Cybersecurity Today

Cybersecurity Today: The Rise of Living Off the Land Strategies & More In this episode of Cybersecurity Today's Month in Review, host Jim Love is joined by Laura Payne from White Tuque and David Shipley from Beauceron Security. They discuss several pressing cybersecurity issues, including the growing threat of 'living off the land' strategies where attackers use legitimate software to stay undetected, the risks associated with public Wi-Fi and QR codes, and the recent breaches involving Oracle's E-Business Suite and SonicWall's management devices. The panel also reflects on the often conflicting cybersecurity advice circulating today and emphasizes the importance of nuanced communication in security practices. Plus, find out who wins the 'Stinky' award for cybersecurity blunders and what you can do to stay safe. Special thanks to Meter for supporting this podcast. Tune in for a deep dive into these crucial cybersecurity topics and more. 00:00 Introduction and Sponsor Message 00:19 Welcome and Guest Introductions 00:50 Unique Coffee Partnership 02:27 Living Off the Land: Cybersecurity Tactics 04:33 Social Engineering and AI Threats 13:51 The Role of Social Media in Cyber Fraud 20:05 Microsoft's New Teams Feature: A Security Risk? 26:39 Oracle Vulnerability and Enterprise Security 27:26 Patching Core Systems: Challenges and Necessities 28:12 Clop Ransomware: A Persistent Threat 29:09 University Data Breaches: The Case of U Penn 30:18 Security Culture and Leadership Accountability 33:49 Debunking Security Myths: Juice Jacking and QR Codes 39:15 Public WiFi and VPNs: Proceed with Caution 41:18 The Importance of Effective Cybersecurity Communication 48:33 SonicWall Security Concerns and the Stinkies Awards 51:13 Wrapping Up: Reflections and Future Episodes

In this episode of 'Cybersecurity Today,' host Jim Love discusses several significant cybersecurity issues. Highlights include a maximum severity vulnerability in React Server Components dubbed React2Shell (CVE-2025-55182), a recently patched Windows shortcut flaw by Microsoft, and new attacks using the Evilginx phishing platform in schools. Additionally, the show explores a long-running campaign by 'Shady Panda,' which used browser extensions to harvest data, and an unexpected failure by Google's AI tool that led to the deletion of a developer's hard drive. The episode also thanks Meter for their continued support. 00:00 Introduction and Sponsor Message 00:48 React Vulnerability: React2Shell 03:13 Microsoft's Long-Standing Shortcut Flaw 04:50 Evilginx: Bypassing MFA in Education 06:59 Shady Panda's Malicious Extensions 09:13 Google's AI Mishap: Developer's Hard Drive Wiped 11:01 Conclusion and Final Thoughts

  This episode of Cybersecurity Today, hosted by Jim Love, delves into various cybersecurity threats and latest news. Topics include 'living off the land' attacks using Microsoft's native utilities, spoofing Calendly invites for phishing Google and Meta credentials, a significant breach at the University of Pennsylvania linked to Oracle E-Business Suite vulnerabilities, and findings on AI jailbreaks tied to syntactic patterns by researchers from MIT, Northeastern University, and Meta. The episode emphasizes the ongoing challenges and evolving strategies in cybersecurity. 00:00 Introduction and Sponsor Message 00:43 Living Off the Land Attacks Explained 03:41 Fake Calendly Invites and Phishing Campaigns 05:47 Oracle Breach and Its Implications 07:55 AI Jailbreaks and Syntax Hacking 11:27 Conclusion and Final Thoughts

In this episode of Cybersecurity Today, host David Shipley discusses a range of pressing cybersecurity issues. Topics include the surge in QR code parking scams, with recent cases in Monaco, Ottawa, and across Europe; an Australian man sentenced for evil twin WiFi attacks targeting travelers; the shutdown of the Code Red emergency notification system due to ransomware; and critical vulnerabilities in Microsoft Teams' guest access feature. Shipley also examines the newly launched hacklore.org website aiming to debunk cybersecurity myths, while critiquing its dismissal of real-world threats. Stay informed on how criminals exploit simple deception, human assumptions, and technology lapses to perpetrate fraud and data breaches. 00:00 Introduction and Sponsor Message 00:21 Hack Lore vs. Real Cyber Threats 03:45 QR Code Parking Scams 07:24 Evil Twin WiFi Attacks 09:43 Ransomware Attack on Code Red 11:44 Microsoft Teams Security Flaw 15:09 Conclusion and Final Thoughts

