Claim OwnershipCybersecurity Today
Subscribed: 2,296Played: 89,035
Subscribe
Description
Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.
992 Episodes
Reverse
FBI Warnings, TikTok's Canadian Shutdown, Major Data Breach Arrests & More | Cybersecurity Today In this episode of Cybersecurity Today, host Jim Love highlights the FBI's warning about growing phishing attacks exploiting government email credentials, leading to potential data theft and ransomware attacks. The Canadian government orders TikTok to shut down its domestic operations over national security fears, while the app plans to fight the decision. Authorities arrest Alexander Connor Moucka in conjunction with massive data breaches at companies like Ticketmaster and AT&T. Additionally, a Brampton landlord becomes a victim of an e-transfer scam, emphasizing the importance of securing email accounts. Stay informed with the latest cybersecurity news and recommendations. 00:00 Introduction and Headlines 00:22 FBI Warning on Phishing Attacks 01:53 International Law Enforcement Actions 02:26 Canada Orders TikTok Shutdown 03:45 Major Data Breach Arrests 04:22 Brampton Landlord E-Transfer Scam 05:16 Securing Personal Transfers 06:02 Conclusion and Show Notes
AI Finds Zero Day Vulnerability, MFA Mandatory on Google Cloud, French Energy Firm Hacked In today's episode of Cyber Security Today, host Jim Love discusses Google's AI-driven system Big Sleep discovering the first ever AI-identified zero day vulnerability in the SQLite database engine. He also covers Google's new requirement for Google Cloud users to implement multi-factor authentication (MFA) starting January, and a recent cyber-attack on French firm Schneider Electric, where hackers demanded a ransom in baguettes. Learn about these critical updates and their implications for the future of cybersecurity. 00:00 Introduction to Cyber Security Today 00:21 AI Discovers Zero Day Vulnerability 03:06 Google Cloud Enforces Multi-Factor Authentication 05:55 Hackers Demand Ransom in Baguettes 07:42 Conclusion and Show Notes
Chinese Cybersecurity Threats: Espionage in Silicon Valley, Canadian Government Infiltration, and Persistent Botnets In this special edition of Cyber Security Today, host Jim Love discusses three alarming stories illustrating the increasing cybersecurity threats posed by China. The episode details China's espionage activities in Silicon Valley, including a Google employee caught stealing AI trade secrets, the infiltration of Canadian government systems by Chinese state-sponsored hackers, and a persistent botnet using compromised TP-Link routers to target Microsoft Azure accounts. The stories highlight the urgent need for enhanced cybersecurity measures to counter these sophisticated threats. 00:00 Introduction: Rising Cybersecurity Threats from China 00:33 Silicon Valley Under Siege: Espionage in the Tech Hub 03:56 Canadian Government Infiltration: A Deep Dive 05:47 Persistent Botnet Threat: Covert Network 1658 07:31 Conclusion and Final Thoughts
Welcome to the weekend edition of Cybersecurity Today! Join host Jim Love as he delves into the top cybersecurity stories of the month with industry experts David Shipley of Beauceron Security, Terry Cutler of Cyology Labs, and special guest Kim Schreader from TELUS. This episode covers a range of vital topics, including AI's impact on cybersecurity, the alarming rise in API vulnerabilities, and a shocking report on the Canadian Revenue Agency's fraud losses. The panel also discusses cybersecurity awareness, the overlooked importance of protecting our libraries, and innovative ways to educate the next generation on cybersecurity. Don't miss their insights, expert opinions, and the debut of the cyber stinky award! 00:00 Introduction and Panelist Welcome 00:39 Kim Schreader's Background and Cybersecurity Insights 01:44 Cybersecurity Awareness Month Highlights 02:11 Phishing Milestones and Challenges 03:34 Home Cybersecurity and Public Engagement 04:59 SecTor Event and Cyber Insurance Study 06:10 Sextortion Emails and Ransomware Threats 07:30 Revenue Canada Fraud Scandal 14:31 Legacy Systems and Cybersecurity Accountability 17:55 AI in Cybersecurity: Threats and Opportunities 26:43 Medical Imaging Vulnerabilities 27:35 IoT Device Security Concerns 29:25 API Vulnerabilities and Exploits 31:45 Importance of Pen Testing 39:41 AI and Prompt Injection Risks 46:58 Education and Cybersecurity Awareness 52:23 Library Cyber Attacks and Conclusion
