Cybersecurity Today

In this episode of Cybersecurity Today, host David Shipley discusses several major events, including the FBI's takedown of the Breach Forums portal. This site was associated with a significant Salesforce data breach and extortion campaign led by groups like Shiny Hunters and Scattered Lapses Hunters. Oracle users are also warned about a new critical vulnerability in the E-Business Suite, which could allow unauthorized data access without requiring login credentials. Additionally, the resurgence of the Asuru botnet, leveraging compromised IoT devices to execute large-scale DDoS attacks, raises concerns. The episode emphasizes the need for immediate patching and robust security measures by organizations and consumers alike. A positive note highlights a cybersecurity awareness initiative by the Indiana Toll Road. 00:00 FBI Takes Down Breach Forums 03:42 Oracle E-Business Suite Vulnerability 07:39 Massive Botnet Threatening US Networks 11:04 Community Cybersecurity Awareness 11:47 Conclusion and Sign-Off

In this episode of Cybersecurity Today, Jim hosts Craig Taylor, a seasoned virtual Chief Information Security Officer (vCISO) with over 25 years of experience. They discuss the evolution and significance of the vCISO role, Taylor's career path, and the founding of his company, Cyber Hoot, which provides cybersecurity education and vCISO services. Taylor shares insights into why companies, especially SMBs, opt for vCISO services due to budget constraints and the scarcity of cybersecurity professionals. He also talks about the common challenges faced by vCISOs, such as managing burnout and ensuring client adherence to security recommendations. The conversation delves into the importance of cybersecurity culture, the need for effective education, and the integration of cybersecurity in business practices. Taylor offers practical advice on hiring the right vCISO and highlights the benefits his company provides. The episode concludes with a discussion on the psychology behind successful cybersecurity practices and Taylor's thoughts on the future of the industry. 00:00 Introduction to Cybersecurity Today 00:04 Meet Craig Taylor: The Virtual CISO 00:47 The Early Days of Virtual CISOs 02:15 Building a Cybersecurity Company 03:40 The Rise of Virtual CISO Services 05:01 Challenges and Realities of Cybersecurity 06:42 The Importance of Cyber Literacy 20:38 Managing Cybersecurity Risks 28:05 Understanding Administrative Risks in Onboarding and Offboarding 28:39 Challenges with MSPs and Cybersecurity 29:27 The Importance of Basic Security Measures 31:52 Dealing with Technology Debt 32:52 Balancing Budget and Security Needs 35:13 Real-Life Cybersecurity Incidents 40:17 The Role of Education in Cybersecurity 46:12 Hiring the Right VCISO 51:33 Conclusion and Final Thoughts

Cybersecurity Today: Teenage Ransomware Arrests, GoAnywhere Critical Flaw, and Google AI Vulnerability In this episode of Cybersecurity Today, hosted by Jim Love, two teenagers were arrested in London for a ransomware attack on Kiddo International preschools, involving child data extortion. The show discusses a critical vulnerability in GoAnywhere MFT servers actively exploited by ransomware operators, emphasizing the need for immediate patching. It also highlights an urgent warning from CSA about a 2021 Windows flaw now under active attack. Additionally, researchers have found a new method to exploit Google's Gemini AI through invisible unicode characters, with Google declining to patch the issue. The episode concludes with security recommendations and a note on the show's upcoming special weekend edition for Canadian Thanksgiving. 00:00 Introduction and Headlines 00:28 Teenagers Arrested for Preschool Ransomware Attack 01:57 Critical Vulnerability in Go Anywhere MFT Servers 03:21 Urgent Alert for 2021 Windows Flaw 04:32 Google Gemini AI's Invisible Prompt Flaw 06:16 Conclusion and Sign-Off

