Bölümler
-
Cybersecurity Year in Review: Future Challenges and Industry Insights
Join host Jim Love and a panel of cybersecurity experts—Terry Cutler from Cyology Labs, David Shipley from Beauceron Security, and Laura Payne of White Tuque—as they review the key cybersecurity events of the past year. Topics discussed include the increasing cyber threats to universities, healthcare systems, and critical infrastructure; the importance of proper cybersecurity measures and employee training; the complexities of adopting quantum-safe encryption protocols; and the impact of AI and shadow IT on cybersecurity. The panel concludes with actionable advice for improving organizational cybersecurity posture in the coming year.
00:00 🎄 The 12 Days of Cyber Christmas 🎄
00:29 🔍 Year in Review: Cybersecurity Highlights
00:40 👥 Meet the Expert Panel
01:19 🏫 University Cyber Attacks: A Growing Concern
02:25 🔒 Penetration Testing vs. Vulnerability Scanning
03:09 🛡️ Persistent Threats and Active Directory Issues
06:28 💡 Strategies for Cybersecurity in Universities
07:34 💰 Funding and Legislation for Cybersecurity
13:52 🛠️ Practical Steps for Cybersecurity on a Budget
18:36 🔐 Quantum Readiness and Future Challenges
25:11 Quantum Computing: The Reality and Risks
25:53 Human Ingenuity and Risk Management
26:29 The Future of Cybersecurity: Q Day and Certificate Rotations
28:02 Major Cybersecurity Incidents of the Year
29:41 The Rise of Ransomware and Supply Chain Attacks
35:35 AI in Cybersecurity: Opportunities and Challenges
38:49 Critical Infrastructure Vulnerabilities
47:09 Year-End Reflections and Looking Forward -
Cybersecurity Today: LastPass Hack Fallout, TP-Link Router Ban, and Microsoft's Passwordless Future
In our final daily news show of the season, host Jim Love covers key cybersecurity stories, including millions stolen from crypto wallets linked to the 2022 LastPass breach, potential US ban on TP-Link routers over national security concerns, and Microsoft's push for a passwordless future with passkeys. Don't miss our weekend wrap-up with the cybersecurity panel and special holiday content. Stay tuned for new episodes starting January 6th. Happy holidays!
00:00 Season Finale Announcement
00:29 Crypto Wallets Hacked: Fallout from LastPass Breach
02:38 TP Link Routers Under Scrutiny
04:38 Microsoft's Push for a Passwordless Future
06:38 Holiday Wishes and Future Plans -
Eksik bölüm mü var?
-
BlackBerry's Cylance Sale, Major AWS Breach, Klopp Ransomware Strikes Again, and Russian Cyber Attacks
In this episode of Cybersecurity Today, host Jim Love discusses BlackBerry's sale of Cylance to Arctic Wolf for significantly less than its purchase price, the massive AWS breach linked to the Shiny Hunters, Klopp ransomware attacks on Cleo's platforms, and the escalation of Russian cyber attacks on Western critical infrastructure. Tune in to get the details on these major cybersecurity developments and their implications.
00:00 Introduction and Sponsor Message
00:32 BlackBerry's Cylance Sale: A Strategic Move?
02:36 AWS Data Breach: Shiny Hunters Strike Again
04:54 Cleo Data Theft: Klopp Ransomware's Latest Exploit
06:39 Russian Cyber Attacks on Critical Infrastructure
08:32 Conclusion and Contact Information -
PumaKit Linux Rootkit, Windows Defender Flaw, and Android Malware Outbreak!
In today's episode of Cybersecurity Today, host Jim Love delves into the discovery of the advanced Linux rootkit PumaKit, critical vulnerabilities in Microsoft's Windows Defender, a new multi-platform malware campaign downgrading browser security, and Germany's recent outbreak of pre-installed malware on 30,000 Android devices. We discuss the implications of these cybersecurity threats and the measures being taken to mitigate them. Stay informed and vigilant with our detailed analysis of these emerging cyber risks.
