Aphinia - Your Weekly CISO Wire

Happy New Year! I hope it is off to a good start for you!

Here’s your weekly update on comings and goings, jobs, networking opportunities and actionable insights:

These are the most recent appointments and promotions of your cybersecurity peers. Say “CONGRATS!”🥂 to:

• Gerald Beuchelt - one of our own! - was appointed as CISO at Acronis.

• Parthiv Shah - one of our own! - was appointed as CISO at Customers Bank.

• Vivek Kumar - one of our own! - was appointed as Global CISO at Alter Domus

• Amy Bogac was appointed a CISO at Baker Tilly.

• Sunil Seshadri was appointed as CSO at HealthEquity.

• Cliff Hou was appointed as CISO at TSMC.

• Bill Bowman was appointed as CISO at WCAS.

• Rebecca Harness was appointed as VP, CISO at Deltek.

• Amanda Day was appointed as CISO at US DHS.

• Debbie Janeczek was appointed as CISO at ING.

• Bruce Jenkins was appointed as CISO at Black Duck.

Appointed? Promoted? Let us know!

Aphinia is growing! Say hello, reach and connect with our new members:

• Natalia Belaya, CISO, Cloudera

• Constantine Macris, CISO, Dispel, LLC

• Faisal Ansari, CISO and CPO, Extensia, Inc.

• Ramya Varadharajan, Director - Information Security, Indiana University Health

• Robert Preta, Director of Cybersecurity, ACV Auctions

• Gary Bowen, Head of Cybersecurity, TopBuild Corp

Welcome on board!

Who in your network can benefit from Aphinia? Please send them here »

Not yet a member? Apply here »

Do you want to share your story with fellow CISOs? Book your time now: https://calendly.com/aphinia/30min

Do you want to impart your wisdom and share actionable insights? And, importantly, to further enhance your personal brand so that you would get:

• a new Advisory role

• a consulting gig

• a promotion or appointment

• a book deal

• a speaking engagement at industry conference

Our dance card is filling up fast, here’s the link to grab your time slot now: https://calendly.com/aphinia/30min

Meanwhile, check out this conversation with our returning guest Michael Piacente (Managing Partner, Hitch Partners) on the state of the CISO job market in 2025.

Full interview here»

Several important events happened that merit your attention:

• Chinese drone firm DJI eliminates automatic No-Fly zones one week before Trump's inauguration: A new DJI update enables everyday operators to fly their drones over and into airports, military bases, sensitive infrastructure, wildfires, and national no-fly zones in the United States. Hundreds of sensitive-site operators may be forced to deploy counter-drone solutions. The company currently faces the risk of a total ban in the U.S.

• Ireland and Australia fines Meta for breaches: Meta faces significant penalties this week, with Ireland imposing a €251 million fine for a 2018 breach that exposed data of 29 million Facebook users via a bug in the "View as" feature, while Australia levied an AUS$50 million fine for another security incident.

• TikTok EU reports $1 Billion loss: TikTok’s EU division faces a challenging financial outlook, reporting a $1 billion loss and earmarking an identical amount to address potential fines from ongoing regulatory investigations.

• Dutch authorities fined Netflix €4.75 Million: Dutch regulators have fined Netflix €4.75 million for failing to inform users about the use of their personal data between 2018 and 2020, with the company now in compliance after updating its privacy policy.

• China Telecom faces potential US ban: The US Commerce Department has deemed China Telecom's American division a national security threat, giving the company 30 days to respond before a potential operating ban linked to Chinese-led telco hacks.

• Russia added Recorded Future to the "Undesirable list": The Russian government has labeled Recorded Future as "undesirable," accusing the security firm of supporting anti-Russia propaganda, collaborating with Ukraine, and analyzing sensitive data on Russia’s military forces.

• Serbian security service accused of using spyware: Amnesty International claims the Serbian security service used a new Android spyware on phones of anti-government activists and journalists, deployed after police physically accessed their devices during interrogations.

• CISA releases guide on how to secure mobile devices: In response to increasing cyber risks from foreign adversaries, CISA has published a guide for government leaders, urging them to strengthen the security of their mobile devices with specific precautions and recommendations.

• Nebraska sues Change Healthcare for data breach: Nebraska's Attorney General has filed a lawsuit against Change Healthcare, blaming its inadequate security for a ransomware attack that disrupted millions of transactions, delayed patient care, and led to scammers posing as hospital representatives to steal patient credit card information.

• US considers ban on TP-Link products: The US government is exploring a potential ban on TP-Link products, citing national security risks after reports linked routers to cyberattacks targeting critical infrastructure, with investigations now underway by the Commerce, Defense, and Justice departments.

• Hacker targets YouTube creators with fake deals: A cybercriminal campaign targeting YouTube creators with fake brand collaborations has infected over 200,000 content creators since July, aiming to hijack channels and steal personal profits through malicious malware.

• Cybercriminals Exploit Google Calendar and Drawings: Check Point's latest research reveals that cybercriminals are using Google Calendar invites and Google Drawings to bypass email security systems, distributing malicious links via phishing emails that appear legitimate.

• Industry news: Mindgard, an AI security company that helps test AI models adversarial threats, has raised $8 million. Bureau, a platform that facilitates end-to-end identity verification, compliance, and fraud prevention, has raised $30 million.  Vultr, a startup that delivers secure, compliant and scalable cloud infrastructure, has raised $333 million.  Together AI acquired CodeSandbox.  Sonar acquired Tidelift. Chainalysis acquired Hexagate. Darktrace acquired Cado Security.

