Cybersecurity Today

In this episode hosted by Jim Love, 'Cybersecurity Today' celebrates its recognition as number 10 on the Feed Spot list of Canadian News Podcasts and approaches a milestone of 10 million downloads. Key topics include new research identifying Nvidia GPUs as vulnerable to Rowhammer style attacks, Microsoft's significant security improvements in Microsoft 365, a critical Bluetooth vulnerability affecting 350 million cars, and a data exposure incident involving the Fredericton Police. Additionally, the official 'Elmo' account on X was hacked to post offensive content, emphasizing security gaps in high-profile social media accounts. For detailed information, visit technewsday.com or .ca. 00:00 Introduction and Milestones 00:52 Nvidia's Rowhammer Vulnerability 03:39 Microsoft's Security Overhaul 05:45 PerfektBlue Bluetooth Flaw 08:09 Police Data Leak Incident 10:12 Elmo's Twitter Account Hacked 12:43 Conclusion and Thanks

In this episode of 'Cybersecurity Today,' hosted by David Shipley from the Exchange Security 2025 conference, urgent updates are provided on critical cybersecurity vulnerabilities and threats. CISA mandates a 24-hour patch for Citrix NetScaler due to a severe vulnerability actively being exploited, dubbed 'Citrix Bleed.' Fortinet's FortiWeb also faces a critical pre-auth remote code execution flaw that demands immediate patching. Additionally, significant vulnerabilities in AI-driven developments are highlighted, including shortcomings in Jack Dorsey's BitChat app and a method to extract Windows keys from ChatGPT-4. The episode emphasizes the importance of timely updates, robust security measures, and the potential risks involved with AI-generated code. 00:00 Introduction and Overview 00:35 Urgent Citrix Vulnerability Alert 03:26 Fortinet FortiWeb Exploit Details 06:23 Ingram Micro Ransomware Recovery 09:26 AI Coding and Security Risks 14:03 ChatGPT Security Flaw Exposed 17:20 Conclusion and Contact Information

In this discussion, Tammy Harper, a Senior threat intelligence researcher at Flair, dives into alarming trends in cybercrime, including recent arrests linked to major scams. She discusses Scattered Spider's disturbing recruitment of youth for cybercrimes and emphasizes the urgent need for better cybersecurity education. The conversation explores AI's dual role in cybersecurity, highlighting both risks and opportunities. The panel also stresses the importance of strategic communication during incidents and the evolving tactics of cybercriminals, calling for proactive measures and ethical considerations in technology.

In this episode of Cybersecurity Today, host Jim Love discusses major updates on the recent cyber attack on Marks and Spencer, revealing new details and arrests. The breach involved sophisticated social engineering that infiltrated the company's network through an IT service provider, leading to 150GB of stolen data. Love then covers a massive insider breach at a Brazilian bank where an IT worker facilitated the theft of $140 million by selling login credentials. Lastly, the episode highlights a McDonald's HR data breach caused by weak security practices in an AI screening app, exposing millions of job applicant records. Key insights on these incidents emphasize the importance of robust cybersecurity measures and internal controls. 00:00 Introduction and Headlines 00:20 Marks and Spencer Hack: New Developments 04:07 Brazilian Bank Breach: An Inside Job 06:40 McDonald's HR Data Breach: A Comedy of Errors 10:21 Conclusion and Upcoming Features

In this episode of 'Cybersecurity Today,' host Jim Love discusses the recent deep fake attack on high-ranking US government officials using AI voice cloning technology. The conversation highlights the growing ease and risks of AI-generated impersonations. The episode also covers the advancements in AI systems connecting with enterprise data and the security implications, alongside recent updates on events like Ingram Micro's ransomware attack and Google's confusing Gemini AI rollout for Android. Additionally, the show explores a new method called Info Flood that can trick chatbots into providing dangerous information by using academic-sounding language. 00:00 Deep Fakes Hit US Government 02:40 AI Integration in Enterprise Systems 05:49 Ingram Micro Ransomware Attack Update 07:22 Google's Confusing Gemini Release 10:33 Exploiting AI with Academic Jargon 12:34 Conclusion and Contact Information