North Korean Hackers Target Crypto Wealth, LinkedIn Fights Data Scraping, and AI Tools Leak Corporate Data In this episode of Cybersecurity Today, host Jim Love covers the latest cybersecurity headlines including North Korean hackers targeting wealthy crypto investors, LinkedIn suing a firm for creating fake accounts to scrape user data, a massive ransomware campaign by the CIOp gang targeting Oracle’s E-Business Suite, and new research highlighting AI tools as the top channel for corporate data leaks. Listen in for insights and key takeaways to protect your digital assets and corporate data. 00:00 North Korean Hackers Target Wealthy Crypto Holders 02:09 LinkedIn Sues Over 1 Million Fake Accounts 03:46 Ransomware Attack on Oracle's E-Business Suite 05:42 AI Tools: The New Channel for Corporate Data Leaks 07:53 Conclusion and Contact Information

AI Browsers Turn Rogue, Discord Data Breach, and Surge in Palo Alto Scans In this episode of Cybersecurity Today, host David Shipley discusses several significant cybersecurity concerns. Firstly, researchers at Layer X have uncovered a flaw in the Perplexity Comet AI browser that allows malicious prompts to turn the browser into a data thief with just a single click. Additionally, Discord has disclosed a data breach affecting users' personal information due to a third-party customer service provider compromise. Cybersecurity researchers have also reported a massive surge in scans targeting Palo Alto Network's login portals, suggesting potential reconnaissance for future attacks. Finally, the US Department of Defense has opted to reduce its mandatory cybersecurity training to allow military personnel to focus on their core missions, a move that has raised concerns given the intertwined nature of cyber and kinetic warfare. 00:00 Introduction and Headlines 00:32 AI Browser Security Flaw: Comet Jacking 03:11 Discord Data Breach: What Happened? 05:59 Surge in Scans Targeting Palo Alto Devices 08:07 US Department of Defense Cuts Cybersecurity Training 10:23 Conclusion and Viewer Engagement

In this episode of 'Cybersecurity Today: Our Month in Review,' host Jim welcomes a panel including Tammy Harper from Flair, Laura Payne from White Tuque, and David Shipley, CEO of Beauceron Securities. The discussion kicks off with an overview of their plans for Cybersecurity Month, including reviving the MapleSEC show and the CIO of the Year awards. David shares his experiences at SECTOR, Canada's largest cybersecurity conference, discussing the importance of security awareness training and the risks of irresponsible tech journalism on public perception. The panel also delves into the resurgence of the Clop ransomware group, their shift to data extortion, and their exploitation of vulnerabilities in Oracle EBS applications. Laura highlights a concerning case of insider threats at RBC, emphasizing the importance of process-driven controls. The episode also touches on the human side of cybersecurity, particularly the impact of romance scams and the growing violence in cybercrime. The panelists underscore the need for improved security awareness and the role of AI in identifying scams. Tammy, Laura, and David conclude by discussing the role of insider threats and the ethical boundaries in cybercrime, sharing insights from recent real-world cases. 00:00 Introduction and Panelist Introductions 00:43 Cybersecurity Month Initiatives 02:46 Security Awareness and Phishing Training 04:03 Impact of Irresponsible Tech Journalism 08:27 AI and Cybersecurity: Hype vs. Reality 10:43 Conference Experiences and Networking 18:33 Clop Ransomware and Data Extortion 23:45 Tammy's Insights on Clop's Tactics 24:58 Scattered Lasus and Cyber Warfare 26:32 Media Savvy Cybercriminals 31:36 Human Impact of Cyber Scams 37:17 Insider Threats and Security Awareness 43:21 Physical Security and Cyber Threats 48:33 Cybercrime Targeting Children 50:58 Conclusion and Upcoming Topics

