North Korean Hackers Target Crypto Wealth, LinkedIn Fights Data Scraping, and AI Tools Leak Corporate Data

In this episode of Cybersecurity Today, host Jim Love covers the latest cybersecurity headlines including North Korean hackers targeting wealthy crypto investors, LinkedIn suing a firm for creating fake accounts to scrape user data, a massive ransomware campaign by the CIOp gang targeting Oracle’s E-Business Suite, and new research highlighting AI tools as the top channel for corporate data leaks. Listen in for insights and key takeaways to protect your digital assets and corporate data.

00:00 North Korean Hackers Target Wealthy Crypto Holders
02:09 LinkedIn Sues Over 1 Million Fake Accounts
03:46 Ransomware Attack on Oracle's E-Business Suite
05:42 AI Tools: The New Channel for Corporate Data Leaks
07:53 Conclusion and Contact Information

AI Browsers Turn Rogue, Discord Data Breach, and Surge in Palo Alto Scans

In this episode of Cybersecurity Today, host David Shipley discusses several significant cybersecurity concerns. Firstly, researchers at Layer X have uncovered a flaw in the Perplexity Comet AI browser that allows malicious prompts to turn the browser into a data thief with just a single click. Additionally, Discord has disclosed a data breach affecting users' personal information due to a third-party customer service provider compromise. Cybersecurity researchers have also reported a massive surge in scans targeting Palo Alto Network's login portals, suggesting potential reconnaissance for future attacks. Finally, the US Department of Defense has opted to reduce its mandatory cybersecurity training to allow military personnel to focus on their core missions, a move that has raised concerns given the intertwined nature of cyber and kinetic warfare.

00:00 Introduction and Headlines
00:32 AI Browser Security Flaw: Comet Jacking
03:11 Discord Data Breach: What Happened?
05:59 Surge in Scans Targeting Palo Alto Devices
08:07 US Department of Defense Cuts Cybersecurity Training
10:23 Conclusion and Viewer Engagement

In this episode of 'Cybersecurity Today: Our Month in Review,' host Jim welcomes a panel including Tammy Harper from Flair, Laura Payne from White Tuque, and David Shipley, CEO of Beauceron Securities. The discussion kicks off with an overview of their plans for Cybersecurity Month, including reviving the MapleSEC show and the CIO of the Year awards. David shares his experiences at SECTOR, Canada's largest cybersecurity conference, discussing the importance of security awareness training and the risks of irresponsible tech journalism on public perception. The panel also delves into the resurgence of the Clop ransomware group, their shift to data extortion, and their exploitation of vulnerabilities in Oracle EBS applications. Laura highlights a concerning case of insider threats at RBC, emphasizing the importance of process-driven controls. The episode also touches on the human side of cybersecurity, particularly the impact of romance scams and the growing violence in cybercrime. The panelists underscore the need for improved security awareness and the role of AI in identifying scams. Tammy, Laura, and David conclude by discussing the role of insider threats and the ethical boundaries in cybercrime, sharing insights from recent real-world cases.

00:00 Introduction and Panelist Introductions
00:43 Cybersecurity Month Initiatives
02:46 Security Awareness and Phishing Training
04:03 Impact of Irresponsible Tech Journalism
08:27 AI and Cybersecurity: Hype vs. Reality
10:43 Conference Experiences and Networking
18:33 Clop Ransomware and Data Extortion
23:45 Tammy's Insights on Clop's Tactics
24:58 Scattered Lasus and Cyber Warfare
26:32 Media Savvy Cybercriminals
31:36 Human Impact of Cyber Scams
37:17 Insider Threats and Security Awareness
43:21 Physical Security and Cyber Threats
48:33 Cybercrime Targeting Children
50:58 Conclusion and Upcoming Topics

Cybersecurity Today: Red Hat Breach, CLOP Targets Oracle, and CISA Cuts Critical Support

In this episode of Cybersecurity Today, host Jim Love covers a recent breach of Red Hat's consulting GitLab server, highlighting concerns over exposed network maps and tokens. The CLOP extortion gang targets Oracle E-Business Suite clients, demanding ransom for sensitive data. Surveys show Canadian businesses are overconfident in their cyber defenses despite frequent attacks. Finally, CISA has ended a crucial cybersecurity support agreement, impacting state and local governments amidst a federal shutdown. Tune in for detailed analysis and urgent action items.