The Intersection of Espionage Techniques and Cybersecurity Threats This episode explores the parallels between espionage and cybersecurity, particularly focusing on social engineering tactics used in both domains. Hosted by Jim Love, the podcast features insights from Neil Bisson, a retired intelligence officer from CSIS, and David Shipley, CEO of Beauceron Security. They discuss the vulnerabilities in human behavior that can be exploited, the similarity between human intelligence operations and phishing attacks, and how AI is transforming the landscape of social engineering. Practical advice on recognizing and mitigating these threats is also provided. The episode underscores the importance of empathy, skepticism, and continuous education in defending against sophisticated cyber threats. 00:00 Introduction and Sponsor Message 00:25 Linking Espionage and Cybersecurity 01:06 The Role of Social Engineering in Cyber Attacks 02:25 Guest Introductions: Neil Bisson and David Shipley 03:24 Recruitment Tactics in Intelligence 05:56 Phishing vs. Intelligence Recruitment 07:48 AI's Role in Modern Social Engineering 10:45 Building Trust and Rapport in Intelligence 16:19 Ethical Considerations in Intelligence Work 20:01 Future of Cybersecurity and Social Engineering 24:31 The Art of Subtle Manipulation 26:01 Clandestine Tactics and Voluntary Information 26:24 Incremental Trust Building 26:46 Psychological Manipulation and Cult Recruitment 27:34 Human Connection and Vulnerability 28:53 AI and Social Engineering 30:25 The Threat of AI in Recruitment 33:20 Emotional Manipulation in Espionage 36:19 Defending Against Manipulation 38:12 Empathy and Information as Defense 45:49 Final Thoughts and Audience Engagement

In this episode, the host addresses a previous mistake in naming a company involved in a breach, correcting SitusAMC for Ascensus, and extends apologies. Key topics include US banks assessing a breach fallout from financial tech vendor SitusAMC, ransomware group CioP targeting Broadcom through Oracle's vulnerabilities, a new malware campaign hiding in Blender 3D models named SteelC, supply chain attacks in the JavaScript ecosystem through NPM packages with Shai-Hulud malware, and a phishing scam using lookalike domains to deceive Microsoft account holders. Listeners are reminded to manually type URLs to avoid phishing scams, and are informed about the Thanksgiving weekend schedule change. 00:00 Introduction and Apology 01:26 Cybersecurity Headlines 02:13 US Banks Data Theft Incident 03:44 Broadcom and Oracle ERP Breach 05:29 Blender Malware Campaign 07:45 Shai-Hulud NPM Package Attack 09:41 Phishing Campaign Targeting Microsoft Accounts 11:39 Final Thoughts and Thanksgiving Wishes

In today's episode of Cybersecurity Today, hosted by Jim Love, several major cybersecurity incidents are discussed. US banks are assessing the impact of a security breach at SitusAMC, where the ALFV ransomware group claimed to have stolen three terabytes of data. CIOP has targeted Broadcom through Oracle's E-Business Suite vulnerabilities. A new malware campaign hides inside Blender 3D models, exploiting the auto-run feature to deploy Steel C malware. The JavaScript ecosystem faces a supply chain attack from the Shai-Hulud malware compromising 500 NPM packages. Additionally, a phishing campaign leveraging visual deception with look-alike domains is targeting Microsoft account holders. The show is brought to you by Meter, which provides integrated networking solutions. 00:00 Introduction and Sponsor Message 00:21 US Banks Data Theft Incident 02:24 Broadcom and Oracle ERP Breach 04:09 Blender Files Supply Chain Attack 06:24 NPM Packages Compromised 08:21 Phishing Campaign Targeting Microsoft Accounts 10:19 Conclusion and Sponsor Message

In this episode, host David Shipley discusses some of the most pressing issues in cybersecurity today. Checkout.com refuses to pay a ransom to cyber extortion group Shiny Hunters and instead donates to cybersecurity research. The U.S. SEC ends its long-standing case against SolarWinds and their CISO Tim Brown, highlighting ongoing debates about cybersecurity accountability. Additionally, the FCC reverses cybersecurity mandates originally set after the Salt Typhoon hacks, drawing criticism and raising questions about national security preparedness. The episode emphasizes the critical role of policy and regulation in affecting cybersecurity outcomes and encourages the tech community to participate actively in shaping better laws and frameworks. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst   00:00 Introduction and Sponsor Message 00:51 Checkout.com Refuses Ransom and Supports Cyber Research 04:10 SEC Ends Case Against SolarWinds and CISO 08:36 FCC Reverses Cybersecurity Mandates 12:22 The Importance of Policy in Cybersecurity 14:42 Conclusion and Call to Action

