn more at adaptivesecurity.com. All links and the video of this episode can be found on CISO Series.com      

Payload Ransomware group claims breached of Royal Bahrain Hospital Canadian food retailer Loblaw confirms data breach New York cyber regulations for water organizations launch in 2027 Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-royal-bahrain-hospital-breach-canadas-loblaw-breached-new-york-water-laws/ Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Deepfakes aren't science fiction anymore; they're a daily threat. Quick tip: if your voicemail greeting is your real voice, switch it to the default robot voice. A few seconds of audio can be enough to clone you. Adaptive helps teams spot and stop these AI-powered social engineering attacks. Learn more at adaptivesecurity.com.

Iran boosts cyberattacks VENON targets Brazilian banks England Hockey investigates breach Get links to all the stories in our show notes: https://cisoseries.com/cybersecurity-news-iran-boosts-cyberattacks-venon-targets-brazilian-banks-england-hockey-investigates-breach/ Huge thanks to our sponsor, Dropzone AI If you are heading to RSAC next week, here are three things worth seeing at the Dropzone AI Diner. Booth 455, South Expo Hall.   One: watch their AI SOC agents investigate real alerts live, with every reasoning step exposed. Two: meet the AI Threat Hunter, the newest agent joining the team. Three: enter the investigation competition and go head to head against the AI.   Schedule your stop at dropzone.ai/rsa-2026-ai-diner.