Jim Love
Cybersecurity Today
Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.
Wo hören?
Podcasts in der App Replaio Radio Bald verfügbarPodcasts kommen bald in die App. Installiere sie jetzt und erlebe als Erster einen ganz neuen Blick auf Podcasts
Folgen
AI Export Controls, FortiBleed, Third-Party Breaches & CISO Burnout | Cybersecurity Today Panel 11.07.2026 1:01:54
Can governments decide who gets access to advanced AI models? Are third-party breaches becoming impossible to control? And why are so many CISOs reaching burnout? In this special Cybersecurity Today Month in Review Panel, host Jim Love is joined by cybersecurity experts Laura Payne, David Shipley, and Mike Kim (Mycroft) to examine the biggest cybersecurity stories and trends from June 2026. The pa...
A questionable breach, bad routers at home and at work and AI gives defenders a win 10.07.2026 12:42
This episode covers a hacker's claim of stealing 35GB from Accenture—including source code, Azure personal access tokens, RSA keys, and SSH keys—while Accenture calls it an isolated, remediated matter, leaving uncertainty about potential downstream risk to its Fortune 500-heavy client base. It also highlights a deepfake image of Senator Mitch McConnell debunked after Google's invisible SynthID w...
Scattered Spider squashed, Rogue Agent AI flaw, 16 year-old Linux bug and new phish hunts marketers 08.07.2026 13:53
Cybersecurity Today host David Shipley covers how a newly unsealed U.S. complaint tied an alleged Scattered Spider member to a luxury retailer intrusion using a persistent Windows device ID, with prosecutors alleging help-desk social engineering, admin account takeover, data exfiltration, and an $8 million ransom demand; the episode also notes additional Scattered Spider-related guilty pleas in th...
AI-Run Ransomware, New Oracle Critical Flaw, NetNut busted 06.07.2026 14:26
AI-Run Ransomware, New Oracle 9.8 Flaw Exploited, NetNut Proxy Network Busted, and Pegasus Hits EU Spyware Investigator This episode covers researchers' report of "Jade Puffer," the first ransomware attack run end-to-end by an autonomous AI agent, which exploited a patched Langflow RCE (CVE-2025-3248) but showed flaws like weak AES-128 ECB encryption and an unusable key. It also warns of activ...
Teams battles bots, Bioshocking AI browser guardrails, Fortibleed fuels ransomware 03.07.2026 10:58
Teams cracks down on meeting bots, AI guardrails get bypassed, FortiBleed fuels ransomware, and Nissan confirms PeopleSoft breach Microsoft rolls out a new Teams admin policy, "Manage External Bots and Their Access to Meetings," to detect third‑party bots, hold them in the lobby with labels, and require organizer approval, with future allow lists, full blocks, reports, and audit logs planned. ...
US puts $10m bounty on Russian hackers, new phish hunts hotels, Supreme Court reins in geofencing 01.07.2026 11:13
US Puts $10M Bounty on Russian Hackers, Supreme Court Limits Geofence Warrants, New phishing campaign targets hotels, AI Coding Agents Tricked into Malware and Canada's Electronic Spies Go After Ransomware Gangs. The episode covers the US State Department's up to $10 million reward for information on Russia-linked hacker groups UNC 5792 and UNC 4221 tied to phishing campaigns that compromise Sign...
US Restricts Frontier AI models 29.06.2026 11:14
US Loosens Anthropic Claude Mythos Access, Unpatchable iPhone Exploit Emerges, and CISO Burnout Drives Fractional Shift Washington granted a partial reprieve allowing Anthropic's Claude Mythos to be released to more than 100 approved U.S. firms and institutions after export controls paused Mythos and the more restricted Fable 5, with access still limited to vetted American entities; the same day,...
Why Car Dealerships Are Prime Cyber Targets: Fraud, Resilience, and Security Leadership with Jennifer Hutton 27.06.2026 37:15
Cybersecurity Today would like to than Material Security for their support of this podcast. On Cybersecurity Today on the Weekend, the host speaks with Jennifer Hutton, a cybersecurity leader in the car dealership sector, about how she entered cybersecurity through increasing cyber insurance requirements and why dealerships are prime targets because they hold bank-level sensitive data and run com...
