Aphinia - Your Weekly CISO Wire

Here’s your weekly update on comings and goings, jobs, networking opportunities and actionable insights:

These are the most recent appointments and promotions of your cybersecurity peers. Say “CONGRATS!”🥂 to:

• James Scobey was appointed as CISO at Keeper Security.

• Dane Stuckey was appointed as Co-CISO at OpenAI.

• Randolph Barr was appointed as CISO at Cequence Security.

• Andrea Simpson was appointed as VP CISO at IDEMIA North America.

• Tim Richardson was appointed as CISO at Linktree.

• Shane Anglin was appointed as CISO at Step Up For Students.

• Kevin Morrison was appointed as Deputy CISO at Unum.

• Michael J. Levin was appointed as CISO at Solera Health.

• Mark Annati was appointed as CISO at the Commonwealth of Massachusetts.

• Don Turrentine was appointed as CISO at  Cat Financial.

Appointed? Promoted? Let us know!

Aphinia is growing! Say hello, reach and connect with our new members:

• Badarinarayan Kalagi, Head of Security, Vagaro

• Erik Bataller, Director, Cybersecurity, M&T Bank

• Gourav Nagar, Director - Information Security, BILL.com

• Justin Clarke-Salt, BISO for Asset and Wealth Management, J.P. Morgan Chase

• Mickey Sharma, Deputy CISO/Director, Cyber Security, LFG

• Prakash Kalaiah, Head of security, Enphase Energy

• Raman Ranganathan, VP/Incoming CIO - IT and CyberSecurity, A Duie Pyle

• Venkat Rapaka, Senior Drirector, Cybersecurity Engineering, Freddie Mac

• Ward Balcerzak, Director of Data Security and Insider Risk, Fidelity National

Welcome on board!

Who in your network can benefit from Aphinia? Please send them here »

Not yet a member? Apply here »

Do you want to share your story with fellow CISOs? Book your time now: https://calendly.com/aphinia/30min

Do you want to impart your wisdom and share actionable insights? And, importantly, to further enhance your personal brand so that you would get:

• a new Advisory role

• a consulting gig

• a promotion or appointment

• a book deal

• a speaking engagement at industry conference

Our dance card is filling up fast, here’s the link to grab your time slot now: https://calendly.com/aphinia/30min

Meanwhile, check out this conversation with our recent guests Marina Segal (Founder, Tamnoon), Sivan Tehila (Founder, Onyxia) and Lee Kappon (Founder, Suridata) about their unique startups and the founder journey..

Full interview here»

Several important events happened that merit your attention:

• U.S. Defense Department seeks advanced AI deepfake technology for covert operations: The U.S. Defense Department is seeking to acquire AI deepfake technology capable of creating convincing online personas through images, videos, and audio, which must evade detection by social media algorithms and pass identity checks for use by the Joint Special Operations Command (JSOC).

• UK goes full pre-cog. UK launches “Prevent” program to identify and engage individuals who are “at risk of becoming terrorists”.

• Twitter's new terms allow the use of user data for AI training without consent: Twitter has updated its terms of service to grant itself the right to use any content posted on the platform for AI training purposes, effective November 15, regardless of user consent.

• Pig butchering scams are going high tech: Scammers in Southeast Asia are increasingly turning to AI, deepfakes, and dangerous malware in a way that makes their pig butchering operations even more convincing.

• Telegram shuts down over 50 deepfake bots used to "Nudify" images: Telegram has removed more than 50 deepfake bots, used by over 4 million users to "nudify" images and videos after a WIRED investigation revealed the paid services, some with over 400,000 followers each, operating undisturbed for years.

• Russian firm develops tool to identify Telegram channels with prohibited content: A Russian company has developed a tool for the government to search and identify Telegram channels containing "prohibited materials," aimed at detecting those used for recruiting citizens for sabotage and identifying automated bots involved in similar activities.

• Microsoft deploys Azure tenant honeypots to combat phishing and gather intelligence: Microsoft is proactively combating phishing by creating realistic Azure tenant honeypots that mimic legitimate activity, allowing the company to gather intelligence on attackers' methods; by providing credentials to about 5% of the 25,000 phishing sites it tracks daily. Microsoft gains insights into attackers' behaviours and techniques, disrupting their activities for up to 30 days.

• Cybercriminals outsmart Google’s red page warnings with dark web anti-bot services: Cybercriminals are using anti-bot services available on the Dark Web to bypass Google Chrome's "Red Page" warnings for phishing sites, undermining the effectiveness of Google's security measures; researchers advise investing in real-time threat detection across various platforms as a more reliable defense.

• Russia-linked hackers target Ukrainian conscripts with malware via Telegram phishing scam: Russian-linked hackers are using a Telegram bot to trick Ukrainian conscripts into downloading a malware-infected app, disguised as a government data update tool, that steals personal information and browser credentials through MeduzaStealer malware, according to Ukraine's CERT.

• Finnish and Swedish authorities shut down Sipulitie dark web marketplace, seizing servers: Authorities in Finland and Sweden have seized the servers of the Sipulitie dark web marketplace, which launched in February 2023 for anonymous narcotics sales in Scandinavia; the site's admin is also linked to two defunct marketplaces, Sipulimarket and Tsätti, and is believed to have profited millions of euros from these operations.

