Cybersecurity Today

North Korean hackers are on the prowl, targeting wealthy crypto investors using deceptive tactics. Meanwhile, LinkedIn takes legal action against firms creating fake profiles to scrape user data. A significant ransomware campaign is shaking up Oracle's E-Business Suite, with demands soaring to $50 million. Additionally, new research reveals that AI tools are quickly becoming a primary channel for corporate data leaks, as employees inadvertently expose sensitive information through unmanaged accounts.

A startling flaw in the Perplexity Comet AI browser allows malicious prompts to turn it into a data thief with one click. Meanwhile, Discord reveals a data breach that exposes users' personal information via a compromised third-party vendor. Researchers also note a staggering 500% surge in scans targeting Palo Alto's login portals, indicating possible future attacks. Finally, the US Department of Defense’s decision to cut cybersecurity training raises alarm about maintaining defense readiness amidst rising cyber threats.

Tammy Harper, a researcher focused on cybercrime and dark-web intelligence, Laura Payne, an expert in security awareness and insider threats, and David Shipley, CEO of Beauceron Securities, dive into pressing cybersecurity themes. They discuss the alarming resurgence of the Clop ransomware group and their shift to data extortion, coupled with insider threats highlighted by a case at RBC. The conversation also covers the impact of AI in identifying scams, the emotional toll of romance scams, and the ethical boundaries of cybercrime, emphasizing the need for improved security awareness.

A recent breach of Red Hat's GitLab server raises alarms about exposed network maps and tokens. Meanwhile, the CLOP gang targets Oracle E-Business Suite clients, demanding ransoms for sensitive data. Surveys reveal Canadian businesses are overconfident in their cyber defenses, despite frequent attacks and low adoption of zero trust strategies. Additionally, the recent termination of CISA's critical support agreement poses significant risks for local governments amid a federal shutdown. Tune in for essential insights and urgent action items.

Urgent cybersecurity alerts dominate the discussion, highlighting critical vulnerabilities in Cisco firewalls and Sudo. National security agencies are pushing for immediate updates to combat these threats. The risks associated with a remote command flaw in Western Digital MyCloud devices are also on the table. Additionally, the rising danger of real-time AI voice cloning is emphasized, with experts urging stronger verification processes to fight potential social engineering attacks. Stay informed and secure in this rapidly evolving digital landscape!

In this discussion, Lockbit 5.0 ransomware is revealed as a formidable new threat capable of simultaneous attacks on multiple platforms. A critical vulnerability in Salesforce's AI agents allows malicious prompts that can compromise sensitive data. The conversation also highlights the impressive advancements of China's Ministry of State Security under Xi Jinping, posing increased risks to Western security. Additional insights point to operational vulnerabilities in the U.S. that may have amplified these risks, underscoring the urgent need for enhanced cybersecurity measures.

Navigating the Complex Landscape of AI and Cybersecurity: A Conversation with Rob T. Lee In this weekend edition of Cybersecurity Today, host Jim Love interviews Rob T. Lee, the Chief AI Officer and Chief of Research at the SANS Institute. They discuss the intersection of AI, education, and security, highlighting the dual nature of AI as both a transformative technology with immense benefits and as a significant security risk. Rob shares his insights on how organizations can mitigate these risks by adopting a 'yes' framework towards AI, fostering a culture of learning and experimentation, and acknowledging the vulnerabilities and knowledge gaps in the field. He emphasizes the importance of community engagement, practical learning, and the role of AI champions in driving innovation while maintaining security. Throughout the conversation, they address the challenges of implementing AI governance and explore the need for continual adaptation in the fast-evolving tech landscape. 00:00 Introduction and Guest Introduction 00:25 AI: Potential and Risks 01:26 Business vs. Security 03:36 Rob's Background and Experience 05:18 The Role of Practitioners in SANS 08:46 Governance and Security Challenges 17:13 The Crisis of Competency in AI 25:03 Encouraging Hands-On Learning 30:41 The Importance of Executive Involvement 33:49 The Problem with Security and Shadow AI 34:05 The Consequences of Shadow AI 34:52 Evaluating and Banning AI Tools 36:48 The Role of Executives in AI Adoption 40:04 Learning and Adapting to AI 42:47 The Importance of Community and Vulnerability 51:19 Practical Steps for AI Governance 58:47 Final Thoughts and Resources

Cybersecurity Today: Shadow Leak, SIM Farm Shutdown, Cisco Zero-Day, FBI Warning & Android Advanced Protection In this episode of Cybersecurity Today, host Jim Love discusses several major cybersecurity issues. Key topics include the discovery of the 'Shadow Leak' vulnerability in ChatGPT servers by Radware, the dismantling of a massive SIM farm near the United Nations by the US Secret Service, a zero-day vulnerability affecting up to 2 million Cisco devices, an FBI warning about spoofed Internet Crime Complaint Center (IC3) websites, and a reminder about enabling Advanced Protection on Android phones. The episode also includes a shoutout to Jim Love's new audiobook 'Elisa, A Tale of Quantum Kisses,' available on multiple platforms. 00:00 Introduction and Sponsor Message 00:29 Shadow Leak Hits ChatGPT Servers 02:52 Massive SIM Farm Operation Uncovered 04:44 Cisco's Zero-Day Vulnerability 06:04 FBI Warns of Spoofed Crime Reporting Sites 07:07 Android's Advanced Protection Mode 08:00 Conclusion and Call to Action

Discover GitHub's proactive measures against NPM supply chain attacks, as they lock down vulnerabilities amidst rising threats. Learn about Gartner's alarming findings on the spike in deep fake and generative AI attacks, where impersonations and malicious uses are on the rise. Plus, hear about Yellowknife's impressive response to a recent cyber incident, highlighting their early detection and transparent communication during the crisis. This engaging discussion offers vital insights into the evolving landscape of cybersecurity.

Discover the fallout from a critical Microsoft Entra ID vulnerability that allowed for dangerous impersonations. Learn about the cyber attack that caused chaos at European airports. Delve into SpamGPT, a new AI tool being misused for phishing scams, and a zero-click flaw that poses risks to user privacy. On a brighter note, hear how Canadian authorities struck a significant blow against crypto crime by seizing over $40 million from the Trade Ogre platform. Stay informed about the rapidly changing landscape of cyber threats!