00:00 Introduction to Cybersecurity News
00:27 Advanced Linux Rootkit: PumaKit
01:59 Critical Windows Defender Vulnerability
03:42 Malware Downgrades Browser Security
05:08 Pre-installed Malware on Android Devices in Germany
07:02 Conclusion and Final Thoughts -
Top 5 Phishing Exploits of 2024: Abnormal Security Report and More | Cybersecurity Today
In this episode of Cybersecurity Today, host Jim Love delves into Abnormal Security's end-of-year report outlining the top five phishing exploits of 2024 and their predictions for 2025. The episode covers cryptocurrency fraud, weaponized file sharing services, multi-channel phishing, business email compromise, and email account takeovers. Additionally, it highlights the alarming rise of text-based job scams, the takedown of a major vishing ring in Spain and Peru, and a $5 million U.S. reward to disrupt North Korean IT schemes. Stay informed on the latest cybersecurity threats and protections.
00:00 Introduction to Cybersecurity Today
00:27 Top Phishing Exploits of 2024
00:37 Cryptocurrency Fraud and File Sharing Scams
01:54 Multi-Channel Phishing and Business Email Compromise
03:10 Email Account Takeover and Future Predictions
04:39 Rise of Task Scams
06:53 Massive Vishing Operation Busted
08:42 North Korean IT Worker Fraud
11:15 Conclusion and Final Thoughts -
SEC Cyber Disclosure Rules, Deloitte Hack Denial, and Critical Microsoft & SAP Patches | Cybersecurity Today
In this episode of Cybersecurity Today, host Jim Love delves into the ongoing confusion and compliance struggles faced by companies one year after the SEC's cyber disclosure rules were introduced. We analyze a BreachRx report revealing that less than 17% of public companies provide specific details in their cyber incident filings. Deloitte's recent denial of a data theft claim by the BrainCypher ransomware group is also discussed, along with the firm's history of cybersecurity challenges. Additionally, Microsoft and SAP have rolled out critical patches addressing severe vulnerabilities, emphasizing the urgency for users and organizations to apply these updates. Stay informed on these pressing cybersecurity issues.
00:00 Introduction and Headlines
00:20 SEC Cyber Disclosure Rules: One Year Later
02:30 Deloitte Denies BrainCypher Ransomware Allegations
04:23 Microsoft and SAP Issue Critical Patches
07:19 Conclusion and Show Notes -
Cybersecurity Today: Email Frauds, Google Warnings, and U.S. Telecom Hacks
In this episode of Cybersecurity Today, host Jim Love discusses a personal encounter with email fraud attempts, including invoice scams and fake payroll changes. Google issues a stark warning to Gmail users about session cookie thefts leading to email takeovers. Additionally, the U.S. telecom industry grapples with the fallout from a major breach by Chinese hackers exploiting legacy systems. Love shares insights on improving email security and safeguarding against such sophisticated cyber threats. Tune in to learn more about the latest cyber challenges and solutions.
00:00 Introduction and Personal Encounter with Email Fraud
03:20 Google's Warning on Email Takeovers
05:12 Session Cookie Theft: A Rising Threat
06:48 U.S. Telecom Industry Infiltration by Chinese Hackers
08:44 Conclusion and Final Thoughts -
Cyber Security Today: Navigating Novel Phishing Campaigns and Ransomware Tactics
Join host Jim Love and the Cyber Security Today panel featuring Terry Cutler of Cyology Labs, David Shipley of Beauceron Security, and cybersecurity executive John Pinard. In this episode, they delve into pressing cybersecurity challenges such as novel phishing tactics using corrupted Word documents, the importance of robust offboarding processes in light of breaches at major companies like Disney, and the ramifications of a major ransomware attack on the City of Hamilton. Topics also include the recurring issue of session cookie theft, the implications of third-party cybersecurity risk as seen in the Blue Yonder ransomware attack impacting Starbucks, and the rise of hacktivism. Tune in for valuable insights and discussions aimed at improving cybersecurity measures in an ever-evolving threat landscape.
