Aphinia - Your Weekly CISO Wire

Happy New Year! I hope it is off to a good start for you!

Here’s your weekly update on comings and goings, jobs, networking opportunities and actionable insights:

These are the most recent appointments and promotions of your cybersecurity peers. Say “CONGRATS!”🥂 to:

• Jimit Gandhi was appointed as CISO at Akasa Air.

• Margarita Rivera was appointed as CISO at Carnival Corp.

• Ryan Boulais was appointed as CISO at Bunge.

• Lee Hutcheson was appointed as CISO at Marriott Vacations Worldwide

• Jim Kastle was appointed as CISO at 7-Eleven.

• Michael Hill was appointed as CISO at PriceSmart.

• Kristie Grinnell was appointed as CISO at TD SYNNEX.

• Michael Hanley was appointed as CISO at General Motors.

• Mike Coogan was appointed as VP, CISO at Brinks Home.

• Kris Kistler was appointed as Global CISO at Access TeleCare.

Appointed? Promoted? Let us know!

Aphinia is growing! Say hello, reach and connect with our new members:

• Madhav Gopal, CISO, NextNav

• Jonathan Jackson, Ciso, Pathward

• David Sledge, CISO, Steady Cyber

• Natalia Belaya, CISO, Cloudera

• Constantine Macris, CISO, Dispel, LLC

• Faisal Ansari, CISO and CPO, Extensia, Inc.

• Ramya Varadharajan, Director - Information Security, Indiana University Health

• Robert Preta, Director of Cybersecurity, ACV Auctions

• Gary Bowen, Head of Cybersecurity, TopBuild Corp

• Nick Sturgeon, VP-CISO, Community Health Network

Welcome on board!

Who in your network can benefit from Aphinia? Please send them here »

Not yet a member? Apply here »

Do you want to share your story with fellow CISOs? Book your time now: https://calendly.com/aphinia/30min

Do you want to impart your wisdom and share actionable insights? And, importantly, to further enhance your personal brand so that you would get:

• a new Advisory role

• a consulting gig

• a promotion or appointment

• a book deal

• a speaking engagement at industry conference

Our dance card is filling up fast, here’s the link to grab your time slot now: https://calendly.com/aphinia/30min

Meanwhile, check out this conversation with our guest Michael Timineri (Head of Information Security, Checkr) on how to succeed as a CISO.

Full interview here»

Several important events happened that merit your attention:

• UN adopts controversial cybercrime treaty: The UN General Assembly has adopted a new cybercrime treaty, set to be signed in Hanoi, Vietnam, next year, with its enforcement contingent on the signatures of 40 countries within 90 days.

• NGOs file complaints against Serbian authorities: Several Serbian NGOs have filed complaints against the police and security services following an Amnesty International report that exposed the use of NoviSpy spyware to target journalists and activists.

• Tehran lifts ban on Google Play and whatsApp: In a surprising move, the Tehran regime has lifted its longstanding bans on the Google Play Store and WhatsApp, signaling a potential shift in its approach to digital communication and access to global services.

• New US regulation blocks sale of sensitive data: Starting in 2025, new U.S. regulations will prohibit companies from selling sensitive data about Americans to countries like Russia, China, and Iran, aiming to prevent misuse of personal information for espionage and malicious activities.

• Russia to ban voice calls via messaging apps: Russia’s internet watchdog agency has announced plans to explore the possibility of banning voice calls made through instant messaging apps, citing security concerns and potential threats to national interests.

• U.S. shuts down Global Engagement Center: The U.S. State Department's Global Engagement Center, tasked with combating foreign disinformation, has been shut down after Congress failed to allocate new funding in the 2024 National Defense Authorization Act (NDAA), leaving its future uncertain.

• NoName57 launches attacks on Italian airports: NoName57, a pro-Russian hacktivist group, has initiated a wave of DDoS attacks on Milan's Malpensa and Linate airports, Italy's Ministry of Foreign Affairs, and the Turin Transport Group, claiming the assaults as retaliation against Italian "Russophobes," though airport operations remain unaffected.

• Lazarus group targets Nuclear organization: Kaspersky reports that North Korean hacker group Lazarus launched a sophisticated attack earlier this year on a nuclear organization, using a complex infection chain with new malware tools, including a downloader, loader, and backdoor, showcasing their improved persistence and delivery methods.

• Apple uses external resources for spyware analysis: Apple's iOS alerts users about potential spyware, but instead of offering direct analysis by its own security engineers, the company directs users to nonprofit Access Now for assistance and recommends activating Lockdown Mode to limit spyware exploits.

• Ohio state employees to be liable for email scams: Ohio state officials have issued a warning to employees, advising them that they may be held personally liable for falling victim to online email scams, highlighting the growing risks of cyber threats to government workers.