In this episode of Cybersecurity Today, host Jim Love welcomes retired intelligence officer Neil Bisson and regular guest David Shipley for an in-depth discussion on current cybersecurity threats facing both Canada and the US. They explore the roles of major state actors like China, Russia, Iran, and North Korea in cyber espionage and sabotage, alongside the motivations driving such activities. The conversation delves into the challenges faced by corporations and critical infrastructure, the importance of understanding motivations behind cyber attacks, and the need for greater cooperation between the private sector and intelligence agencies. The episode also highlights the crucial steps individuals and organizations should take to protect themselves in this rapidly evolving cyber landscape. 00:00 Introduction and Sponsor Message 00:40 Meet Neil Bisson: A Retired Intelligence Officer 02:43 The Evolution of Intelligence Collection 04:29 The Role of Big Data in Modern Espionage 06:30 Corporate Espionage and Technological Advancements 11:45 National Security Threats and Private Sector Vulnerabilities 16:42 Global Players in Cybersecurity Threats 21:44 The Overlooked Cyber Capabilities of India 23:58 State-Sponsored Cybercrime: A Symbiotic Relationship 24:50 Critical Infrastructure Vulnerabilities 25:32 Cyber Attacks and International Relations 27:54 The Role of Intelligence Agencies 33:58 The Huawei Controversy 37:18 Balancing National Security and Economic Interests 41:55 The Future of Cybersecurity 45:39 Conclusion and Final Thoughts

In this episode of Cybersecurity Today, host Jim Love discusses several major cybersecurity events. CloudFlare faced significant outages affecting major platforms like Amazon and YouTube, along with continued issues for Microsoft 365 users. NordVPN warned of a surge in fake shopping websites as Black Friday approaches, with phishing attempts climbing 36% between August and October. An AI transcription tool caused a privacy breach at an Ontario hospital, leading to a privacy probe. Finally, Salesforce is investigating a data theft wave linked to Gainsight, illustrating the risks of OAuth token misuse. The episode is supported by Meter, a network infrastructure provider. 00:00 Introduction and Sponsor Message 00:44 CloudFlare Outages and Their Impact 02:34 Surge in Fake Shopping Websites 04:56 AI Privacy Breach at Ontario Hospital 08:41 Salesforce Data Theft Investigation 11:26 Conclusion and Sponsor Message

In this episode of 'Cybersecurity Today,' host Jim Love covers multiple pressing topics: CloudFlare's major outage affecting services like OpenAI and Discord, Microsoft's new AI feature in Windows 11 and its potential malware risks, a new red team tool that exploits cloud-based EDR systems, and a new tactic using calendar invites as a stealth attack vector. Additionally, a critical SAP vulnerability scoring a perfect 10 on the CVSS scale is discussed alongside a peculiar event where Anthropic's AI mistakenly tried to report a cybercrime to the FBI. The episode wraps up with a mention of the book 'Alyssa, A Tale of Quantum Kisses' and a thank you to Meter for sponsoring the podcast. Tune in for essential cybersecurity insights. 00:00 Introduction and Sponsor Message 00:22 CloudFlare Outage Causes Major Disruptions 02:55 Microsoft's New AI Features and Malware Risks 05:22 Silent but Deadly: New Red Team Tool 07:39 Calendar Invites as a Stealth Attack Vector 10:04 Critical SAP Vulnerability 12:11 Anthropic's AI and the FBI Incident 14:06 Conclusion and Final Thoughts

Critical Cybersecurity Updates: Fortinet Zero Day, North Korean Infiltration & JLR Cyber Attack In this episode of Cybersecurity Today, host David Chipley discusses the latest critical updates in the cybersecurity world. Fortinet faces a massive zero-day vulnerability actively exploited, leading to major security patches. North Korean IT workers have infiltrated 136 companies, massively impacting corporate security and funneling millions to the DPRK. Jaguar Land Rover's cyber attack results in a startling $220 million loss, affecting the UK's economy. Lastly, we delve into widespread copy-pasted flaws across leading AI platforms like Meta and Nvidia. Stay updated, stay secure! 00:00 Introduction and Sponsor Message 00:55 Fortinet Zero-Day Vulnerability 04:32 North Korean IT Worker Infiltration 07:45 Jaguar Land Rover Cyber Attack Impact 10:19 AI Platforms Hit with Copy-Pasted Flaw 13:42 Conclusion and Upcoming Events