Cyber Security Today: Deceptive Delight Jailbreak, API Vulnerabilities Surge, Hex Attack on GPT-4 In this episode of Cyber Security Today, host Jim Love discusses the new jailbreak technique 'Deceptive Delight' that highlights vulnerabilities in large language models, the 21% increase in API vulnerabilities reported by Wallarm, and the hex-encoded attack on OpenAI's GPT-4. Learn about the significant rise in API security threats, including misconfigurations and cloud-native software vulnerabilities, and how cybercriminals are exploiting them. Discover how researchers are bypassing AI safety mechanisms and what this means for the future of AI security. Stay safe and informed about the latest cybersecurity trends and risks. 00:00 Introduction to Cyber Security Today 00:20 Deceptive Delight: A New Jailbreak Technique 02:22 Surge in API Vulnerabilities 04:16 Hexadecimal Exploits in AI Models 06:01 Smishing Attacks and Personal Anecdotes 06:56 Conclusion and Upcoming Shows
Massive CRA Breach Exposed & Cyber Challenges in Healthcare and Retail In this episode of Cyber Security Today, host Jim Love delves into the significant cyber security incidents impacting Canada, healthcare, and retail sectors. A report from CBC and Radio Canada reveals that the Canada Revenue Agency (CRA) has been compromised multiple times, leading to tens of thousands of hacked tax accounts and millions in fraudulent refunds. The episode also highlights a new report from Forescout Technologies that identifies critical vulnerabilities in connected medical devices, posing serious risks to patient safety and data security. Additionally, the 2024 Trustwave Retail Risk Radar Report outlines the evolving cyber threats facing retailers during the e-commerce boom, including phishing, credential stuffing, and ransomware attacks. Links to the detailed reports are provided in the show notes. Tune in for an in-depth discussion on these pressing cyber security challenges. 00:00 Introduction and Headlines 00:27 Canada Revenue Agency Hacked: Millions in Bogus Refunds 03:33 Medical Devices at Risk: Forescout's Alarming Report 06:42 Retail Cybersecurity Challenges: TrustWave's Insights 09:21 Conclusion and Show Notes
In today's episode of Cybersecurity Today, host Jim Love covers stories including, Cisco releases an emergency patch for a vulnerability exploited in brute force attacks, Delta Airlines sues CrowdStrike over a problematic software update leading to flight disruptions, UnitedHealth confirms the massive data breach at Change Healthcare affecting 100 million people, and Apple announces a $1 million bug bounty for hacking Apple Intelligence servers. Stay informed on these pivotal issues impacting the tech and cybersecurity landscape. 00:00 Emergency Patch for Cisco Vulnerability 02:02 Delta Sues CrowdStrike Over Flight Disruptions 03:48 Apple's $1 Million Bug Bounty Program 05:14 UnitedHealth Data Breach Impact 07:17 Show Wrap-Up and Contact Information
Mastering Cybersecurity: From AI Threats to Quantum Encryption - Insights with CDW Join host Jim Love in a riveting discussion with Ivo Wiens, Field CTO for CDW Canada, as they review CDW's cyber security research and discussions with CISO's about the state of cyber security in Canada. Delve into the sophistication of cyber attacks driven by organized crime and nation-states, and learn about the importance of cyber security frameworks like zero trust and NIST standards. The conversation also explores the role of AI in both enhancing phishing attacks and defending against cyber threats, as well as the challenges and strategies in implementing AI security within organizations. Gain insights on vendor management complexities, platformization, quantum cryptography, and the future of cyber encryption. Listen to practical advice on navigating business risks, enhancing user experiences, and adopting zero trust models in today's digital landscape. 