Avsnitt
-
In this episode of Cybersecurity Today, host Jim Love dives deep into the latest advancements in AI technology with a focus on the new open-source model, DeepSeek, from China. Love discusses the significant cost differences in training and running this model compared to competitors like OpenAI and highlights DeepSeek's efficiency and ability to run on older GPUs. The conversation pivots to the cybersecurity implications of such open-source models, especially for professionals in the field. Special guest Robert Falzon, head of engineering at CheckPoint Software, joins the discussion to provide insights on how cybercriminals are leveraging AI tools and the newfound accessibility of powerful AI models. Love and Falzon also explore the current state of cybersecurity education, risk assessment, and the importance of realistic conversations about risks and safeguards in the face of these technological advancements. Tune in for an in-depth analysis of the intersection of AI and cybersecurity and what it means for professionals and companies moving forward.
00:00 Introduction to Cybersecurity Today
00:05 DeepSeek: A Game-Changer in AI
00:48 DeepSeek's Cost Efficiency and Accessibility
01:30 Open Source and Democratization of AI
02:59 Cybersecurity Concerns with AI Advancements
03:51 Interview with Robert Falzon from CheckPoint Software
04:13 AI's Impact on Everyday Life and Cybersecurity
05:17 The Knowledge Gap in AI and ML
07:50 The Risks of Data Security in AI
10:20 Cybersecurity Fundamentals and AI
10:59 The Growing Threat of AI in Cybercrime
18:29 The Need for Improved Security Measures
23:07 The Reality of AI-Driven Cyber Attacks
25:08 Advanced Malware Targeting Specific Industries
25:48 The Evolution of Phishing Attacks
27:13 AI and Home Automation Security
28:12 Banking System Vulnerabilities
29:23 Internal AI Threats and Risk Management
31:07 The Need for Updated Risk Assessments
31:43 Educating Organizations on AI and Cybersecurity
36:19 The Importance of Cyber Hygiene
45:11 Final Thoughts and Optimism for the Future -
Cybersecurity Today: EDR Evasion, SSH Backdoor, WhatsApp Zero-Click Hack, and DeepSeek AI
In today's episode of Cybersecurity Today, host Jim Love discusses several pressing cybersecurity issues. The show covers Canada's Digital Governance Council's launch of a cyber ready validation program designed to help small and medium-sized businesses improve their cybersecurity. Jim then delves into a new cyber attack technique that bypasses Endpoint Detection and Response (EDR) systems, an SSH backdoor used by the Chinese cyber espionage group Evasive Panda, and a zero-click hacking technique targeting WhatsApp users. The episode concludes with insights on the Chinese open-source AI DeepSeek and the importance of nuanced discussion in security debates. Stay tuned for expert interviews on AI and cybersecurity in upcoming episodes.
00:00 Introduction to Cyber Ready Validation Program
00:52 Emerging Cyber Threats: EDR Evasion
04:42 New SSH Backdoor by Evasive Panda
06:31 WhatsApp Zero-Click Exploit
08:03 DeepSeek AI and Security Concerns
10:45 Conclusion and Call for Discussion -
Saknas det avsnitt?
-
In this episode of Cybersecurity Today with Jim Love, explore the growing concerns surrounding DeepSeek AI's censorship and lack of guardrails, the rise of 'Shadow AI' in workplaces, and how cybercriminals exploit major cloud providers like AWS and Azure. Learn about a phishing scam targeting Microsoft single sign-on that's been undetected for six years, and get insights into the critical measures needed to safeguard against these evolving threats.
