The guys are asked regularly, "How can vendor risk management be quicker and easier?" After all, the process can be quite time-consuming. Others ask, "How do we answer these giant questionnaires from our clients without making ourselves look bad?"  This week, the guys share tips to help organizations both manage vendor risk and present themselves in the best possible way when asked about their own cybersecurity. Regardless of whether you are the vendor under scrutiny or you are evaluating the security of your vendors, this episode is for you.

Headlines

Apple emergency update fixes new zero-day used to hack iPhones

Atlassian patches critical Confluence zero-day exploited in attacks

Cisco fixes hard-coded root credentials in Emergency Responder

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

BunnyLoader, a new malware-as-a-service, advertised in cybercrime forums

Fake Red Cross blood drive info lures phishing victims

Sony confirms data breach impacting thousands in the U.S.

ShellTorch flaws expose AI servers to code execution attacks

Ransomware attack on Johnson Controls may have exposed sensitive DHS data

Chipmaker Qualcomm warns of three actively exploited zero-days

BlackTech gang hacks Cisco firmware in attacks on multinational corporations