In this episode of Cybersecurity Today, host David Shipley discusses the recent Safe Play ransomware attack on technology distributor Ingram Micro, exploring its impact and ongoing recovery efforts. The script also examines a new campaign targeting misconfigured Linux servers to build proxy networks for cybercriminal activities. Additionally, the episode highlights the significant rise in Click Fix social engineering attacks and the criminal investigation into a former ransomware negotiator accused of profiting from extortion payments. 00:00 Introduction and Headlines 00:30 Ingram Micro Ransomware Attack 03:57 Linux Servers Under Attack 07:05 Rise of Click Fix Social Engineering Attacks 08:45 Ransomware Negotiator Under Investigation 10:13 Conclusion and Contact Information

In this episode of Cybersecurity Today, host Jim Love engages in a comprehensive conversation with Krish Banerjee, the Canada Managing Director at Accenture for AI and Data. They delve into the stark difference between perceived and actual preparedness for cybersecurity in the face of growing AI adoption. The discussion spans topics such as the role of AI in enterprise productivity, the need for better data management, and the integration of AI into various business functions. They also explore the importance of digital sovereignty, the challenges and opportunities in Canada's adoption of AI, and how open-source AI can benefit organizations. Krish emphasizes the significance of setting a clear value-driven goal, having the right tools and talent, and the necessity of adopting AI responsibly. The conversation wraps up with insights on how executives can navigate the AI landscape and prepare their organizations for future advancements. 00:00 Introduction to Cybersecurity and AI Concerns 02:10 Interview with Krish Banerjee: AI in Canada 03:17 The Evolution and Impact of AI 06:42 Enterprise AI: Challenges and Opportunities 15:20 Digital Sovereignty and National AI Strategies 25:07 Accelerating Technological Adoption 26:18 Dream Projects in AI 27:49 AI for Healthcare and Commercialization 31:02 The Future of AI and Economic Impact 35:31 Agentic AI: The Next Frontier 41:14 Open Source AI and Democratization 43:23 Advice for Executives and Parents 49:10 Conclusion and Final Thoughts

In today's episode of Cybersecurity Today, hosted by David Shipley, a report from the US Department of Justice unveils how criminal organizations use Ubiquitous Technical Surveillance (UTS) to track and kill FBI informants. Hawaiian Airlines experiences a cyber attack, potentially involving ransomware. The Supreme Court upholds Texas's age verification law for accessing online pornographic content. Additionally, researchers discover Bluetooth vulnerabilities affecting various audio devices, posing eavesdropping risks. The show discusses Scattered Spider's successful social engineering attacks on major industries, emphasizing the need for robust cybersecurity measures. 00:00 Introduction to Cybersecurity Threats 00:27 Ubiquitous Technical Surveillance: A Growing Threat 02:33 Assassination Linked to Data Brokers 04:21 Cyber Attacks on Airlines 05:02 Scattered Spider: The Prolific Cyber Threat 08:10 Bluetooth Vulnerabilities Exposed 10:53 US Supreme Court Upholds Texas Porn ID Law 13:32 Conclusion and Contact Information

Krish Banerjee, Canada Managing Director at Accenture for AI and Data, leads a team that champions AI integration in organizations. He and host Jim Love dive into the disconnect between businesses’ AI enthusiasm and their cyber readiness. They explore the importance of responsible AI implementation, digital sovereignty, and community-driven AI projects in healthcare. Krish emphasizes the need for tailored strategies and lifelong learning to harness AI's potential and ensure it benefits both businesses and society.

In this episode of 'Cybersecurity Today,' host Jim Love discusses urgent cybersecurity threats and concerns. Cisco has issued emergency patches for two maximum severity vulnerabilities in its Identity Services Engine (ISE) that could allow complete network takeover; organizations are urged to update immediately. A popular WordPress theme, Motors, has a critical vulnerability leading to mass exploitation and unauthorized admin account creation. A new ransomware group, Dire Wolf, has emerged, targeting manufacturing and technology sectors with sophisticated double extortion tactics. Lastly, an Accenture report reveals a dangerous gap between executive confidence and actual AI security preparedness, suggesting most major companies are not ready to handle AI-driven threats. The episode emphasizes the urgent need for immediate action and heightened awareness in the cybersecurity landscape. 00:00 Introduction and Headlines 00:26 Cisco's Critical Security Flaws 03:06 WordPress Theme Vulnerability Exploitation 05:57 Dire Wolf Ransomware Group Emerges 08:27 Accenture Report on AI Security Overconfidence 11:00 Conclusion and Upcoming Schedule