Malware gaslights AI 26.06.2026 10:56
Mac Malware Gaslights AI, Major Info-Stealer Takedown, OpenAI's Patch the Planet, and FortiBleed Fallout Mac malware called "Gaslight," attributed to North Korea-aligned actors, plants fake system messages designed to derail AI-based analysis while stealing data and exfiltrating it via a Telegram bot. Microsoft and Europol disrupted the Amadey and SteelC info-stealer ecosystem by seizing/shutter...
FortiBleed: Fortinet Says It's Not a Bug 24.06.2026 10:38
Fortinet finally weighs in on FortiBleed - it's not a bug. Plus a healthcare AI firm loses 1.4 million people's data to a single phishing email, a trading bot built to prey on others gets played for $15 million, and LastPass lands back on a breach list it didn't cause. 00:00 Headlines 00:28 Xsolis Phishing Fallout 01:47 Texas License Vendor Hack 02:59 MEV Bot Gets Robbed 05:26 FortiBleed Fortine...
Stolen OAuth Tokens Hit Security Firms, AryStinger Router Botnet Emerges, AI Deepfake Cyberstalking 22.06.2026 10:03
A breach at market intelligence platform Klue allowed attackers to steal OAuth tokens linking Clue to customers' Salesforce environments, enabling quiet API-driven data extraction from firms including Huntress, Recorded Future, Tanium, and Jamf; Clue revoked tokens, removed the legacy integration credential involved, and engaged CrowdStrike as Icarus threatens extortion, echoing earlier Salesforce...
5 People You Meet In Cybersecurity - David Shipley Interviews Amy Lee 20.06.2026 29:59
In this special Cybersecurity Today weekend interview, host David Shipley speaks with Amy Yee about leadership, resilience, and the human side of cybersecurity. Amy shares her remarkable journey from electrical engineering and venture capital to becoming the inaugural Chief Digital Officer at Accreditation Canada and Health Standards Organization, where she helped build the digital foundation used...
FortiBleed Emergency: 74,000 Fortinet Logins Exposed 19.06.2026 40:12
A special crossover episode of Cybersecurity Today and Hashtag Trending for June 19, 2026. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning after security researchers uncovered the FortiBleed dataset, exposing credentials tied to approximately 74,000 Fortinet firewall and SSL VPN devices across 194 countries. Researchers found the data on an exposed thr...
Scam Losses Surge - Cybersecurity Today 17.06.2026 10:31
Cybersecurity Today host David Shipley reports that the FTC says Americans lost $3.5 billion to imposter scams in 2025—nearly triple 2020—with social media tied to $2.1 billion in losses and total fraud reaching about $16 billion, while the FBI estimates cyber-enabled losses nearer $21 billion and potentially far higher. Security researchers, including Katie Moussouris, argue the U.S. government's...
Anthropic Models Blocked, FBI Takes Down $1.9B Phishing Network, Critical Splunk Flaw, and more 15.06.2026 10:35
The U.S. government orders Anthropic to shut down foreign access to its Fable 5 and Mythos 5 AI models after the Pentagon labels the company a supply-chain risk. David Shipley examines what may be behind the decision and what it means for countries and businesses that depend on American AI platforms. The FBI also disrupts Outsider Enterprise, a China-based phishing-as-a-service network linked to...
CyberTitan Champions: Inside Canada's National High School Cybersecurity Competition (and CyberPatriot) 13.06.2026 37:22
Cybersecurity Today on the Weekend interviews the winning Canadian CyberTitan team ("S-ores"/a regex-based name) along with coach Phil, educator Tim, and CyberTitan manager Sheena to explain how CyberTitan (run by ICTC) connects to the international CyberPatriot program. They describe the competition mechanics—securing compromised Windows, Windows Server, and Linux virtual machines for points, plu...
Anthropic Warns AI Risks Are Real, RoguePlanet Zero-Day Drops, Crypto Laundering Takedown 12.06.2026 9:25
Anthropic is calling for governments to have the authority to stop deployment of advanced AI systems that pose unacceptable risks. CEO Dario Amodei points to the company's Mythos cybersecurity model as proof that AI has become a matter of national and strategic consequence, warning that cyber risks may soon be followed by biological and autonomy risks. Meanwhile, security researcher Nightmare Ecli...