00:00 Red Hat GitLab Server Breach
02:21 CLOP Gang Targets Oracle E-Business Suite
04:29 Canadian Firms' Overconfidence in Cybersecurity
06:31 CISA Ends Critical Support Amid Shutdown
08:38 Conclusion and Upcoming Month in Review

Critical Vulnerabilities and AI Voice Cloning Risks in Cybersecurity

In this episode of Cybersecurity Today, host Jim Love discusses key cybersecurity threats, including critical vulnerabilities in Sudo and Cisco firewalls, and a remote command flaw in Western Digital MyCloud devices. The show highlights efforts by national security agencies in the US, Canada, France, Netherlands, and the UK to address these risks, urging immediate patching and system updates. Additionally, the episode covers the emerging threat of real-time AI voice cloning, stressing the need for stricter security measures to prevent social engineering attacks. Listeners are encouraged to implement robust verification processes to secure their organizations and personal communications.

00:00 Critical Sudo Flaw Warning
00:21 Cisco Firewalls Vulnerabilities
02:34 Western Digital MyCloud Devices at Risk
03:48 AI Voice Cloning Threat
05:16 Conclusion and Contact Information

Emerging Cybersecurity Threats: Lockbit 5.0, Salesforce AI Vulnerabilities, and China's Cyber Intelligence Advancements

In this episode of 'Cybersecurity Today,' host Jim Love discusses the latest cybersecurity threats, including the emergence of Lockbit 5.0 ransomware which can attack multiple platforms simultaneously, and a critical vulnerability in Salesforce's AI agents known as forced leak prompt injection. Additionally, the episode delves into the growing capabilities of China's Ministry of State Security, which has become a significant cyber intelligence force under Xi Jinping, raising serious concerns for Western security agencies.

00:00 Introduction to Cybersecurity Threats
00:18 Lockbit 5.0: A New Ransomware Threat
03:01 Salesforce AI Agents Vulnerability
05:50 China's Cyber Intelligence Operations
08:55 Conclusion and Call to Action

Navigating the Complex Landscape of AI and Cybersecurity: A Conversation with Rob T. Lee

In this weekend edition of Cybersecurity Today, host Jim Love interviews Rob T. Lee, the Chief AI Officer and Chief of Research at the SANS Institute. They discuss the intersection of AI, education, and security, highlighting the dual nature of AI as both a transformative technology with immense benefits and as a significant security risk. Rob shares his insights on how organizations can mitigate these risks by adopting a 'yes' framework towards AI, fostering a culture of learning and experimentation, and acknowledging the vulnerabilities and knowledge gaps in the field. He emphasizes the importance of community engagement, practical learning, and the role of AI champions in driving innovation while maintaining security. Throughout the conversation, they address the challenges of implementing AI governance and explore the need for continual adaptation in the fast-evolving tech landscape.

00:00 Introduction and Guest Introduction
00:25 AI: Potential and Risks
01:26 Business vs. Security
03:36 Rob's Background and Experience
05:18 The Role of Practitioners in SANS
08:46 Governance and Security Challenges
17:13 The Crisis of Competency in AI
25:03 Encouraging Hands-On Learning
30:41 The Importance of Executive Involvement
33:49 The Problem with Security and Shadow AI
34:05 The Consequences of Shadow AI
34:52 Evaluating and Banning AI Tools
36:48 The Role of Executives in AI Adoption
40:04 Learning and Adapting to AI
42:47 The Importance of Community and Vulnerability
51:19 Practical Steps for AI Governance
58:47 Final Thoughts and Resources

Cybersecurity Today: Shadow Leak, SIM Farm Shutdown, Cisco Zero-Day, FBI Warning & Android Advanced Protection

In this episode of Cybersecurity Today, host Jim Love discusses several major cybersecurity issues. Key topics include the discovery of the 'Shadow Leak' vulnerability in ChatGPT servers by Radware, the dismantling of a massive SIM farm near the United Nations by the US Secret Service, a zero-day vulnerability affecting up to 2 million Cisco devices, an FBI warning about spoofed Internet Crime Complaint Center (IC3) websites, and a reminder about enabling Advanced Protection on Android phones. The episode also includes a shoutout to Jim Love's new audiobook 'Elisa, A Tale of Quantum Kisses,' available on multiple platforms.

00:00 Introduction and Sponsor Message
00:29 Shadow Leak Hits ChatGPT Servers
02:52 Massive SIM Farm Operation Uncovered
04:44 Cisco's Zero-Day Vulnerability
06:04 FBI Warns of Spoofed Crime Reporting Sites
07:07 Android's Advanced Protection Mode
08:00 Conclusion and Call to Action