00:00 Introduction and Panelist Introductions
00:40 David Shipley's Cyber Risk Talk
02:39 Novel Phishing Campaign Discussion
06:08 Fileless Malware and Human Error
10:44 Offboarding and Internal Audits
19:48 Vendor Responsibility and Ransomware
27:06 City of Hamilton Cyber Attack
28:19 Keynote Talks and Cybersecurity Challenges
29:30 The Reality of Cyber Attacks
29:46 Ransomware and Business Email Compromise
31:21 Cyber Insurance and Its Pitfalls
32:44 Andrew Tate Hack and Hacktivism
36:04 Chinese State-Sponsored Hacks
41:26 Canadian Cybersecurity Issues
44:53 Session Cookies and Two-Factor Authentication
49:45 AI in Software Development
56:42 Concluding Thoughts and Final Remarks -
Massive Telecom Hack and the Future of Cybersecurity
In this episode of Cybersecurity Today, host Jim Love covers a series of crucial topics including a major cyber attack by Chinese hackers on U.S. telecom networks labeled as the biggest in history, the challenges tied to hardware upgrades for enhanced security, and the U.S. Department of Defense's efforts to combat deepfakes. The discussion underscores the importance of encryption, highlights moves by Microsoft and Google for hardware security, and explores the implications of AI-generated deepfakes for national security.
00:00 Introduction and Book Promotion
00:30 Major Cyber Attack on U.S. Telecom Networks
02:31 Encryption and Security Measures
03:59 Hardware Upgrades for Enhanced Security
06:19 Combating Deep Fakes
08:39 Conclusion and Upcoming Panel Discussion -
Cybersecurity Today: From Data Theft to Total Destruction
In today's episode, we cover the latest shifts in cybercrime as hackers move from data theft to complete system destruction, impacting businesses on a massive scale. We discuss Palo Alto Networks' insights on these damaging attacks, Veeam's critical vulnerability patches, and a major breach affecting thousands in Saskatchewan. Additionally, we report on Russia's life sentence for a notorious cyber criminal leader and a significant European takedown of a cybercrime network. Stay informed with the latest in cybersecurity and learn about the steps being taken to counter these escalating threats.
00:00 Introduction: Cybersecurity Headlines
00:26 Evolving Cyber Threats: From Ransomware to Destruction
02:42 Veeam's Critical Vulnerability Patch
04:17 Saskatchewan Data Breach and Privacy Concerns
05:14 Massive Data Breach at SL Data Services
06:29 Russia's Crackdown on Cybercrime
08:21 Operation Passionflower: Dismantling Matrix
10:11 Conclusion and Show Notes -
Cybersecurity Incidents in Healthcare and AI Exposures
In this episode, host Jim Love discusses recent cybersecurity incidents, including a major cyber attack on Wirral University Teaching Hospital in the UK, exposing healthcare vulnerabilities. An AI chatbot startup, WotNot, exposed 300,000 sensitive records online due to misconfigured storage. A novel phishing attack using corrupted Microsoft Word documents is also examined. The episode concludes with the takedown of the world's largest piracy network in Operation Takendown, underlining the international effort against cybercrime. Stay updated on the latest in cybersecurity and tech trends.
00:00 Introduction and Book Promotion
00:30 UK Hospital Cybersecurity Incident
03:11 AI Chatbot Data Exposure
05:05 Phishing Attack with Corrupted Word Documents
06:38 Operation Takendown: Largest Piracy Network Dismantled
08:39 Conclusion and Show Notes -
AI and Cybersecurity: Addressing AI Myths and Strategies | Project Synapse Episode 3
Join Jim Love, host of Cyber Security Today, alongside Marcel Gagné and John Pinard in this weekend edition from our sister podcast, Hashtag Trending. This episode, part of the Project Synapse series, dives into a discussion on AI, focusing on security, strategic implementation, and addressing common myths. They explore the gap between AI strategies and their deployment, the relationship between strategy and action, and practical approaches to protect your data while utilizing AI. The conversation also touches on critical thinking and the need for proper training to make effective use of AI technology.