These senior cybersecurity executive roles you may want to forward to your friends and colleagues:

• Office of Technology and Innovation is looking for a Deputy Chief Information Security Officer in Brooklyn, NY.

• 360 SOC is looking for a Chief Information Security Officer in Phoenix, AZ.

• Arctic Slope Regional Corporation is looking for a Chief Information Security Officer in Tempe, AZ.

• Kansas State University is looking for a Chief Information Security Officer in Manhattan, KS.

• Carta is looking for a Chief Information Security Officer in San Francisco, CA.

• TD Careers is looking for a Associate VP, Chief Information Security Officer in Mount Laurel, NJ

• Meriplex is looking for a Virtual Chief Information Security Officer in Houston, TX.

Looking for a job? Hiring? Let us know.

These are virtual and live events for the cyber community you may find interesting:

Aphinia Events:

• CISOs-Founders Mastermind and dinner is taking place on February 26, 2025 in New York, NY. Interested in attending? Reach out!

• FS-ISAC CISO Mastermind is taking place on March 9, 2025 in New Orleans, LA. Interested in attending? Sponsoring? Reach out!

=> Want to host or sponsor a CISO Mastermind around a conference you are going to? Reach out!

=> Want to host or sponsor a CISO Mastermind in your city? Reach out!

Industry Events:

• CruiseCon is taking place on Feb 8-13, 2025 at sea (!), departing Cape Canaveral, FL. Get a members-only rate (code: Aphinia10).

• FS-ISAC is taking place on Mar 9, 2025 in New Orleans, LA.

• RSAC is taking place on April 28-May 1, 2025 in San Francisco, CA.

• Identiverse is taking place on June 2, 2025 in Las Vegas, NV.

• Gartner: Security & Risk Management is taking place on Jun 8, 2025 in National Harbor, MD.

• Re:Inforce on June 15, 2025 in Philadelphia, PA.

• Black Hat is taking place on Aug 2-7, 2025 in Las Vegas, NV.

• InfoSec World is taking place on Sep 22, 2025 in Orlando, FL.

• SecTor is taking place on Oct 23, 2025 in Toronto, Canada.

• Re:Invent is taking place on Dec 2, 2025 in Las Vegas, NV.

• Gartner: Identity & Access is taking place on Dec 8, 2025 in Grapevine, TX.

• Black Hat Europe is taking place on Dec 9, 2025 in London, UK.

Attending or hosting an event? Let us know!

Bad actors have been busy recently 📈:

• Valio, a leading Finnish dairy company, confirmed a cyberattack that potentially exposed the personal information of more than 5,000 individuals.

• Hacker known as KryptonZambie has demands $350K ransom for a breach of AlphaSense, a market intelligence platform.

• BeyondTrust, known for its Privileged Access Management has fallen victim to a cyberattack, raising concerns about the security of its own systems.

• A cyberattack on Texas Tech University Health Sciences Center exposed personal and medical data of 1.4 million individuals.

• A data breach involving Virtavo's Home V App exposed over 8.7 million records, compromising the personal data of around 100,000 users.

• Hackers are impersonating Ledger in phishing emails, falsely claiming a data breach and asking users to verify their recovery phrases via a fake tool.

• A new investigation reveals that LastPass users have suffered an additional $5 million in cryptocurrency theft linked to the previous data breach.

• The Clop ransomware group has claimed responsibility for a new wave of cyberattacks, exploiting vulnerabilities in Cleo Software's file transfer tools in a hacking campaign.

• Mirai malware infects session smart network systems, repurposing them into DDoS attack sources on other connected devices.

• A major security breach in McDonald's India delivery system has compromised the personal information of customers and drivers, caused by security flaws.

• Hacker intelBroker has released a portion of data stolen from a Cisco DevHub instance, alleging it represents only a fraction of the total files compromised in the breach.

  But a handful of guys were nabbed 👮‍♀️:

• Ukrainian man sentenced to selling malware: Mark Sokolovsky, the creator of the notorious Racoon Stealer malware, has been sentenced to five years in prison after his arrest in the Netherlands in 2022 and the subsequent shutdown of the cybercrime operation.

• Cybersecurity expert received 2 years sentence: Florent Curtet, a cybersecurity expert, received a two-year suspended sentence and a €13,000 fine for acting as a negotiator for the Everest ransomware group in a 2021 attack on a French company.

• Hacker sentenced to 69 Months for Theft: Vitalii Antonenko, convicted of using SQL injection attacks to steal and sell credit card data from online sites, has been sentenced to 69 months in prison for his cybercrime activities.

• Nigerian authorities arrest 792 for cyber scam: Nigerian authorities arrested 792 suspects in Lagos, including 148 Chinese and 40 Filipinos, during a raid on a seven-story building linked to a massive online scam ring, where low-level operatives initiated romantic chats with victims before passing them off to international scammers.

Stay safe.

Misha Sobolev

Aphinia

***

P.S.: Are you a senior GTM executive at a cybersecurity company wanting to get your story in front of 2,000+ of cybersecurity executives? Sponsor a thought leadership section in the next issue of CISO Wire.