The guys are asked regularly, "How can vendor risk management be quicker and easier?" After all, the process can be quite time-consuming. Others ask, "How do we answer these giant questionnaires from our clients without making ourselves look bad?" This week, the guys share tips to help organizations both manage vendor risk and present themselves in the best possible way when asked about their own cybersecurity. Regardless of whether you are the vendor under scrutiny or you are evaluating the security of your vendors, this episode is for you.
Headlines
Apple emergency update fixes new zero-day used to hack iPhones
Atlassian patches critical Confluence zero-day exploited in attacks
Cisco fixes hard-coded root credentials in Emergency Responder
Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform
BunnyLoader, a new malware-as-a-service, advertised in cybercrime forums
Fake Red Cross blood drive info lures phishing victims
Sony confirms data breach impacting thousands in the U.S.
ShellTorch flaws expose AI servers to code execution attacks
Ransomware attack on Johnson Controls may have exposed sensitive DHS data
Chipmaker Qualcomm warns of three actively exploited zero-days
BlackTech gang hacks Cisco firmware in attacks on multinational corporations