00:00 Introduction and Thanksgiving Break
00:31 Welcome to Hashtag Trending
00:48 Introducing Marcel Gagné and John Pinard
01:42 AI Strategy and Implementation
02:53 AI Myths and Misconceptions
06:17 AI Vulnerabilities and Security
07:27 The Role of Headlines in AI Perception
11:56 Guardrails and AI Control
16:19 Data Security and AI Models
25:07 Running Small Models on Private Networks
26:35 Leveraging Existing Tools for Cost Efficiency
28:07 Critical Thinking and AI Validation
30:53 Common Mistakes and AI Limitations
37:38 AI in Medical Diagnostics
43:04 Balancing AI Use and Human Oversight
46:37 Concluding Thoughts and Future Directions -
A quick not to say that in our tradition of observing Holidays in both the US and Canada, we'll be taking the weekend off. We'll be back on Monday morning, bright and early with the Cyber Security News,
-
Retailers Face AI Bot Attacks, Avast Exploit, and Starbucks Ransomware Challenges
In this episode of 'Cybersecurity Today,' host Jim Love covers the latest cyber threats impacting retailers, including AI-powered bot attacks and ransomware incidents. Discover how hackers are exploiting an old Avast driver to deploy advanced Windows malware and how Starbucks is managing employee payments manually following a ransomware attack on its scheduling software provider, Blue Yonder. The episode highlights the increasing cyber risks retailers face during the holiday season and the importance of robust cybersecurity measures.
00:00 Introduction and Headlines
00:22 AI-Powered Bot Attacks on Retailers
02:51 Windows Malware Exploiting Avast Driver
04:09 Starbucks Ransomware Attack and Manual Pay
05:18 Ransomware Trends and Impacts
06:01 Conclusion and Show Notes -
Cybersecurity Today: Palo Alto Firewalls Breached, APT28's Wi-Fi Hack, Meta Fights Scams
In today's episode, over 2,000 Palo Alto firewalls were hacked via patched zero-day vulnerabilities; a Russian group, APT28, exploited Wi-Fi networks in a novel 'Nearest Neighbor Attack' to breach a U.S. firm; Meta removed more than 2 million accounts linked to pig butchering scams; and Google launched a free cybersecurity certificate on Coursera to prepare students for entry-level jobs in six months. Host Jim Love provides in-depth analysis and the latest updates in the world of cybersecurity.
00:00 Introduction and Headlines
00:29 Palo Alto Firewalls Hacked
02:43 Nearest Neighbor Wi-Fi Attack
05:09 Meta's Crackdown on Pig Butchering Scams
07:10 Google's Free Cybersecurity Certificate
08:52 Conclusion and Resources -
Phishmas Alert: Tackling Holiday Season Cyber Threats
In this episode of Cybersecurity Today, the weekend show, the host is joined by guest David Shipley to discuss the rise in phishing activities during the holiday season, humorously dubbed 'Phishmas.' They delve into the psychology behind phishing, the impact of seasonal stress on individuals, and the tactics cybercriminals use to exploit these conditions. The episode also highlights recent research on phishing trends, the broader scope of consumer fraud, and the challenges faced by law enforcement in combating these crimes. Practical advice for individuals and organizations to protect themselves is also provided, along with a call to action for greater governmental response and individual vigilance.
00:00 Introduction to Phishmas
00:41 The Importance of Good Research
01:01 Understanding Data vs. Facts
02:02 Phishing During the Holiday Season
03:13 The Mechanics of Phishing Scams
04:51 The Role of Typo-Squatting in Phishing
06:13 The Evolution of Phishing Techniques
09:16 The Human Factor in Phishing
13:10 The Impact of AI on Phishing
18:19 Psychological Tactics in Phishing
21:08 Retailer Perspective on Cyber Threats
22:21 Rise of Fraud in North America
22:57 Impact of Fraud on Individuals
24:01 Challenges in Combating Fraud
27:59 Strategies to Protect Yourself
32:25 Role of Retailers and Banks
35:45 Political and Legislative Actions
38:47 Final Thoughts and Call to Action -
Cybersecurity Today: Zero Day Flaws, FinTech Breach, Phishing Scams & More
In today's episode, host Jim Love discusses critical updates in the cybersecurity world. Discover the latest zero day vulnerabilities patched by Apple, a significant data breach at Fintech giant Finastra, emerging phishing attack tactics using Microsoft Visio files and SVG attachments, and the launch of a new privacy-focused telecom service, CAPE. Additionally, learn about Google's AI-powered OSS Fuzz tool, which uncovered a critical flaw in the OpenSSL library. Stay informed to protect yourself and your organization from sophisticated cyber threats.