Cybersecurity Today: Red Hat Breach, CLOP Targets Oracle, and CISA Cuts Critical Support In this episode of Cybersecurity Today, host Jim Love covers a recent breach of Red Hat's consulting GitLab server, highlighting concerns over exposed network maps and tokens. The CLOP extortion gang targets Oracle E-Business Suite clients, demanding ransom for sensitive data. Surveys show Canadian businesses are overconfident in their cyber defenses despite frequent attacks. Finally, CISA has ended a crucial cybersecurity support agreement, impacting state and local governments amidst a federal shutdown. Tune in for detailed analysis and urgent action items. 00:00 Red Hat GitLab Server Breach 02:21 CLOP Gang Targets Oracle E-Business Suite 04:29 Canadian Firms' Overconfidence in Cybersecurity 06:31 CISA Ends Critical Support Amid Shutdown 08:38 Conclusion and Upcoming Month in Review

Critical Vulnerabilities and AI Voice Cloning Risks in Cybersecurity In this episode of Cybersecurity Today, host Jim Love discusses key cybersecurity threats, including critical vulnerabilities in Sudo and Cisco firewalls, and a remote command flaw in Western Digital MyCloud devices. The show highlights efforts by national security agencies in the US, Canada, France, Netherlands, and the UK to address these risks, urging immediate patching and system updates. Additionally, the episode covers the emerging threat of real-time AI voice cloning, stressing the need for stricter security measures to prevent social engineering attacks. Listeners are encouraged to implement robust verification processes to secure their organizations and personal communications. 00:00 Critical Sudo Flaw Warning 00:21 Cisco Firewalls Vulnerabilities 02:34 Western Digital MyCloud Devices at Risk 03:48 AI Voice Cloning Threat 05:16 Conclusion and Contact Information

Emerging Cybersecurity Threats: Lockbit 5.0, Salesforce AI Vulnerabilities, and China's Cyber Intelligence Advancements In this episode of 'Cybersecurity Today,' host Jim Love discusses the latest cybersecurity threats, including the emergence of Lockbit 5.0 ransomware which can attack multiple platforms simultaneously, and a critical vulnerability in Salesforce's AI agents known as forced leak prompt injection. Additionally, the episode delves into the growing capabilities of China's Ministry of State Security, which has become a significant cyber intelligence force under Xi Jinping, raising serious concerns for Western security agencies. 00:00 Introduction to Cybersecurity Threats 00:18 Lockbit 5.0: A New Ransomware Threat 03:01 Salesforce AI Agents Vulnerability 05:50 China's Cyber Intelligence Operations 08:55 Conclusion and Call to Action

Navigating the Complex Landscape of AI and Cybersecurity: A Conversation with Rob T. Lee In this weekend edition of Cybersecurity Today, host Jim Love interviews Rob T. Lee, the Chief AI Officer and Chief of Research at the SANS Institute. They discuss the intersection of AI, education, and security, highlighting the dual nature of AI as both a transformative technology with immense benefits and as a significant security risk. Rob shares his insights on how organizations can mitigate these risks by adopting a 'yes' framework towards AI, fostering a culture of learning and experimentation, and acknowledging the vulnerabilities and knowledge gaps in the field. He emphasizes the importance of community engagement, practical learning, and the role of AI champions in driving innovation while maintaining security. Throughout the conversation, they address the challenges of implementing AI governance and explore the need for continual adaptation in the fast-evolving tech landscape. 00:00 Introduction and Guest Introduction 00:25 AI: Potential and Risks 01:26 Business vs. Security 03:36 Rob's Background and Experience 05:18 The Role of Practitioners in SANS 08:46 Governance and Security Challenges 17:13 The Crisis of Competency in AI 25:03 Encouraging Hands-On Learning 30:41 The Importance of Executive Involvement 33:49 The Problem with Security and Shadow AI 34:05 The Consequences of Shadow AI 34:52 Evaluating and Banning AI Tools 36:48 The Role of Executives in AI Adoption 40:04 Learning and Adapting to AI 42:47 The Importance of Community and Vulnerability 51:19 Practical Steps for AI Governance 58:47 Final Thoughts and Resources