00:00 Introduction to Cybersecurity Today 00:26 Understanding CDW and Its Role 01:08 CDW's Approach to Cybersecurity 04:16 Research and Insights from CDW 05:40 The Growing Sophistication of Cyber Attacks 08:24 Adopting Cybersecurity Frameworks 12:12 The Importance of Tabletop Exercises 17:01 Human Vulnerabilities and AI in Cybersecurity 18:12 The Sophistication of Phishing Attacks 19:03 Emotional Manipulation in Cyber Attacks 21:09 AI in Cybersecurity: Opportunities and Risks 22:30 Implementing AI in Business Operations 25:08 Balancing AI and Privacy Concerns 34:09 The Future of Cybersecurity: Quantum Computing 36:53 Final Thoughts and Advice for Organizations
SEC Fines, WordPress Hacks, & Okta's New Security Standards | Cybersecurity Today Join host Jim Love in this episode of Cybersecurity Today, sponsored by CDW Canada Tech Talks. We delve into the SEC's $7 million fine on four companies for misleading cybersecurity disclosures, the hacking of over 6,000 WordPress sites by malicious plugins, and Okta's introduction of a new identity security standard in response to rising SaaS breaches. Get detailed insights on these key topics and more. Tune in to stay updated on the most pressing cybersecurity issues! 00:00 Introduction to Cybersecurity Today 00:28 SEC Fines for Misleading Cybersecurity Disclosures 02:39 Massive WordPress Site Hacks 04:58 Okta's New Security Standards 07:49 Conclusion and Sponsor Message
In today's episode of Cyber Security Today, sponsored by CDW Canada Tech Talks, host Jim Love dives into the latest tech news and cybersecurity updates. Key stories include the FBI arrest of Eric Council Jr. for hacking the SEC's social media, the release of VulnHuntr, an AI tool designed to detect zero-day vulnerabilities in Python, and the arrest of two Sudanese brothers running a cybercrime business. Additional updates cover a security flaw in the WordPress Jetpack plugin, ongoing attacks on the Internet Archive, and the Golden Chickens spear-phishing campaign targeting HR personnel. Tune in for these stories and more. 00:00 Introduction to Cyber Security Today 00:27 FBI Arrests in SEC Social Media Hacks 02:49 Open Source Tools for Python Vulnerabilities 05:20 Cyber Crime Arrests and Scams 07:25 Golden Chickens Spear Phishing Campaign 09:15 Show Wrap-Up and Announcements
1Phishing and Cybersecurity: Evolution, Tactics, and Human Factors In this deep dive into the world of cybersecurity, join experts Jim Love and David Shipley as they unravel the ever-evolving landscape of phishing attacks and modern cyber threats. Through discussing the history and sophisticated evolution of phishing, including innovative methods like quishing, vishing, and smishing, this episode reveals the severe impacts on businesses and individuals. Discover how cybercriminals use psychological manipulation, including principles from Robert Cialdini's influence framework, to dupe unsuspecting victims. Uncover real-world examples, such as the dangers posed by AI-driven datasets, and the critical importance of Multi-Factor Authentication (MFA) in enhancing account security. The episode also delves into the human elements of cybersecurity, emphasizing the role of workplace culture, emotional intelligence Training, and assertiveness in creating a resilient defense against social engineering attacks. Join us for practical tips and insights to bolster your cybersecurity posture. 00:00 Introduction to Cybersecurity Today 00:31 Emerging Phishing Threats 01:36 Deep Dive into Phishing 03:22 History of Phishing 05:55 Types of Phishing Attacks 19:16 Social Engineering and Phishing 20:06 Research Hypothesis on Phishing 25:55 Phishing Tactics: Free Gift Card Scams 26:24 The Power of Scarcity in Phishing 28:18 Authority Figures and Phishing 29:02 Consistency: Small Requests to Big Scams 30:06 Liking and Social Proof in Phishing 32:19 The Evolution of Phishing Techniques 35:15 Fighting Back: Technical Solutions 42:57 Emotional Intelligence and Workplace Culture 46:58 Conclusion and Final Thoughts
