In this high-alert episode of CISO Guide to Cyber Resilience, hosts Debra Baker and Isabella Otero break down two massive supply chain cybersecurity threats shaking the industry:

1️⃣ A GitHub Action compromise that leaked CI/CD secrets from over 23,000 repositories, exposing AWS keys, GitHub PATs, and more.

2️⃣ A browser extension hijack that infected over 3.2 million users, turning trusted Chrome and Firefox extensions into tools for data theft and ad injection.

💥 You’ll learn:

• What went wrong with the tj-actions/changed-files GitHub Action (CVE-2025-30066)

• Immediate mitigation steps for DevSecOps teams

• The 16 compromised extensions you must remove now

• Browser hygiene best practices to avoid future attacks

🔐 Whether you're a developer, security leader, or just trying to stay safe online, this episode delivers urgent, actionable insights to help you protect your workflows and personal data.

In this episode of CISO Guide to Cyber Resilience, hosts Debra Baker and Isabella Otero dive into two critical cybersecurity developments:

1. The December 2024 U.S. Treasury Hack – A deep dive into how state-sponsored attackers exploited a Zero-Day vulnerability, the impact on government systems, and key security lessons.
2. President Biden’s January 2025 Cybersecurity Executive Order – A breakdown of new mandates for federal agencies and private-sector vendors, including zero-trust adoption, secure software requirements, and AI-driven cybersecurity advancements.

• Proactive cybersecurity measures – The Treasury breach highlights the importance of penetration testing, secure-by-design development, and continuous monitoring.
• Vendor security accountability – Strengthening third-party assessments can prevent supply chain attacks.
• Zero-trust implementation – Federal agencies and private companies must adopt phishing-resistant authentication and robust identity management.
• Future-proofing against emerging threats – Preparing for post-quantum cryptography and AI-based cyber threats.

💡 Call to Action:
Align your security strategy with NIST guidelines, improve vendor security assessments, and invest in cutting-edge cyber resilience strategies.

🎧 Listen Now: Stay ahead of the latest cybersecurity challenges and build a resilient organization!

Key Takeaways:

In this episode of The CISO Guide to Cyber Resilience, hosts Debra Baker and Isabella Otero dive into two critical cybersecurity stories making headlines. First, they uncover a sophisticated Netflix phishing scam that’s tricking users into giving away personal and financial information. Learn how to spot and avoid this scam before it’s too late.

Next, they discuss the fallout from the Stoli Group’s recent bankruptcy filing, triggered by a devastating ransomware attack and compounded by geopolitical tensions. Discover actionable insights on how businesses can protect themselves from similar threats by enhancing cyber defenses, training employees, and preparing for unexpected external risks.

Tune in for expert advice on staying informed, staying protected, and staying cyber resilient!

✅ CISO Guide to Cyber Resilience Book: https://amzn.to/3Vt1g0o

✅ Website: https://TrustedCISO.com

✅ Download the Free Roadmap: https://bit.ly/CISO-Roadmap

✅ Linktree: https://linktr.ee/debrabaker

In this episode of the CISO Guide to Cyber Resilience Podcast, hosts Debra Baker and Isabella Otero dive into a pressing cyber crisis affecting national security. Tune in as they discuss a recent breach tied to Chinese hackers targeting major U.S. telecommunications, impacting high-profile political figures and sparking concerns about the 2024 presidential election's security. From the infiltration of unencrypted communications to broader implications for congressional data, this episode unpacks the threats and underscores the urgent need for fortified digital defenses. Stay informed, vigilant, and ready for the evolving landscape of cyber resilience.

"Stay informed, stay protected, and stay cyber resilient." – Debra Baker

✅ CISO Guide to Cyber Resilience Book: https://amzn.to/3Vt1g0o

✅ Website: https://TrustedCISO.com

✅ Download the Free Roadmap: https://bit.ly/CISO-Roadmap

Note: Affiliate Link for Amazon above.

In Episode 12 of the CISO Guide to Cyber Resilience podcast, hosts Debra Baker and Isabella Otero dive deep into two headline-making data breaches: the National Public Data breach and the Ticketmaster breach. With millions of personal records compromised, these incidents highlight critical cybersecurity failures that led to significant legal and financial consequences.

Tune in as Debra and Isabella explore what went wrong, how inadequate security measures left these companies vulnerable, and the key lessons for building cyber resilience. From vendor risk management to breach response, this episode uncovers practical strategies that can help protect your organization from similar threats.

Don’t miss this crucial discussion on preventing the next big breach!

✅ CISO Guide to Cyber Resilience Book: https://amzn.to/3Vt1g0o

✅ Website: https://TrustedCISO.com

✅ Download the Free Roadmap: https://bit.ly/CISO-Roadmap

Note: Affiliate Link for Amazon above.

In this episode of CISO Guide to Cyber Resilience, we delve into two major cybersecurity threats: a payment gateway breach exposing 1.7 million credit card holders and a critical vulnerability in Apache HugeGraph-Server. Hosts Debra Baker and Isabella Otero unpack how these incidents unfolded, the lessons they offer for businesses, and the strategies you need to stay ahead of emerging cyber threats. Stay informed, stay secure, and learn how to build resilient systems in today’s volatile cyber landscape.

✅ CISO Guide to Cyber Resilience Book: https://amzn.to/3Vt1g0o

✅ Website: https://TrustedCISO.com

✅ Download the Free Roadmap: https://bit.ly/CISO-Roadmap

Note: Affiliate Link for Amazon above.

In this week’s episode of CISO Guide to Cyber Resilience, hosts Debra Baker and Isabella Otero dive into the latest cyber threat shaking up the cybersecurity world: the Voldemort malware. Disguised as harmless communications, this sophisticated malware is exploiting Google Sheets to store stolen data and communicate with infected devices. Learn how cybercriminals are targeting organizations with phishing campaigns and evading detection through everyday tools. Stay informed on how to defend your organization from this stealthy attack, and hear the expert strategies to stay one step ahead.

In our latest episode, co-hosts Debra Baker and Isabella Otero explore two major cybersecurity incidents that are making waves. We discuss the DICK'S Sporting Goods data breach and dive into the sophisticated tactics of Pioneer Kitten, an Iranian hacking group working with ransomware gangs. This is a must-listen for anyone concerned about the evolving cyber threat landscape.
#CyberResilience #CISO #DataBreach #Ransomware #Cybersecurity #Infosec #Podcast