Cybersecurity Today: Shadow Leak, SIM Farm Shutdown, Cisco Zero-Day, FBI Warning & Android Advanced Protection In this episode of Cybersecurity Today, host Jim Love discusses several major cybersecurity issues. Key topics include the discovery of the 'Shadow Leak' vulnerability in ChatGPT servers by Radware, the dismantling of a massive SIM farm near the United Nations by the US Secret Service, a zero-day vulnerability affecting up to 2 million Cisco devices, an FBI warning about spoofed Internet Crime Complaint Center (IC3) websites, and a reminder about enabling Advanced Protection on Android phones. The episode also includes a shoutout to Jim Love's new audiobook 'Elisa, A Tale of Quantum Kisses,' available on multiple platforms. 00:00 Introduction and Sponsor Message 00:29 Shadow Leak Hits ChatGPT Servers 02:52 Massive SIM Farm Operation Uncovered 04:44 Cisco's Zero-Day Vulnerability 06:04 FBI Warns of Spoofed Crime Reporting Sites 07:07 Android's Advanced Protection Mode 08:00 Conclusion and Call to Action

Cybersecurity Today: GitHub's NPM Lockdown, Deep Fake Threats, and Yellowknife's Cyber Incident In this episode of 'Cybersecurity Today', host Jim Love discusses GitHub's response to widespread supply chain attacks in the NPM ecosystem, the alarming rise of deep fake attacks as highlighted by Gartner, and the remarkable handling of a cyber incident by the city of Yellowknife. Tune in for the latest updates on cybersecurity threats, expert analysis, and the steps organizations are taking to combat these sophisticated attacks. Plus, discover Jim's sci-fi romance adventure audiobook 'Elisa: A Tale of Quantum Kisses' now available on major platforms. 00:00 Introduction and Sponsor Message 00:55 GitHub's Response to NPM Supply Chain Attacks 03:19 Gartner's Warning on Deep Fake and AI Attacks 06:03 Yellowknife's Cyber Incident and Response 08:20 Conclusion and Final Thoughts

Cybersecurity Today: Major Vulnerabilities and Attacks Uncovered Join host David Shipley for today's cybersecurity updates on the last day of summer 2025. In this episode, we delve deep into Microsoft's critical Entra ID vulnerability, a cyber attack crippling major European airports, the rise of SpamGPT targeting phishing operations, and the alarming zero-click flaw in OpenAI's deep research agent. Hear about Canadian Police's big win against the shadowy Trade Ogre crypto platform and their $40 million asset seizure. Buckle up for a reality check on the evolving cyber threats and their impact on global security. 00:00 Introduction and Overview 00:55 Microsoft's Extinction Level Vulnerability 05:19 European Airports Cyber Attack 08:20 SpamGPT: AI for Cyber Criminals 09:53 Shadow Leak: Zero Click AI Vulnerability 12:09 Trade Ogre Takedown 14:50 Conclusion and Upcoming Events