00:00 Introduction to Cybersecurity Today
00:25 DeepSeek AI: Censorship and Security Concerns
02:56 Shadow AI: The Rise of Unauthorized Generative Tools
05:05 Cloud Providers Exploited by Cybercriminals
07:31 Phishing Scams Targeting Microsoft Single Sign-On
09:03 Conclusion and Listener Engagement -
Cybersecurity Threats: Fraud in Canada, DeepSeek AI Jailbreak & Toll Scams - Exclusive Interview with Ivan Novikov
In this episode of Cybersecurity Today, host Jim Love discusses the alarming $638 million lost by Canadians to fraud in 2024, with investment fraud being the most significant contributor. The episode also covers the successful jailbreak of China's DeepSeek AI model, raising major security concerns, and a new phishing scam targeting US toll road users. The episode concludes with a detailed interview with Ivan Novikov, CEO of Wallarm, discussing API security vulnerabilities and their research findings.
00:00 Introduction and Overview
00:21 Fraud in Canada: A Deep Dive
01:14 Investment and Identity Fraud Insights
01:49 Preventive Measures and Reporting
02:47 DeepSeek AI Model Jailbreak
04:38 SMS Phishing Scams Targeting US Toll Road Users
06:34 Exclusive Interview with Ivan Novikov
07:41 Wallarm's API Security Study
15:01 DeepSeek Jailbreak Techniques
25:13 Conclusion and Final Thoughts -
Cybersecurity Today: DeepSeek AI Disruptions, Nvidia Breach, and TalkTalk Hack Revisited
In this weekend edition of Cybersecurity Today, our panel reviews the most significant cybersecurity stories of the past month. This episode features Laura Payne from White Tuque, David Shipley from Beauceron Security, and Dana Proctor from IBM. Key topics include the sudden emergence of DeepSeek AI, Nvidia’s vulnerabilities and their effect on stock prices, and TalkTalk’s latest data breach. Additionally, the discussion covers the soaring API security vulnerabilities reported by Wallarm and the UK’s potential legislative action on ransomware payments. Stay tuned for expert insights and analysis on these pressing issues in the world of cybersecurity.
00:00 Introduction and Panel Welcome
00:41 DeepSeek AI Disruption
02:09 Security Concerns and Reactions
04:06 NVIDIA's Vulnerabilities and AI Security
07:15 Economic and Geopolitical Implications
12:13 AI in Business and Security Practices
20:57 Open Source AI and Cybersecurity Risks
25:37 Responsibility in Data Management
26:25 AI's Unstoppable Progress
26:53 API Security Concerns
28:41 Non-Human Identities and API Challenges
30:36 The State of Cybersecurity Awareness
35:05 Legislative Hopes and Cybersecurity
37:25 TalkTalk Breach Revisited
44:10 Ransomware Legislation Proposals
45:34 Shoutout to Cyber Police
47:04 Closing Remarks and Audience Engagement -
Cybersecurity Today: DeepSeek AI's Data Breach, New API Threats, & Operation Talent
In this episode of 'Cybersecurity Today,' host Jim Love delves into the recent security lapse by DeepSeek AI, highlighting the exposure of sensitive data through an open ClickHouse database. Learn about the growing threat posed by APIs as the primary attack vector in cybersecurity, with findings from Wallarm's 2025 API Threat Stat Report. Additionally, discover the impact of international law enforcement's Operation Talent on dismantling major cybercrime forums, and be informed about a new browser attack technique, 'browser sync jacking,' which poses risks to millions of users. Stay tuned for a comprehensive overview of the latest in cybersecurity.
00:00 Major Security Concerns with DeepSeek AI Databases
03:13 The Rise of API Cyber Attacks
05:23 Global Crackdown on Cybercrime Forums
07:04 New Browser Attack Technique Discovered
08:54 Conclusion and Upcoming Discussions -
Navigating AI Cyber Threats and Critical Infrastructure Vulnerabilities
In this episode of Cybersecurity Today, host Jim Love discusses the recent cyber attack on AI platform DeepSeek that exploited open source vulnerabilities. He highlights significant challenges in U.S. cybersecurity oversight following disruptions in key bodies like the Cyber Safety Review Board. The episode also covers a backdoor vulnerability in Juniper routers being actively exploited, and the FBI warning about misuse of local admin accounts. Organizations are urged to bolster their defenses by reviewing admin logs and enforcing stronger access controls amidst evolving cyber threats.