In this episode, host Jim Love delves into sophisticated phishing attacks, cybersecurity initiatives, and significant changes in data security protocols. Listeners will learn about a national survey revealing that 53% of Canadians would switch banks after a data breach and hear insights on Apple's proposal to shorten SSL/TLS certificate lifespans. The episode also covers 23andMe's data breach and settlement, and introduces the FIDO Alliance's new protocol designed to enhance passkey portability across platforms. Emphasizing the importance of robust cybersecurity measures and user education, the discussion highlights advancements in passwordless authentication, as demonstrated by major implementations from companies like Amazon. This episode offers an in-depth look at current cybersecurity challenges and forward-thinking solutions in the realm of user authentication. 00:00 Introduction and Show Format Update 00:48 Canadian Banking Cybersecurity Concerns 01:14 Survey Insights and Financial Sector Responses 03:25 Customer Concerns and Communication Gaps 04:17 Financial Impact of Data Breaches 05:13 Apple's SSL/TLS Certificate Lifespan Proposal 06:20 Google's Push for Shorter Certificate Lifespans 07:24 23andMe Data Breach Settlement 09:55 FIDO Alliance and Passwordless Authentication 12:38 Conclusion and Show Notes
Cybersecurity Today: Wayback Machine Read-Only, AI-Driven Phishing, and Quantum Computing Breakthroughs In this episode of Cybersecurity Today, host Jim Love discusses the recent cyber incident with the Internet Archive's Wayback Machine, which is now back online in read-only mode. He outlines sophisticated AI-driven Gmail phishing schemes that are fooling even tech experts and reports on Chinese researchers' breakthrough using a Canadian quantum computer to potentially crack military-grade encryption. Jim also shares practical advice on staying vigilant against such cyber threats. 00:00 Introduction and Schedule Update 00:22 Cybersecurity News Highlights 00:44 Internet Archive's Wayback Machine Breach 02:06 Sophisticated AI-Driven Gmail Phishing Scams 05:45 Quantum Computing Breakthrough in Encryption 07:10 Conclusion and Sign-Off
Exploring IT Trends and AI Opportunities with Brian Jackson In this crossover episode of Hashtag Trending, host Jim Love interviews Brian Jackson, Principal Research Director at InfoTech Research Group, to discuss emerging IT trends and their intersection with cybersecurity. The conversation covers AI advancements, quantum computing, and digital humans, focusing on how to leverage technology for business opportunities while mitigating associated risks. Brian also emphasizes the importance of AI specialization and sovereignty, and the necessity for organizations to adapt encryption in preparation for quantum computing breakthroughs. Tune in for insights on current technology trends and strategies to harness emerging tools effectively. 00:00 Introduction and Overview 00:42 Meet Brian Jackson 01:51 Brian's Role at InfoTech 02:47 Tech Trends 2025 04:07 AI Opportunities and Risks 05:41 Quantum Computing and Cryptography 06:29 Digital Humans and Deepfakes 09:22 AI in Business Applications 22:32 AI Sovereignty and Cost Management 33:48 Quantum Computing in Practice 38:30 Conclusion and Final Thoughts
Cybersecurity Today: Data Breaches and Malware Threats In this episode of Cybersecurity Today, host Jim Love discusses the hacking incidents involving the Internet Archive and Fidelity, exposing millions of users' data. Highlights include the Internet Archive breach attributed to the Black Meta Hacktivist group, affecting 31 million users, and Fidelity's data breach impacting 77,000 customers. Additionally, the bankruptcy of National Public Data after a massive leak and North Korean cyberattacks on tech job seekers are detailed. These incidents emphasize the importance of robust cybersecurity measures and industry regulations. 00:00 Major Data Breaches: Internet Archive and Fidelity 00:26 Internet Archive Breach: Details and Impact 01:49 Fidelity Data Breach: What Happened? 03:17 National Public Data Files for Bankruptcy 05:23 North Korean Hackers Target Tech Job Seekers 07:38 Conclusion and Resources