00:00 Introduction and Sponsor Message
00:59 Emerging Phishing Attack Strategies
03:12 Finastra Data Breach Investigation
04:49 Launch of CAPE: A Privacy-Focused Telecom Service
06:19 Apple's Emergency Updates for Zero-Day Vulnerabilities
07:29 Google's OSS Fuzz Uncovers Critical Vulnerabilities
09:07 Conclusion and Podcast Information -
Cybersecurity Today: Microsoft Updates, Gen AI Risks, and Liminal Panda Threat
In this episode of Cybersecurity Today, host Jim Love discusses major cybersecurity updates from Microsoft's Ignite conference, including enhancements to Windows security and device recovery. A survey by LegitSecurity highlights the security risks associated with generative AI in software development. CrowdStrike reveals Liminal Panda, a Chinese cyber threat to telecoms. Additionally, a report from the EPA's Office of Inspector General exposes significant cybersecurity vulnerabilities in U.S. drinking water systems. This episode is brought to you by CDW Canada Tech Talks.
00:00 Introduction and Sponsor Message
00:42 Microsoft's New Cybersecurity Features
02:10 Generative AI and Software Development Risks
04:30 Liminal Panda: A New Cyber Threat
06:24 Cybersecurity Vulnerabilities in US Water Systems
08:35 Conclusion and Sponsor Acknowledgment -
Cybersecurity Today: GitHub Attacks & Microsoft's November Patch Tuesday Updates
In this episode of Cybersecurity Today, host Jim Love highlights critical cybersecurity updates. The episode covers malicious attacks on GitHub projects, including an orchestrated attempt to frame Texas-based security researcher Mike Bell, and the associated impact on open-source repositories. Additionally, Microsoft's November Patch Tuesday is discussed in detail, with over 90 security issues disclosed, including four critical zero-day vulnerabilities. The episode also addresses a new ransomware strain exploiting vulnerabilities in Veeam backup software, and the disruptions caused by Microsoft's flawed Exchange Server security update. Stay informed on the latest cybersecurity trends and threats.
00:00 Introduction and Sponsor Message
00:29 Cybersecurity Headlines
00:46 GitHub Malicious Code Attack
03:24 Microsoft November Patch Tuesday
05:17 Veeam Backup Software Vulnerability
07:02 Microsoft Exchange Server Update Issues
08:47 Conclusion and Sign-Off -
Cybersecurity Today - Weekend Edition: Project Synapse, AI in Action (Episode 2)
In this episode of Cybersecurity Today with host Jim Love, we dive into the intersection of Artificial Intelligence (AI) and cybersecurity, continuing our exploration in the series Project Synapse. Joined by Linux and open-source expert Marcel Gagné and cybersecurity professional John Pinard, we discuss practical applications of AI in business, strategies to implement AI securely, and the rapid technological advancements that pose challenges for companies. Tune in to learn how experimentation with AI can innovate business processes while figuring out what tools and strategies can add real value to your operations. This episode emphasizes the importance of maintaining security and developing a solid business strategy in the evolving landscape of artificial intelligence.
00:00 Introduction to Cybersecurity Today
01:14 Meet the Hosts and Guests
02:08 Project Synapse: AI in Action
02:20 Current State of AI and Security Concerns
04:20 Challenges and Opportunities in AI Adoption
06:36 Business Strategies in the Age of AI
11:35 The Importance of Experimentation and Play
20:26 Innovative Uses of AI in Everyday Life
23:53 Cultural Shift in Business
24:27 Rise of AI Agents
25:13 Challenges with AI Models
25:45 Specialized AI Agents
28:17 AI in Accounting and Business
32:12 AI in Customer Service
33:40 Workshops and Practical AI Applications
48:17 Security Concerns with AI
49:40 Conclusion and Future Plans - Daha fazla göster