00:00 Introduction to Cybersecurity Challenges
00:23 DeepSeek Cyber Attack Incident
01:10 Leadership Crisis in Cybersecurity Oversight
02:28 Juniper Router Backdoor Vulnerability
03:49 FBI Warning on Local Admin Account Exploits
04:55 Conclusion and Contact Information -
Cybersecurity Recap: Major Data Breaches, Transparency Issues, and a Twist on Script Kiddies
In this episode of Cybersecurity Today, host Jim Love covers various major cybersecurity incidents and developments. Mozilla criticizes the auto industry's data privacy practices following a Volkswagen data breach affecting 800,000 electric cars. The Upper Canada School Board faces a data breach exposing sensitive information. MasterCard is scrutinized for its lack of transparency over a DNS misconfiguration. In a surprising turn, a fake malware builder hacks 18,000 script kiddies attempting cyber attacks. Tune in for detailed insights and important cybersecurity updates.
00:00 Volkswagen Data Breach Exposes 800,000 Electric Cars
02:14 Upper Canada School Board Data Breach
03:40 MasterCard's Transparency Issues
05:56 Hackers Get Hacked: Fake Malware Builder
07:33 Conclusion and Contact Information -
Exploring Cyber Vulnerabilities in Civic Infrastructure with Ethical Hacker Nick Aleks
In this episode, we dive into the vulnerabilities present in our civic infrastructure with ethical hacker Nick Aleks. We discuss the risks associated with outdated and poorly secured systems that run our cities' utilities, smart buildings, and transit networks. Nick provides insights into how nation-state hackers could exploit these vulnerabilities and the serious consequences of such attacks. The video highlights the importance of collaboration, regular security updates, and the role of ethical hackers in identifying and mitigating these threats.
00:00 Introduction to Civic Infrastructure Issues
01:28 A Hacker's Perspective on City Infrastructure
03:36 Exploring Vulnerabilities in Smart Infrastructure
12:01 The Threat to Municipal Systems
19:00 Defensive Measures and Solutions
23:42 Conclusion and Final Thoughts -
Cybersecurity Today: Stolen Credentials, Firewall Leaks, and Energy Sector Risks
In this episode of Cybersecurity Today, host Jim Love discusses the alarming sale of thousands of credentials from leading cybersecurity vendors on the dark web, a massive leak of FortiGate firewall configuration files impacting nearly 5,000 organizations, and a major breach at education technology provider PowerSchool exposing sensitive data for millions. The episode also examines the increasing threats facing the U.S. energy sector, urging immediate action to modernize aging infrastructure and enhance cybersecurity measures. Tune in to learn more about these critical issues and how to safeguard against them.
00:00 Introduction to Cybersecurity Threats
00:16 Dark Web Credentials for Sale
01:56 FortiGate Firewall Configuration Leak
03:16 PowerSchool Data Breach
04:33 Rising Threats in the Energy Sector
06:42 Conclusion and Final Thoughts -
Critical Cybersecurity Updates: Avery Data Breach, Hamilton Ransomware Attack, and Microsoft Outlook Patch
In this episode of Cybersecurity Today, host Jim Love covers significant cybersecurity incidents and updates. Avery experiences a massive data breach affecting 61,000 customers due to a credit card skimmer. The city of Hamilton commits $52 million to rebuild its IT infrastructure following a ransomware attack. A new study unveils serious vulnerabilities in Internet tunneling protocols, potentially exposing over 4.2 million systems globally. Lastly, Microsoft issues a critical patch for an actively exploited vulnerability in Outlook, urging users to update immediately. Stay informed on these pressing cybersecurity issues!