Cybersecurity Alert: White House Urges Insurance Reform & Major Hacks Revealed In this episode of Cybersecurity Today, host Jim Love covers significant developments in cybersecurity policy and breaches. The White House, represented by U.S. Deputy National Security Advisor Ann Neuberger, calls for an end to insurance policies that incentivize ransomware payments. The episode also discusses a major ransomware attack affecting Comcast and highlights a significant breach by China-backed hackers targeting U.S. telecom providers. Additionally, American Water faces a security breach impacting its customer systems. The episode emphasizes the growing threats and debates around cybersecurity practices. 00:00 Introduction and Headlines 00:41 White House Calls to End Ransomware Payments 02:11 Comcast Data Breach Exposes 230,000 Customers 03:57 Chinese Hackers Compromise U.S. Telecom Systems 06:24 American Water Cybersecurity Incident 08:02 Conclusion and Show Notes
Cybersecurity Today: Cloudflare's DDoS Victory, Russian Hacker Arrests, and Truth Social Scams In this episode of Cybersecurity Today, host Jim Love discusses Cloudflare's successful mitigation of the largest recorded DDoS attack, showcasing the company's advanced defense capabilities. The episode also covers the arrest of nearly 100 individuals in Russia linked to illegal cryptocurrency transactions and ransomware laundering through the Crypteks crypto exchange. Additionally, it highlights Truth Social's vulnerability to pig butchering scams, where users face significant financial losses. These stories reflect ongoing cybersecurity challenges and responses from different stakeholders. 00:00 Introduction and Headlines 00:28 Cloudflare's DDoS Defense Triumph 02:57 Russia's Crackdown on Cryptex Crypto Exchange 04:57 Truth Social's Pig Butchering Scams 07:02 Conclusion and Show Notes
Unveiling the Truth: Insights into Cyber Security Awareness and Phishing In a special crossover episode of Cyber Security Today and Hashtag Trending, host Jim Love discusses the biases and challenges in technology marketing research with guest David Shipley, head of Beauceron Security. The conversation examines the significance of security awareness, focusing on phishing simulations. Shipley shares insights from his research, emphasizing the optimal frequency of monthly phishing tests and the importance of reporting rates. The episode also covers the psychological aspects of cyber security, sustainability of gamification in training, and highlights the need for balancing training demands to avoid negative impacts of overtraining. Listeners are encouraged to reflect on the insights shared and respond with their thoughts on the program's format. 00:00 Introduction and Overview 00:15 The Problem with Technology Marketing Research 00:46 Bias in Research and Media 01:33 Importance of Objective Research 02:24 Introducing David Shipley and His Research 03:08 Understanding Human Behavior in Cybersecurity 05:38 Phishing Research and Findings 07:19 Effective Phishing Simulations 15:02 Insights from Phishing Data 22:14 The Importance of Reporting and Feedback 22:32 Multi-Channel Communication Strategies 23:53 Gamification and Personal Cyber Risk Scores 25:16 Behavioral Economics in Cybersecurity 27:07 The Impact of Intrinsic Motivation 29:22 The Role of Psychology in Cybersecurity 30:15 The Framing Effect and Security Perception 32:19 Optimism Bias and Security Awareness 35:00 The Dunning-Kruger Effect in Training 37:29 Anchoring Bias and Phishing Indicators 39:03 Key Takeaways and Final Thoughts
Cybersecurity Today: NVD Backlogs & Emerging Threats Host Jim Love discusses the backlog in the National Vulnerability Database and its implications for cybersecurity, highlighting two new Linux vulnerabilities. The episode also covers a sophisticated malware, Perfctl, attacking Linux servers, vulnerabilities in CUPS, and security risks of Meta's smart glasses. Additionally, insights are provided from a CIRA study on ransomware payment trends and the challenges posed by AI in cybersecurity. The podcast ends with announcements for new vulnerability threats and a preview of upcoming research with co-host David Shipley. 00:00 Introduction and Podcast Promotion 00:45 National Vulnerability Database Backlog 02:54 Linux Vulnerabilities: Perfctl Malware 04:42 CUPS Vulnerability Alert 05:56 Privacy Concerns with Meta's Smart Glasses 07:23 Critical Vulnerabilities in Zimbra and Ivanti 08:55 CIRA's Ransomware Study Insights 12:12 AI in Cybersecurity: Survey Findings 14:02 Conclusion and Upcoming Features