• Industry news: Kurrent, a provider of an event-native data platform for data analytics, application development and AI, has raised $12 million. Bureau raised $30 million. Arctic Wolf acquired Cylance for $160 million. Cisco acquired SnapAttack. OPSWAT acquired Fend Incorporated. Exostar acquired ComplyUp. Coralogix acquired Aporia.

These senior cybersecurity executive roles you may want to forward to your friends and colleagues:

• DCSA Office is looking for a Chief Information Security Officer in Quantico, VA.

• Aerodyne Industries is looking for a Chief Information Security Officer in Merritt Island, FL.

• Florida Digital Service is looking for a Associate Chief Information Security Officer in Tampa, FL.

• Spartanburg Regional Healthcare System is looking for a Chief Information Security Officer in Spartanburg, SC.

• Howard University is looking for a Chief Information Security Officer in Washington, DC.

• GuideIT is looking for a Chief Information Security Officer in Plano, TX.

Looking for a job? Hiring? Let us know.

These are virtual and live events for the cyber community you may find interesting:

Aphinia Events:

• FS-ISAC CISO Mastermind is taking place on March 9, 2025 in New Orleans, LA. Interested in attending? Sponsoring? Reach out!

=> Want to host or sponsor a CISO Mastermind around a conference you are going to? Reach out!

=> Want to host or sponsor a CISO Mastermind in your city? Reach out!

Industry Events:

• CruiseCon is taking place on Feb 8-13, 2025 at sea (!), departing Cape Canaveral, FL. Get a members-only rate (code: Aphinia10).

• FS-ISAC is taking place on Mar 9, 2025 in New Orleans, LA.

• RSAC is taking place on April 28-May 1, 2025 in San Francisco, CA.

• Identiverse is taking place on June 2, 2025 in Las Vegas, NV.

• Gartner: Security & Risk Management is taking place on Jun 8, 2025 in National Harbor, MD.

• Re:Inforce on June 15, 2025 in Philadelphia, PA.

• Black Hat is taking place on Aug 2-7, 2025 in Las Vegas, NV.

• InfoSec World is taking place on Sep 22, 2025 in Orlando, FL.

• SecTor is taking place on Oct 23, 2025 in Toronto, Canada.

• Re:Invent is taking place on Dec 2, 2025 in Las Vegas, NV.

• Gartner: Identity & Access is taking place on Dec 8, 2025 in Grapevine, TX.

• Black Hat is taking place on Dec 9, 2025 in London, UK.

Attending or hosting an event? Let us know!

Bad actors have been busy recently 📈:

• A hack at the European Space Agency's official merchandise store exposed customer payment information through a malicious script.

• A cyberattack disrupted rail and rider services in the major city, with IT officials investigating potential data theft.

• Successful cyberattack targeted General Dynamics employees, compromising 37 accounts and exposing sensitive data.

• Cyberhaven, a Palo Alto-based data loss prevention company, suffered a breach due to a successful phishing attack on a Google Chrome Store admin account.

• A Utah-based manufacturer has notified customers that their credit card data was exposed after hackers compromised a third-party application linked to its e-commerce provider.

• Massive data breach discovered by CCC, exposes personal information of 800,000 electric vehicles from Audi, VW, and Skoda.

• Thomas Cook (India) Ltd has confirmed a cyberattack on its IT systems, causing major disruptions and leading the company to shut down affected systems.

• Harley-Davidson confirmed a data breach in December 2024, compromising the personal information of approximately 66,700 customers.

• Chinese state-sponsored hackers breach the US Treasury Department, accessing unclassified documents through a Third-Party Vendor vulnerability.

• Cisco has confirmed a second 4GB data leak linked to its public-facing DevHub platform, with hacker IntelBroker claiming to have stolen sensitive data

But a handful of guys were nabbed 👮‍♀️:

• Romanian hacker sentenced to 20 years: Daniel Christian Hulea, a Netwalker ransomware affiliate, receives 20-year prison sentence and forfeits $21.5 million in assets, including luxury resort property, after funding his businesses with proceeds from cyberattacks.

• Two California men charged for NFT scam: Two California men face charges for defrauding investors of over $22 million through a series of NFT rug pulls, including high-profile projects like Vault of Gems, Faceless, and Clout Coin.

• Brazilian man charged for data extortion: US officials have charged a Brazilian man for attempting to extort a $3 million ransom from a US company by threatening to release sensitive data from its Brazilian subsidiary back in 2020.

• LockBit ransomware developer arrested in Israel: U.S. prosecutors have charged Rostislav Panev, a dual Russian-Israeli national, as a key developer in the LockBit ransomware gang; he is currently in Israeli custody awaiting extradition to the U.S.

Stay safe.

Misha Sobolev

Aphinia

***

P.S.: Are you a senior GTM executive at a cybersecurity company wanting to get your story in front of 2,000+ of cybersecurity executives? Sponsor a thought leadership section in the next issue of CISO Wire.