00:00 Introduction and Headlines
00:23 Vulnerabilities in Internet Tunneling Protocols
01:49 Avery Data Breach Details
03:05 Hamilton's Ransomware Attack and Recovery Plan
04:27 Microsoft Outlook Critical Patch
05:49 Conclusion and Contact Information -
Cybersecurity Today: Sneaky 2FA Phishing Attack & AI-Powered Scams
In this episode of Cybersecurity Today, host Jim Love explores the emergence of Sneaky 2FA, a new phishing-as-a-service attack that compromises two-factor authentication for Microsoft 365 users. The episode also covers a legal case where a scam led a Western Australian company to lose $190,000, underscoring the importance of robust payment verification processes. The discussion extends to AI-powered romance scams, featuring deep fake technology that has defrauded victims worldwide, highlighting the growing need for advanced fraud detection and awareness.
00:00 Introduction to Cybersecurity Threats
00:23 Sneaky 2FA: A New Phishing Threat
01:54 Legal Consequences of Email Scams
03:34 AI-Powered Romance Scams
05:34 Conclusion and Contact Information -
Addressing Social Media Fraud: Insights from Netcraft's Robert Duncan
In this weekend edition of Cybersecurity Today, host Jim Love discusses the growing issue of fraud in the cybersecurity landscape. Jim interviews Robert Duncan, VP of Product Strategy at Netcraft, who sheds light on their research into fraudulent activities on social media platforms, particularly focusing on Truth Social. The conversation delves into the mechanics of conversational scams, the role of crypto in fraud, and the challenges faced by social media platforms in combating these threats. They also discuss the need for better protective measures and the varying approaches to content moderation across different jurisdictions. Tune in for an in-depth look into the pervasive issue of online fraud and the ongoing efforts to fight it.
00:00 Introduction to Cybersecurity Today
00:21 Interview with Robert Duncan from Netcraft
01:12 Understanding Social Media Scams
06:09 The Role of Crypto in Scams
14:25 Challenges and Responsibilities of Social Media Platforms
23:31 Future Research and Conclusion -
Cybersecurity Today: High-Speed Go Library Exploits & Major Data Breaches
In today's episode, host Jim Love covers recent cybersecurity threats including the exploitation of a high-speed Go library to target Microsoft 365 accounts, North Korea's Lazarus Group's new tactics to lure developers with AI-enhanced job scams, and the leak of sensitive data from over 15,000 FortiGate devices by the Belson Group. Learn more about these threats and how to protect your systems.
00:00 Hackers Exploit High-Speed Go Library to Target Microsoft 365
02:07 North Korea's Lazarus Group Targets Developers with Job Scams
04:09 Belson Group Leaks Sensitive Data from FortiGate Devices
05:58 Conclusion and Contact Information -
Cybersecurity Rundown: YouTube Malware, Strava Leaks, UK Ransomware Ban, AWS Exploits & Fortinet Vulnerabilities
In this episode of 'Cybersecurity Today,' host Jim Love covers critical cybersecurity topics including YouTubers targeted with malware links, fitness apps leaking military secrets, a proposed UK ransomware payment ban, a new ransomware gang exploiting AWS encryption tools, and Fortinet firewalls facing potential zero-day attacks. Key insights, expert warnings, and security recommendations are discussed to help protect users and organizations from these growing cyber threats.
00:00 Introduction to Cybersecurity News
00:23 Malware Links Targeting YouTubers
02:01 Fitness Apps Leaking Military Secrets
03:46 UK Proposes Ransomware Payment Ban
05:08 AWS Encryption Exploited by Ransomware
07:12 Fortinet Firewalls Zero-Day Attack
08:12 Conclusion and Contact Information -
Massive Data Breaches, Apple Targeted, Facebook Security Flaw - Cybersecurity Today
In this episode of Cybersecurity Today, host Jim Love covers a massive breach revealing how location data is harvested through thousands of popular mobile apps on Android and iOS. Files leaked from Gravy Analytics expose critical privacy concerns with real-time bidding systems. Additionally, hackers are increasingly targeting Apple devices, including a breakthrough hack of iPhone 15's USB-C controller. The episode also discusses a critical vulnerability in Meta's Facebook ad platform, highlighting the importance of up-to-date security measures in ad tech.