• Microsoft faces major setback after losing weeks of critical cloud security logs: Microsoft has lost several weeks of essential cloud security logs due to a bug in its internal monitoring agent during a recent fix rollout, affecting services like Azure Logic Apps and Microsoft Sentinel, and leaving some data irretrievable, which hinders security alerts and threat analysis.

• Industry news:  DeNexus, a leader in end-to-end cyber risk management for operational technology (OT), has raised $17.5 million. Inforcer,  a company that helps MSPs & MSSPs to automate Microsoft 365 security across multiple tenants, has raised $19 million. Stoïk, a company that gives insurance brokers the means to support their clients in the face of cyber-attacks, has raised $27 million. Stream Security raised $30 million. Cyera acquired Trail Security. Netskope acquired Dasera.

These senior cybersecurity executive roles you may want to forward to your friends and colleagues:

• UNC Charlotte is looking for a Chief Information Security Officer in Charlotte, NC.

• Southern Methodist University is looking for a Chief Information Security Officer in Dallas, TX.

• Blue Cross Blue Shield of Massachusetts is looking for a VP Chief Information Security Officer in Boston, MA.

• Sempra Infrastructure is looking for a  Chief Information Security Officer in Houston, TX.

• Baker Hill is looking for a Chief Information Security Officer in Carmel, IN.

• Apixio is looking for a Chief Information Security Officer (remote).

• Ascend Technologies is looking for a Virtual Chief Information Security Officer (remote).

• Zscaler is looking for a Chief Information Security Officer (remote).

Looking for a job? Hiring? Let us know.

Our recent CISO Mastermind Dinners were amazing! It was such a pleasure to see Aphinia members in person. Thank you everyone how attended. If you would like to attend or host a CISO Mastermind Dinner in a particular city or around a specific event, contact us.

These are virtual and live events for the cyber community you may find interesting:

Aphinia Events:

• Aphinia 2025 RSAC CISO Mastermind Dinner: San Francisco, CA on April 27, 2025. Want to attend or sponsor?

Want to host or sponsor a CISO Mastermind or a CISO Dinner in your city? Contact us here»

Industry Events:

• Sector is taking place on Oct 22-24, 2024 in Toronto, Canada.

• Gartner: Identity & Access Management Summit is taking place on Dec 9-11, 2024 in Grapevine, TX.

• BlackHat Europe is taking place on December 9-12, 2024 in London, UK.

• RSAC is taking place on April 28-May 1, 2025 in San Francisco, CA.

• Black Hat is taking place on Aug 2-7, 2025 in Las Vegas, NV.

Attending or hosting an event? Let us know!

Bad actors have been busy recently 📈:

• Radiant Capital has suffered a significant security breach, resulting in the theft of around $50 million.

• Japanese electric motor manufacturer Nidec has confirmed a ransomware attack on its Vietnam subsidiary that compromised over 50,000 internal documents,

• The Internet Archive confirmed a third security breach on October 20, where hackers exploited unrotated Zendesk API tokens to infiltrate the platform.

• Transak, a crypto payment services provider, has reported a cyberattack affecting more than 92,000 users, from a compromised employee's laptop.

• Boston Children’s Health Physicians (BCHP) had a major data breach, affecting sensitive information of patients, staff, and guarantors, from an IT vendor’s systems.

• Over 120 accounts of individuals have been affected by the recent cyber-fraud at the University of California's retirement savings program.

• Ambient finance frontend hacked, users warned against interacting amid malware attack but customers’ funds remain safe.

• A cyberattack targets Moldova's parliamentary email servers ahead of key elections and referendum on joining the European Union.

• Cisco has taken its public DevHub portal offline following a leak of "non-public" data by a threat actor, although the company asserts there is no evidence of a breach in its systems.

• Insurance giant Globe Life has revealed that an unidentified threat actor sought to extort the company by demanding payment to prevent the publication of data stolen from its systems earlier this year.

But a handful of them were nabbed 👮‍♀️:

• An elaborate social engineering scam drained $230 million worth of crypto from a single investor: Two young men accused of swindling a Washington, D.C., resident out of $230 million in bitcoin went on a spending spree, buying exotic cars and a $2 million watch and renting mansions, prosecutors said.

• Brazilian police detain notorious hacker known as USDoD for global cyberattacks: Brazilian authorities have arrested a suspect known online as USDoD, believed to be responsible for hacking and leaking data from various organizations worldwide, including the FBI InfraGard system and the US EPA, with reports suggesting the individual may be 33-year-old Luan B.G. from Minas Gerais.

• Russian “Queen of crypto” detained: Valeria Fedyakina, 24 was detained for allegedly stealing $22 million from crypto investors to fund the Ukrainian army.

• Data center CEO charged for falsifying security certifications to secure $10M SEC contract: US authorities have charged Deepak Jain, CEO of AiNET, for fabricating a fake auditing company to falsify security certifications, enabling his data centre business to win a $10 million SEC contract over six years; Jain faces up to 10 years in prison.

• Alabama man arrested for hacking SEC Twitter account, triggering volatile Bitcoin price surge: US authorities have arrested Eric Council Jr. from Alabama for hacking the SEC's Twitter account via SIM swapping to post a fake announcement in January, which initially spiked Bitcoin prices by $1,000 before causing a $2,000 drop when the tweet was revealed as false.

Stay safe.

Misha Sobolev

Aphinia

***

P.S.: Are you a senior GTM executive at a cybersecurity company wanting to get your story in front of 2,000+ of cybersecurity executives? Sponsor a thought leadership section in the next issue of CISO Wire.