In this episode of Cybersecurity Today, host Jim Love is joined by Tammy Harper, a senior threat intelligence researcher at Flare, to explore the future landscape of cybercrime. The conversation delves into various aspects like the evolution of underground markets, state-backed cyber sanctuaries, and decentralized escrow systems. Harper presents insights on extortion as a service, the implications of artificial intelligence in cybercrime, and the potential impact of quantum computing on encryption. The episode also discusses the changing nature of digital sovereignty and its effects on cybersecurity. This thorough examination offers a glimpse into the challenges and transformations in the world of cyber threats. 00:00 Introduction and Guest Introduction 01:14 Overview of Tammy Harper's Work 01:56 Future of Cybercrime: Key Pillars 03:43 The Underground Economy 08:18 Decentralization of Underground Forums 17:28 State-Backed Sanctuaries and Cybercrime Tourism 24:01 Extortion as a Service (EAS) 31:37 Affiliate Programs in Cybercrime 34:41 Usernames and Credibility in Cybercrime 36:25 Recruitment and the Perfect Storm 37:22 Money Mules and Financial Crimes 38:45 Ransomware Negotiators and Trust Issues 41:22 Artificial Intelligence in Cybercrime 49:16 Quantum Computing and Encryption 58:55 Digital Sovereignty and the Future of Cybercrime 01:05:48 Conclusion and Final Thoughts

In this episode, host Jim Love discusses several significant cybersecurity events and updates. The Washington Post confirmed a security breach affecting nearly 10,000 individuals due to an exploited Oracle E-Business Suite vulnerability. CrowdStrike's 2025 Global Threat Report highlights the rise of 'enterprising adversaries' and a surge in malware-free intrusions. In addition, a new phishing scam targets iPhone users by mimicking Apple's device recovery alerts. Finally, a listener raised concerns about security issues with SonicWall's management devices and systems. The show concludes with information on upcoming content and thanks to Meter for sponsoring the podcast. 00:00 Introduction and Sponsor Message 00:40 Oracle Breach Affects Thousands 02:53 CrowdStrike's Global Threat Report 07:04 New iPhone Phishing Scam 08:35 Listener Concerns About SonicWall 12:10 Conclusion and Upcoming Episodes

In this episode of Cybersecurity Today, host David Shipley covers the latest threats in the cybersecurity landscape. Highlights include the emergence of the quantum root redirect (QRR) phishing kit, a sophisticated automated phishing platform targeting Microsoft 365 credentials across 90 countries. The hospitality industry is also being hit with a new 'click fix' phishing campaign, compromising booking systems and targeting hotel guests. Researchers discover new vulnerabilities in ChatGPT, exposing private data via indirect prompt injection attacks. Additionally, the University of Pennsylvania confirms a massive data breach, highlighting the risks of not implementing comprehensive MFA protocols. Stay informed with the latest cybersecurity news and insights to protect your organization. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:46 Quantum Root Redirect: A New Phishing Threat 03:47 Click Fix Phishing Attacks on Hotels 07:58 ChatGPT Vulnerabilities and AI Security Risks 11:37 University of Pennsylvania Data Breach 15:12 Conclusion and Call to Action

Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst In today's episode, we cover the breach at the US Congressional Budget Office and its implications on national security, Microsoft Teams' chat feature being exploited for phishing attacks, and the increasing use of AI in cyber attacks. We also highlight how Canadian veterans are being retrained for careers in cybersecurity through the Coding for Veterans program. Hosted by Jim Love, we thank Meter for supporting this podcast with their complete networking stack solutions. 00:00 Introduction and Sponsor Message 00:51 US Congressional Budget Office Breach 02:27 Microsoft Teams Phishing Exploit 03:42 AI in Cybersecurity Attacks 06:09 Veterans in Cybersecurity 07:44 Conclusion and Sponsor Message

