Aphinia - Your Weekly CISO Wire

Here’s your weekly update on comings and goings, jobs, networking opportunities and actionable insights:

These are the most recent appointments and promotions of your cybersecurity peers. Say “CONGRATS!”🥂 to:

• Michael Hyndman was appointed as CISO at Qoria. 

• Alan Nugent was appointed as CISO at Acquia.

• Sean Duca was appointed as CISO at Cisco.

• Nam Tran was appointed as CISO at Merchants Bonding Company. 

• Andrew Thayil was appointed as CISO at Forvis Mazars US.

• Daniel Johnson was appointed as CISO at Prosperity Bank.

• Vikrant Arora was appointed as CISO at Burlington Stores, Inc.

• Mike Sullivan was appointed as Cloud CISO at Google. 

• Michael Schofield was appointed as CISO at Argo Group.

• Bill Murray was appointed as CISO at Wisconsin Legislative Audit Bureau.

• Darren Guarino was appointed as CISO at Parx Casino.

• Gared Chastain was appointed as CISO at Raytheon.

• Julie Cornwel was appointed as CISO at Indiana State University. 

• Jason Laufenburg was appointed as CISO at HealthTech Solutions.

Appointed? Promoted? Let us know!

Aphinia is growing! Say hello, reach and connect with our new members:

• David Tyburski, CISO, Wynn Resorts

• Rich Ronston, CISO, ConstructConnect

• Matt Palguta, Cybersecurity Director, Bering Straits Native Corporation

• Sam Christner, Director Cyber Security, Adtalem Global Education

• Oz Bogovac, Director of CyberSecurity Operations and Architecture, Generac

• Mathias Hoelzli, Director, Cyber Security, Capital One

• Rajesh Nanwani, Director, Information Security, Roush

• Samir Sanghani, Director, Information Security, Coverys

Welcome on board!

Who in your network can benefit from Aphinia? Please send them here »

Not yet a member? Apply here »

Do you want to share your story with fellow CISOs? Book your time now: https://calendly.com/aphinia/30min

Do you want to impart your wisdom and share actionable insights? And, importantly, to further enhance your personal brand so that you would get:

• a new Advisory role

• a consulting gig

• a promotion or appointment

• a book deal

• a speaking engagement at industry conference

Our dance card is filling up fast, here’s the link to grab your time slot now: https://calendly.com/aphinia/30min

Meanwhile, check out our wide ranging conversation with our returning guest Michael Piacente (Managing Partner, Hitch Partners) on career advice for CISOs starting the job search.

Top Takeaways:

1. Know your resume and Linkedin profile. Be ready with a narrative and a story when asked specific questions around them.

2. Have stories ready to go (challenge=> your actions=> outcome=> takeaways) to demonstrate your key strengths.

3. Understand your own brand: be the top 1% specialist in one (or a handful) field rather than the jack of all trades.

4. Due diligence the company you are interviewing - go through SEC filings, news, press releases, Glassdoor updates, etc.

5. Get the salary and full comp question out the way early to avoid disappointment and wasted time down the line.

Full interview here»

Several important events happened that merit your attention:

• Microsoft budges on Windows Recall: Microsoft has cracked under the public's pressure and is rolling out changes to its upcoming Windows 11 Recall feature. The company says Recall will ship disabled by default for all upcoming Windows 11 compatible systems.

• DJI grounds data sync in US amid Senate scrutiny: DJI is disabling flight data syncing for US drones starting June 12. The was caused by the US Senate's discussion of the Countering CCP Drones Act, which aims to restrict Chinese-made drone use on national security grounds.

• Russian hackers prompt Denmark to raise cyber threat level: Denmark's cybersecurity agency escalated the nation's cyber threat level from low to middle due to mounting threats from Russian hackers.

• FCC's $200 million cyber boost for schools: The FCC has allocated $200 million for cybersecurity services and products for K-12 schools. This is a significant expansion of the E-Rate program, which previously only covered internet subscriptions and networking devices.

• GitHub repositories under attack: A threat actor known as GitLocker has been wiping GitHub repositories and demanding ransoms. BleepingComputer reveals that nearly 50 GitHub repositories now feature ransomware demands in their README files, highlighting a growing security concern for developers.

• Copy-paste chaos as spear-phishing scheme revealed: South Korean security firm AhnLab has discovered a new spear-phishing campaign targeting users by asking them to copy and paste malicious PowerShell commands into their Windows Run prompt. This technique is designed to bypass security defenses, posing a significant threat to unprepared users.

• Cybercriminals use MS Excel to launch malware in Ukraine: Cybercriminals have launched a sophisticated cyber attack in Ukraine, using an MS Excel macro to deploy Cobalt Strike and gain control of compromised hosts.

• UK and Canada team up to probe 23andMe data breach: The Privacy Commissioner of Canada and the UK's Information Commissioner's Office have launched a joint investigation into the significant data breach at genetic information company 23andMe.

• Massive security scandal rocks VSCode Marketplace: A group of Israeli security researchers exposed glaring security flaws in Microsoft’s Visual Studio Code Marketplace. The researchers discovered over 1200 malicious extensions installed 229 million times, impacting a large public company, major security firms, and a national justice court network.

• Union scammed out of millions in email heist: The U.S. government has launched a civil forfeiture action to reclaim over $5.3 million stolen from a Massachusetts workers' union in a BEC scam. The funds were traced to JPMorgan Chase and Texas Bank and Trust and has been seized.