Cybersecurity News: Microsoft Patch Issues, Chrome Vulnerabilities, and T-Mobile Settlement In this episode of Cybersecurity Today, Jim Love discusses several pressing issues in the tech world. Early feedback on Microsoft's Windows 11 October Patch Tuesday update reveals significant stability issues. Google Chrome receives a second major security update in ten days due to four new high severity vulnerabilities. The Canadian Internet Registration Authority (CIRA) publishes its annual cybersecurity study highlighting the costs and damages from cyberattacks on Canadian businesses. A coalition of major security agencies releases a report on detecting and mitigating Active Directory compromises. Lastly, T-Mobile agrees to a $31.5 million settlement with the FCC over multiple data breaches affecting millions of U.S. customers. Stay tuned for more insights and updates! 00:00 Introduction and Podcast Promotion 00:38 Microsoft's October Patch Tuesday Issues 02:29 Urgent Chrome Security Update 03:27 CIRA's Annual Cybersecurity Study 05:18 Active Directory Compromise Report 06:57 T-Mobile's FCC Settlement 08:38 Conclusion and Sponsor Message
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024
Download from Google Play
Download from App Store
United States
Acronis Cyber Backup is a comprehensive data backup and recovery solution designed to protect data, systems, and applications. It's used by businesses and individuals to ensure that their critical information is safeguarded against data loss, hardware failures, cyberattacks, and other unexpected events. Acronis Cyber Backup offers features like full disk imaging, incremental backups, cloud storage, and quick recovery to keep operations running smoothly. It provides flexible deployment options, allowing backups to be stored locally or in the cloud, and integrates advanced cybersecurity features to defend against ransomware and other cyber threats. For a thorough cybersecurity assessment and data protection strategy, you might consider consulting with cybersecurity experts like those at https://www.wizlynxgroup.com/hk/en/
Acronis Cyber Backup is a comprehensive data backup and recovery solution designed to protect data, systems, and applications. It's used by businesses and individuals to ensure that their critical information is safeguarded against data loss, hardware failures, cyberattacks, and other unexpected events. Acronis Cyber Backup offers features like full disk imaging, incremental backups, cloud storage, and quick recovery to keep operations running smoothly. It provides flexible deployment options, allowing backups to be stored locally or in the cloud, and integrates advanced cybersecurity features to defend against ransomware and other cyber threats. For a thorough cybersecurity assessment and data protection strategy, you might consider consulting with cybersecurity experts like those at Wizlynx Group. They specialize in security testing and cybersecurity consulting to help businesses identify vulnerabilities and implement effective defense measures. You can learn more about their servic
When you use a third party platform that offers an app for your on-premise platform - https://www.protectimus.com/platform/ , you are automatically taking advantage of the multi-factor security that they offer. It is easy to forget when you are using your computer, tablet, or smartphone that all of your data is being tracked in some way. With the use of a Protectimus application, your data is encrypted and protected even more. You are also provided with a second layer of security as a secondary level of protection. This helps to make your business' data secure even more.