Unveiling the Ransomware Ecosystem with Tammy Harper In this compelling episode, Jim is joined by Tammy Harper from Flair.io to re-air one of their most popular and insightful episodes. Dive into the intricate world of ransomware as Tammy, a seasoned threat intelligence researcher, provides an in-depth introduction to the ransomware ecosystem. Explore the basics and nuances of ransomware, from its origins to its modern-day complexities. Tammy discusses not only the operational structures and notable ransomware groups like Conti, LockBit, and Scattered Spider, but also the impact and evolution of ransomware as a service. She also elaborates on ransomware negotiation tactics and how initial access brokers operate. This episode is packed with invaluable information for anyone looking to understand the cybercrime underground economy. Don’t forget to leave your questions in the comments, and they might be addressed in future episodes! 00:00 Introduction and Episode Re-Run Announcement 00:29 Guest Introduction: Tammy Harper from Flair io 00:41 Exploring the Dark Web and Ransomware 02:21 Tammy Harper's Background and Expertise 03:40 Understanding the Ransomware Ecosystem 04:02 Ransomware Business Models and Initial Access Brokers 07:08 Double and Triple Extortion Tactics 11:23 History of Ransomware: From AIDS Trojan to WannaCry 13:02 The Rise of Ransomware as a Service (RaaS) 19:41 Conti: The Ransomware Giant 26:17 Conti's Tools of the Trade: EMOTET, ICEDID, and TrickBot 32:05 The Conti Leaks and Their Impact 34:04 LockBit and the Ransomware Cartel 37:07 National Hazard Agency: A Subgroup of LockBit 38:17 Release of Volume Two and Its Impact 39:08 Details of the Training Manual 40:52 Ransomware Negotiations 41:28 Ransom Chat Project 42:27 Conti vs. LockBit Negotiation Tactics 43:30 Professionalism in Ransomware Operations 47:07 Ransomware Chat Simulation 48:03 Ransom Look Project 49:11 Current Ransomware Landscape 50:32 Infiltration and Research Methods 51:47 Profiles of Emerging Ransomware Groups 01:05:21 Initial Access Market 01:10:26 Future of Ransomware and Law Enforcement Efforts 01:13:14 Conclusion and Final Thoughts

Cybersecurity Today: The Good News Edition In this episode, host Jim Love addresses a previous mistake regarding the location of Yellowknife and announces a special 'good news' edition. Key stories include Microsoft's dismantling of a global phishing-as-a-service operation Raccoon 0365, the recovery of nearly $2 million lost to a business email compromise scam by a Texas county, and the Commonwealth Bank of Australia's significant reduction in scam losses through AI-powered defenses. The episode emphasizes lessons learned in cybersecurity and the positive outcomes from recent countermeasures. Love also mentions that the usual host, David Shipley, will return on Monday. 00:00 Introduction and Apology 01:38 Good News Stories Overview 02:18 Microsoft Dismantles Raccoon 0365 03:59 Texas County Recovers $2 Million 05:51 CommBank's AI-Powered Scam Prevention 08:01 Conclusion and Contact Information

Cybersecurity Worms, Steganography Attacks, Municipal Cyber Incidents and More... In this episode of Cybersecurity Today, host Jim Love delves into multiple cybersecurity threats affecting the tech landscape. He discusses the 'Shai Hulud' worm, which has infiltrated over 187 JavaScript libraries on NPM, exploiting developer tokens for spread, including those maintained by CrowdStrike. Love explains practical but challenging measures to mitigate such threats. He also explores steganography's role in hiding malicious scripts within seemingly benign image files, urging vigilance against embedding hidden commands. Additionally, the episode covers a cyber incident in Yellowknife, causing severe disruptions to municipal services and emphasizing the importance of cyber hygiene and support from higher government levels. Lastly, Jim examines how a Windows 11 patch has created a new vulnerability, stressing the need for enhanced monitoring and quick updates. 00:00 Introduction and Overview 00:21 The Shy Ude Worm: A New Threat 02:19 Steganography: Hiding in Plain Sight 05:30 Cybersecurity Incident in Yellowknife 07:24 Microsoft's Patch Problems 08:27 Conclusion and Contact Information

Cybersecurity Today: NPM Attack, Void Proxy Phishing, and Major Business Disruptions In this episode of Cybersecurity Today, host David Shipley discusses a recent massive NPM attack that, despite causing significant disruption, left hackers with minimal gains. We also cover a new, highly sophisticated phishing service called Void Proxy, which targets Microsoft and Google accounts. Additionally, we delve into the severe repercussions of cyber attacks on major companies like Jaguar Land Rover and Marks and Spencer, highlighting the wide-ranging impacts on supply chains and leadership. Join us for the latest updates and insights from the world of cybersecurity. 00:00 Introduction and Headlines 00:35 Massive NPM Attack: What Happened? 02:53 Void Proxy: A New Phishing Threat 05:31 Jaguar Land Rover Cyber Attack Impact 06:59 Marks and Spencer Leadership Change 08:04 Conclusion and Final Thoughts