• Industry News: XONA raised $18 million. SpyCloud raised $35 million. Seven AI raised $36 million. FusionAuth raised $65 million. Cyberhaven raised $88 million. Fortinet acquired Lacework. Tenable acquired Eureka.

These senior cybersecurity executive roles you may want to forward to your friends and colleagues:

• Veeva Systems is looking for a Chief Information Security Officer in Boston, MA.

• City of Alexandria is looking for a Chief Information Security Officer in Alexandria, VA.

• Caterpillar is looking for a Chief Information Security Officer in Nashville, TN.

• Southern Methodist University is looking for a Chief Information Security Officer in Dallas, TX.

• Penn State University is looking for a  Chief Information Security Officer in University Park, PA.

• Advanced Diagnostic Group is looking for a Chief Information Security Officer in  Florida.

• Bi-State Development is looking for a Chief Information Security Officer in St. Louis, MO.

• World Bank Group is looking for a Director and Chief Information Security Officer in Washington, DC.

• Elite Radiology of Georgia is looking for a Chief Information Security Officer in Florida.

• University of Delaware is looking for a  Chief Information Security Officer in Newark, DE.

• Enterprise Bank is looking for a Chief Information Security Officer in  Lowell, MA.

• Park Place Technologies is looking for a Chief Information Security Officer in Cleveland, OH.

Looking for a job? Hiring? Let us know.

These are virtual and live events for the cyber community you may find interesting:

Aphinia Events:

• Aphinia CISO Dinner: Las Vegas, NV on August 5, 2024. We have 1 spot left, apply here»:

• Aphinia CISO Dinner: Boston, MA on Sep 17, 2024. Want to attend or sponsor?

• Aphinia CISO Dinner: New York, NY on Sep 18, 2024. Want to attend or sponsor?

• Aphinia CISO Dinner: Washington, DC on Oct 23, 2024. Want to attend or sponsor?

Want to host or sponsor a CISO Mastermind or a CISO Dinner in your city? Contact us here»

Industry Events:

• Cyber Security Tribe is hosting virtual roundtable on June 18, 2pm ET => Monitoring Data-in-Use: A Key to Preventing Data Breaches

• 3 Tree Tech is hosting Stealth Security Experience on June 18, 2024 in Chicago, IL. Where are own Aphinia members Shefali Mookencherry and Rick Doten are speaking.

• BlackHat is taking place on August 6-11, 2024 in Las Vegas, NV.

  • Aphinia CISO Dinner: August 5, 2024. We have 1 spot left, apply here»:

  • Friends of Aphinia: CISO Society: cocktail reception on August 7, 2024. Sign up here»

• Evanta Global CISO Executive Summit is taking place on September 16-18, 2024 in San Diego, CA.

• InfoSec World is taking place on September 23-25, 2024 in Lake Buena Vista, FL.

Attending or hosting an event? Let us know!

Bad guys have been busy recently 📈:

• An internal Google database leak reveals thousands of privacy and security incidents reported by employees between 2013 and 2018, exposing the tech giant's hidden vulnerabilities.

• Email marketing giant GetResponse was hit by a security breach after hackers gained access to an employee account.

• Loan comparison site LendingTree has confirmed that its QuoteWizard subsidiary had sensitive data stolen from its Snowflake account.

• Pro-Kremlin "hacktivists" allegedly launched DDoS attacks on Dutch political party websites, stirring up controversy just before the EU Parliament elections.

• CEPOL, the EU Agency for Law Enforcement Training, was reportedly hit by a cyberattack.

• Privacy advocate Maia Arson Crimew reveals that a threat actor has hacked and dumped mSpy's helpdesk.

• A massive cyberattack paralyzed payment systems in more than 1,000 Verny stores across Russia.

• A ransomware attack at Synnovis has thrown three London hospitals into chaos, leading to canceled surgeries and diverted emergency patients.

• Hackers have infiltrated Disney's Confluence server, stealing sensitive data from the now-defunct ClubPenguin game.

• Threat actors have stolen 3TB of data, including sensitive customer and company information, from Advance Auto Parts' Snowflake account.

• Australian mining giant Northern Minerals was hit by a ransomware attack exposing sensitive operational, financial, and personal data, along with corporate email archives.

• A massive 361 million stolen email credentials from Telegram cybercrime channels have been added to Have I Been Pwned.

But a handful of guys were nabbed 👮‍♀️:

• Smishing duo busted with DIY antenna: London Police arrested two suspects accused of using a homemade mobile antenna to send thousands of smishing messages. The suspects impersonated UK banks and other organizations, and evaded telecom security systems designed to prevent SMS spam.

• Ex-data execs arrested for selling Americans’ info: Two former executives of Epsilon Data Management, Robert Reger and David Lytle, were found guilty of selling personal data from 100 million US households to fraud groups.

• Suspected Conti hacker nabbed in Kyiv: Dutch and Ukrainian authorities have detained a 28-year-old Kyiv resident for launching Conti ransomware attacks. Suspected of ransoming a Dutch multinational in 2021, the arrest in April was part of Europol's Operation Endgame.

• Epsilon teen hacker caught in malware rental scandal: French authorities have detained a 16-year-old Epsilon member, known as ChatNoir and Cap, for operating a malware rental business. This teen was involved in the notorious breach of Altice, a French multinational, earlier this year.

Stay safe.

Misha Sobolev

Aphinia

***

P.S.: Are you a senior GTM executive at a cybersecurity company wanting to get your story in front of 1,000s of cybersecurity executives? Sponsor a thought leadership section in the next issue of CISO Wire.