00:00 Introduction to Cybersecurity Today
00:23 Massive Location Data Harvesting Exposed
02:03 Apple Devices Under Attack
04:05 Critical Vulnerability in Facebook Ad Platform
05:39 Conclusion and Contact Information -
Cybersecurity 2025: Predictions, Challenges, and AI Impacts
Welcome to Cybersecurity Today with your host, Jim Love! In this special episode, our expert panel looks ahead to 2025, discussing potential cybersecurity threats and emerging themes. Featuring Laura Payne from White Tuque, Daina Proctor from IBM, and David Shipley, CEO and culture critic from Beauceron Security, the panel dives into significant topics such as the recent Power Schools data theft, the anticipated surge in SaaS provider attacks, and the evolution of AI in the workforce. They also address crucial issues in public institutions, phishing vulnerabilities, and the looming threat of quantum computing. Tune in for an engaging and thought-provoking discussion on the future of cybersecurity.
00:00 Introduction and Panelist Introduction
00:35 Major Cybersecurity Incidents of 2024
03:40 The Impact of SaaS Provider Breaches
06:59 Challenges in Cybersecurity Culture and Practices
18:39 Global Cybersecurity Threats and Geopolitical Implications
24:04 The Pitfalls of Regulation Implementation
25:02 The Checklist Mentality in Security
26:36 The Role of AI in Modern Workplaces
27:54 The Dangers of Blind Faith in Technology
30:33 The Rise of AI Employees
40:37 Quantum Computing and AI: The Future
45:14 Resolutions and Reflections for the New Year -
Cybersecurity Alert: Free VPN Risks, Packers' Data Breach, and SonicWall Vulnerability
In this episode, host Jim Love delves into critical cybersecurity issues including the hidden dangers of free VPNs, a payment skimmer attack on the Green Bay Packers’ online pro shop, and a severe vulnerability in SonicWall’s SonicOS firmware. Learn why 90% of free VPNs can compromise your security, the impact of the Packers' data breach affecting 8,500 fans, and the urgent need to update SonicWall devices to prevent potential exploitation. Stay informed to protect your privacy and data!
00:00 The Hidden Dangers of Free VPNs
02:30 The Green Bay Packers Payment Skimmer Attack
04:35 SonicWall's Critical Vulnerability Alert
06:29 Show Wrap-Up and Weekend Preview -
Cybersecurity Updates: New US Cyber Trust Mark & Rising Threats
In this episode of Cyber Security Today, host Jim Love discusses the launch of the US Cyber Trust Mark, a new cybersecurity safety label for smart devices. The episode also covers increasing Mac OS attacks by North Korean hackers, including the discovery of the Spectral Blur backdoor, and US Treasury sanctions against Integrity Technology Group for supporting Chinese state-sponsored hacking. Tune in for critical insights on these pressing cybersecurity issues.
00:00 Cyber Security Safety Labels for Smart Devices
02:27 North Korean Hackers Targeting Mac OS
04:03 U.S. Sanctions Chinese Cybersecurity Firm
06:24 Conclusion and Contact Information -
In this episode, we delve into the latest cybersecurity threats and developments. We cover a new double click exploit that bypasses browser protections and a massive compromise affecting millions of Chrome users through infected extensions. Additionally, we discuss the U.S. Treasury hack linked to Chinese state-sponsored hackers and how CrowdStrike rebounded from the largest IT outage in history. Join host Jim Love to explore these critical issues and understand the implications for both users and organizations.
00:00 Introduction and Headlines
00:25 Browser Exploits: Double Click and Extensions
03:24 U.S. Treasury Breach Linked to Chinese Hackers
06:03 CrowdStrike's Comeback After Major IT Outage
09:43 Conclusion and Final Thoughts - Visa fler