Inside Zero Trust: John Kindervag and the Evolution of Cybersecurity In this episode of Cybersecurity Today: Weekend Edition, host Jim Love speaks with John Kindervag, the pioneer behind the Zero Trust model of cybersecurity. With over 25 years of industry experience, John delves into how the concept originated from his early work with firewalls, advocating for a system where no packet is trusted by default. He discusses the fundamental principles of Zero Trust, including defining protect surfaces, mapping transaction flows, and implementing microsegmentation. The conversation also touches on overcoming cultural and organizational challenges in cybersecurity, the inadequacies of traditional risk models, and adapting Zero Trust methodologies in the evolving landscape, including AI. Through thoughtful discourse and practical insights, John underscores the importance of strategic and tactical implementations in building resilient and secure systems. 00:00 Introduction to Cybersecurity Today 00:25 Meet John Kindervag: The Godfather of Zero Trust 01:50 The Birth of Zero Trust 04:08 Challenges and Evolution of Zero Trust 06:03 From Forrester to Practical Implementations 11:40 The Concept of Protect Surfaces 17:30 Risk vs. Danger in Cybersecurity 30:54 Farmers and Technology 31:48 The Importance of IT in Business 32:26 Introduction to Zero Trust 32:41 Five Steps to Zero Trust 33:14 Mapping Transaction Flows 34:25 Custom Architecture for Zero Trust 34:55 Defining Policies with the Kipling Method 36:04 Monitoring and Maintaining Zero Trust 36:28 The Concept of Anti-Fragile Systems 38:47 Challenges and Success Stories in Zero Trust 42:02 Microsegmentation and Protect Surfaces 45:39 AI and Zero Trust 49:22 Advice for Implementing Zero Trust 50:37 Military Insights and Decision Making 57:19 The Future of Zero Trust 59:07 Conclusion and Final Thoughts

Cybersecurity Today: Microsoft Patches, Canadian Data Breach, NVIDIA's New Tool, and a Senator's Call for Investigation In this episode of Cybersecurity Today, host Jim Love discusses Microsoft's September patch update addressing 81 security flaws, including two zero-day vulnerabilities. Highlights include a data breach in Canada affecting email and phone numbers, NVIDIA's release of an open-source LLM vulnerability scanner, and US Senator Ron Wyden's call for the FTC to investigate Microsoft's security practices. The episode also clears up the mystery behind the bricked SSDs after a Windows 11 update. 00:00 Microsoft Patches 81 Flaws 02:29 Canadian Government Data Breach 03:38 NVIDIA's Garrick: AI Vulnerability Scanner 05:01 Senator Urges FTC to Probe Microsoft 06:52 Mystery of Bricked SSDs Solved 08:24 Conclusion and Upcoming Interview

Phishing Scams, Leaked Stream Keys, Zero-Day Android Vulnerabilities, and Bounties on Russian Hackers In this episode of Cybersecurity Today, host Jim Love discusses several critical cybersecurity issues. Attackers are using iCloud calendar invites for phishing scams, leveraging Apple's system to bypass security checks. The US Department of Defense has exposed livestream credentials, risking hijack and fake content insertion. Billions of Android phones are vulnerable due to unpatched critical zero days, and Google has only fixed issues for Pixel devices so far. Additionally, the US State Department has placed a $10 million bounty on three Russian FSB hackers responsible for attacks on energy companies. Jim emphasizes the importance of securing digital assets and maintaining strong cybersecurity practices. 00:00 Introduction and Headlines 00:24 Phishing Scam via iCloud Calendar Invites 03:18 US Department of Defense Livestream Vulnerabilities 05:53 Critical Android Zero-Day Vulnerabilities 07:38 US Bounty on Russian FSB Hackers 09:42 Conclusion and Contact Information