Aphinia - Your Weekly CISO Wire

Here’s your weekly update on comings and goings, jobs, networking opportunities and actionable insights:

These are the most recent appointments and promotions of your cybersecurity peers. Say “CONGRATS!”🥂 to:

• Steve Frank was appointed as CISO at KPMG.

• Ian Thornton-Trump was appointed as CISO at Inversion6.

• Kristie Pfosi was appointed Global CISO at Marelli.

• Scott Swartzentruber was appointed as CISO at Western Carolina University.

• Jeff Torrance was appointed as AVP of Virtual CISO at Compass IT Compliance.

• Brett Tarr was appointed as CISO at Expleo Group.

• Vidya Vijayawada was appointed as CISO at Beamery.

• James Church was appointed as CISO at Kent County Council.

Appointed? Promoted? Let us know!

Aphinia is growing! Say hello, reach and connect with our new members:

• Travis Nichols, Director of Information Security, Shelter Insurance

• John Terrill, CISO, Phosphorus Cybersecurity

• Bhargava Gorty, Senior Director Application Security, Columbia University

• Remington Winter, VP, Head of information Security, Ghostgroup Management

• John Remo, SVP, Global Infrastructure & Cybersecurity, Warner Music Group

• Kristen Beneduce, Deputy CISO, Nextdoor

• Ronald Johnson, Head of Information Security, Karat

• Anne Coulombe, CISO, Investics Analytics

• Rohit Shirwadkar, Head of Security Strategy, Equinix

• Kevin Chang, Director of Technology Governance, Oscar Health

• Erik Bataller, Director, Cybersecurity, M&T Bank

• Venkat Rapaka, Senior Drirector, Cybersecurity Engineering, Freddie Mac

• Badarinarayan Kalagi, Head of Security, Vagaro

• Gourav Nagar, Director - Information Security, BILL.com

Welcome on board!

Who in your network can benefit from Aphinia? Please send them here »

Not yet a member? Apply here »

Do you want to share your story with fellow CISOs? Book your time now: https://calendly.com/aphinia/30min

Do you want to impart your wisdom and share actionable insights? And, importantly, to further enhance your personal brand so that you would get:

• a new Advisory role

• a consulting gig

• a promotion or appointment

• a book deal

• a speaking engagement at industry conference

Our dance card is filling up fast, here’s the link to grab your time slot now: https://calendly.com/aphinia/30min

Meanwhile, check out this conversation with our recent guests Abdeslam Mazouz (CISO, City of Minneapolis) about all things cybersecurity.

Full interview here»

Several important events happened that merit your attention:

• Turkey fines Twitch $58,000 for data leak: Turkey's Personal Data Protection Board fined Twitch $58,000 for inadequate security measures and failure to report a 125 GB data breach affecting over 35,000 individuals.

• EU orders Apple to end geo-blocking users: The EU consumer protection agency has instructed Apple to stop geo-blocking users based on country of origin, citing violations of the DSA and DMA laws that mandate equal treatment for all EU users.

• CISOs turn to indemnity insurance as breaches increase: As breach risks grow and boardroom scrutiny intensifies, 72% of CISOs now rely on personal indemnity insurance, with 61% of organizations reporting breaches from ineffective controls; however, only 55% feel confident in their board’s security data, prompting concerns about individual accountability in the wake of high-profile incidents.

• Phone House fined €6.5 Million for data breach: Spain’s data protection agency has fined Phone House €6.5 million after the 2021 Babuk ransomware attack exposed 13 million customers' personal data, citing the company’s failure to anonymize and securely store information.

• Google joins AWS and Microsoft in issuing CVEs for cloud: Google will now issue CVE identifiers for critical vulnerabilities reported in Google Cloud, even if no customer action is required, following the lead of AWS and Microsoft in enhancing cloud security transparency.

• O2’s “Daisy Granny” AI Outsmarts Scammers: O2 has developed an AI system called Daisy Granny that mimics an elderly woman to trap phone scammers, keeping them engaged for extended periods of over 40 minutes and helping to prevent fraud.

• ZIP concatenation technique used to bypass security tools: Threat actors are using ZIP concatenation, a technique that merges multiple archives into one, to evade security tools, which often fail to scan smaller nested archives, allowing malware to bypass detection.

• Russia considers fixed rewards system for bug bounties: The Russian government is exploring a fixed rewards system for bug bounty programs, offering researchers between $300 and $10,000 for identifying vulnerabilities in critical infrastructure and government agencies.

• Ransomware groups target cloud services for data theft: Ransomware groups are increasingly exploiting cloud platforms such as Amazon S3 and Microsoft Azure Blob Storage, using misconfigurations and stolen credentials to steal data, with attackers leveraging tactics like deleting encryption keys and creating encrypted snapshots to disrupt access.

• Swiss cybersecurity agency warns of postal malware attack: Switzerland's Federal Office for Cybersecurity (OFCS) has issued a warning about fake letters sent via postal mail, masquerading as communications from MeteoSwiss, which contain QR codes that lead to the download of stealer malware 'Coper' and 'Octo2' targeting login credentials for over 383 mobile apps, including e-banking apps.

• NordPass reveals 200 most common passwords: NordPass has released its sixth annual report on the 200 most common passwords, revealing that despite years of warnings, users still rely on weak passwords like "123456," "qwerty," and "password," all of which can be cracked in seconds, putting both personal and corporate data at significant risk.