AI Worms, Hacks, and Insurance Shifts 10.06.2026 9:39
Instagram AI Support Hack Hits 20,225 Accounts; AI Worm 'Hades' Lies to Security Tools; Chrome Zero-Day Patch Host David Shipley reports Meta says 20,225 Instagram accounts were hijacked after an AI support tool was tricked into sending reset links to attacker-controlled emails, with only MFA-protected accounts resisting. Step Security details a new Miasma-derived worm wave called Hades that targe...
Claude Outage Data Leak, Microsoft GitHub Worm, IBM Hack, M Instagram Takeovers, Canada's Bill C-8 08.06.2026 10:21
TClaude Outage Data Leak Fears, Microsoft GitHub Worm, IBM Hack Allegations, Meta AI Instagram Takeovers, and Canada's Bill C-8 David Shipley reports that Anthropic's Claude suffered a roughly two-hour outage affecting models including Opus, during which a user alleged receiving another customer's conversation; Anthropic says it has no evidence of a data leak and is investigating. A Team PCP self-...
Cybersecurity Today Month in Review: Microsoft Zero-Days, AI Deregulation 06.06.2026 1:05:25
Host Jim Love and panelists David Shipley, Laura Payne, and Jeff Williams discuss a researcher ("Chaotic/Nightmare Eclipse") publicly disclosing multiple Windows zero-days affecting components including Defender and BitLocker, frustration with Microsoft's vulnerability disclosure process, and backlash to Microsoft's initially threatening tone before it was partially walked back; the panel debates...
New HTTP/2 Bomb Attack, Trump's AI Security Reviews, Android Zero-Day & The Patching Crisis 05.06.2026 11:43
A newly disclosed attack called HTTP/2 Bomb can crash major web servers in seconds using a single computer and a modest internet connection. Researchers say the attack combines two known techniques into a powerful memory-exhaustion exploit affecting widely used platforms including Apache, NGINX, Microsoft IIS, and Envoy. The attack also highlights a growing trend in cybersecurity research: the use...
Carnival Data Breach Exposes Millions as Microsoft Backs Down on Researcher Threats 03.06.2026 9:37
Cybersecurity Today for June 2, 2026. Microsoft has backed away from its hard-line stance against vulnerability researchers after widespread criticism from the security community. The dispute began after independent researcher Nightmare Eclipse published proof-of-concept code for unpatched Microsoft vulnerabilities, triggering a public debate over responsible disclosure, zero-days, and researcher...
Microsoft Threatens Security Researcher | Palo Alto VPN Exploited | Google Insider Trading Case 01.06.2026 11:46
Microsoft's dispute with a former security researcher takes a dramatic turn as the company raises the possibility of criminal action over the publication of proof-of-concept code for unpatched zero-day vulnerabilities. David Shipley examines the escalating conflict between Microsoft and "Nightmare Eclipse," the criticism from prominent security researchers including Kevin Beaumont and Katie Mousso...
Cybersecurity & Arctic Sovereignty: Protecting Canada's Most Vulnerable Infrastructure Cheryl Biswas 29.05.2026 29:51
Host David Shipley speaks with cybersecurity professional Cheryl Biswas about her journey into the industry and why she believes Arctic sovereignty must be viewed as a cybersecurity challenge as much as a geopolitical one. Biswas traces her path from political science and a help desk role at CP Rail to cybersecurity, inspired by the discovery of the Stuxnet malware and the global security communit...
CISA Orders Emergency Drupal Patch | Microsoft Server Bug | Google Fights Canada Surveillance Bill 27.05.2026 10:32
CISA has ordered U.S. federal civilian agencies to urgently patch an actively exploited critical Drupal SQL injection vulnerability (CVE-2026-9082) affecting PostgreSQL-backed Drupal deployments, after Imperva reported more than 15,000 attack attempts across 65 countries. Microsoft has confirmed a strange Windows Server 2016 update issue where KB5087537 can break domain controller discovery when s...
Ähnliche Podcasts
Replaio ist kein Herausgeber von Podcasts; die Namen der Sendungen, Cover und Audioinhalte gehören ihren Autoren und werden über öffentliche RSS-Feeds verbreitet