Unveiling the Double-Edged Sword of AI in Cybersecurity with Brian Black In this episode of Cybersecurity Today, host Jim Love interviews Brian Black, the head of security engineering at Deep Instinct and a former black hat hacker. Brian shares his journey into hacking from a young age, his transition to ethical hacking, and his experiences working with major companies. The discussion delves into the effectiveness of cybersecurity defenses against modern AI-driven attacks, the importance of understanding organizational data, and the challenges of maintaining robust security in the age of AI. Brian emphasizes the need for preemptive security measures and shares insights on the evolving threats posed by AI as well as the need for continuous education and adaptation in the cybersecurity field. 00:00 Introduction and Sponsor Message 00:21 Meet Brian Black: From Black Hat to Good Guy 00:55 Brian's Early Hacking Days 02:46 Transition to Ethical Hacking 04:11 Life in the Hacking Community 08:54 Advice for Aspiring Hackers and Parents 11:05 Corporate Career and Red Teaming 13:12 The Importance of Basics in Cybersecurity 21:41 Multifactor Authentication: The Good and the Bad 24:19 Challenges in Vendor Security Testing 27:41 Weaknesses in Cyber Defense 28:22 AI Speed vs Human Speed 28:37 AI in Cybersecurity Attacks 30:08 Dark AI Tools and Their Capabilities 32:54 AI Agents and Offensive Strategies 35:43 Challenges in Cybersecurity Defense 41:48 The Role of Red Teaming 42:46 Hiring the Right Red Team 46:59 Burnout in Cybersecurity 48:17 AI as a Double-Edged Sword 52:43 Deep Instinct's Approach to Security 53:58 Conclusion and Final Thoughts

In this episode of 'Cybersecurity Today,' hosted by Jim Love, the focus is on recent developments and tactics in cybersecurity. The episode discusses Meter's networking solutions, the innovative tactics of the ransomware group Killen using common Windows tools, and three new open-source offerings aimed at improving security: Heisenberg for software bills of materials, OpenAI's Aardvark for automated vulnerability detection, and Open PCC for securing AI data flows. The show emphasizes the importance of detecting unusual behaviors in legitimate tools and highlights the need for proactive security measures in development pipelines. Listeners are encouraged to explore these initiatives further through show notes and upcoming discussions. 00:00 Introduction and Sponsor Message 00:43 Ransomware Tactics: Using Everyday Tools 02:05 Heisenberg: Active Supply Chain Defense 03:38 Aardvark: Autonomous Security Researcher 04:56 Open PCC: Securing Enterprise AI Data 06:38 Final Thoughts and Resources 07:02 Closing and Upcoming Episodes

  In this episode of Cybersecurity Today, host Jim Love dives into several shocking security lapses and emerging threats. Highlights include ransomware negotiators at Digital Mint accused of being behind attacks, a new AI vulnerability that exploits Windows' built-in stack, and a misuse of OpenAI's API for command and control in malware operations. Additionally, AMD confirms a flaw in its Zen 5 CPUs that could lead to predictable encryption keys, and the Louvre faces scrutiny after a major theft reveals poor password practices and maintenance failures. The episode underscores the importance of basic security measures like strong passwords and regular audits despite advanced technological systems in place. 00:00 Introduction and Sponsor Message 00:48 Ransomware Negotiators Turned Hackers 02:08 AI Stack Vulnerabilities in Windows 04:04 Backdoor Exploits OpenAI's API 05:24 AMD's Encryption Key Flaw 06:59 Louvre Heist and Security Lapses 08:24 Conclusion and Call to Action

In this episode, host David Shipley discusses a significant cybersecurity breach at the University of Pennsylvania, which involved offensive emails sent from legitimate university addresses. The attackers claim to have accessed sensitive data, though their statements remain unverified. Shipley emphasizes the importance of vigilant communication and rapid response systems in mitigating damage. The episode also covers urgent cybersecurity alerts issued by Western agencies for Microsoft Exchange and WSUS servers, highlighting the necessity of continuous system updates and robust security measures. Lastly, Australia's cybersecurity agency warns against ongoing attacks on unpatched Cisco devices, urging immediate action. The episode underscores the theme of 'vigilance' in cybersecurity, stressing the role of culture and leadership in maintaining robust security practices. 00:00 Introduction and Sponsor Message 00:41 University of Pennsylvania Cyber Attack 05:26 US Government's Urgent Warning on Exchange and WSUS Servers 09:39 Australia's Bad Candy Cisco Router Attacks 12:19 Final Thoughts on Cybersecurity Vigilance 14:16 Conclusion and Sponsor Message