• UK police warn of scam texts posing as government agencies: UK authorities have issued a warning about a surge in scam texts targeting British residents, where fraudsters impersonate government agencies and lure victims to malicious sites, promising new heating subsidies after cuts to pensioners' winter support.

• Industry news: Chaos Industries, a technology company building the next generation of defense and critical industry technologies, has raised $145 million. Prelude, a Paris-based startup providing fraud resistant SMS verification solutions, has raised $8 million. SurePath AI, a SaaS platform that assists organizations in adopting and governing generative AI usage across their teams, has raised $5.2 million. Conflixis, a Texas-based data and risk intelligence company, has raised $4.2 million. Bitsight acquired Cybersixgill. Snyk acquired Probely.

These senior cybersecurity executive roles you may want to forward to your friends and colleagues:

• From Aphinia community! - Technical Integrity is looking for a VP, Security and Privacy in Boulder, CO.

• The South Dakota state government is looking for a Chief Information Security Officer in Sioux Falls, SD.

• DOT Security is looking for a Virtual Chief Information Security Officer (remote).

• County of Mono is looking for a Chief Information Security Officer in Bridgeport, CA.

• DataVisor is looking for a Chief Information Security Officer in Mountain View, CA.

• Yoh is looking for a  Chief Information Security Officer in Houston, TX.

• Texas Health and Human Services is looking for a Chief Information Security Officer in Austin, TX.

• Valley Bank is looking for a Deputy Chief Information Security Officer in New York, NY.

• Black & Veatch Corporation is looking for a Deputy Chief Information Security Officer in Overland Park, KS.

• Rakuten Rewards is looking for a Chief Information Security Officer in San Mateo, CA.

Looking for a job? Hiring? Let us know.

These are virtual and live events for the cyber community you may find interesting:

Aphinia Events:

Thank you everyone who attended our session with Michael Piacente (Managing Partner, Hitch Partners) ! It was most amazing.

If you missed it, we will be posting a recording on our Youtube channel soon.

We are in the midst of finalizing the 2025 calendar of events, virtual and live, for Aphinia members. Stay tuned, we will be posting it soon!

Industry Events:

• Gartner: Identity & Access Management Summit is taking place on Dec 9-11, 2024 in Grapevine, TX.

• BlackHat Europe is taking place on December 9-12, 2024 in London, UK.

• RSAC is taking place on April 28-May 1, 2025 in San Francisco, CA.

• Black Hat is taking place on Aug 2-7, 2025 in Las Vegas, NV.

Attending or hosting an event? Let us know!

Bad actors have been busy recently 📈:

• An estimate of $4.8 Million worth of crypto assets stolen in flash loan attack on DeltaPrime crypto brokerage.

• Over $25 Million worth of crypto assets was stolen from Thala deFi platform but the funds were returned after $300,000 bounty payment.

• A notorious dark web marketplace has reportedly listed the credit card details of over 670,000 Israeli citizens for sale.

• Hacker leaks over 800,000 personal records including emails and sensitive data gotten from Mr Tips.

• A hacker on the dark web leaks the personal information of 200,000 customers from Colicom shipping service.

• A massive data breach has emerged, leaking 140 million usernames and passwords on the dark web.

• Hackers have leaked 900 million login credentials, including URLs, usernames, and passwords, reportedly extracted from cloud services and Telegram.

• One of the world's largest retailers, Ahold Delhaize's US operations was disrupted by a cybersecurity incident, taking its online stores offline. 

• Embargo ransomware group targets American associated pharmacies, stealing 1.4 terabytes of data and demanding $2.6 Million.

• Alltech Consulting, an IT and engineering recruitment firm, suffered a data breach exposing the personal information of more than 216,000 job seekers.

• The Library of Congress confirms security breach where a foreign adversary accessed email communications between congressional offices and library staff.

• Set Forth, Inc. has revealed a data breach affecting sensitive personal information of 1.5 million consumers.

But a handful of guys were nabbed 👮‍♀️:

• 215 individuals arrested for $230 million crypto scam: South Korean officials have arrested 215 individuals involved in a pump-and-dump crypto scheme, defrauding investors of nearly $230 million, with the group's YouTube-promoting leader extradited from Australia.

• Indiana trio charged in $1.5 million SIM-swapping scheme: US authorities have charged three Indiana residents for orchestrating SIM-swapping attacks, hijacking accounts, stealing funds, and demanding ransom for profile restoration.

• Idaho hacker sentenced to 10 years for cyberattacks: A US judge sentenced Idaho man Robert Purbeck to 10 years in prison for hacking the city of Newnan, a Georgia medical clinic, and attempting to extort a Florida orthodontist, also ordering him to pay over $1 million in restitution.

• Crypto scammer pleads guilty to laundering $73 Million: Daren Li has pleaded guilty to laundering over $73 million from cryptocurrency investment scams, using shell companies and international bank accounts, and now faces up to 20 years in prison.

Stay safe.

Misha Sobolev

Aphinia

***

P.S.: Are you a senior GTM executive at a cybersecurity company wanting to get your story in front of 2,000+ of cybersecurity executives? Sponsor a thought leadership section in the next issue of CISO Wire.