Cybersecurity Today: Sneaky 2FA Phishing Attack & AI-Powered Scams

In this episode of Cybersecurity Today, host Jim Love explores the emergence of Sneaky 2FA, a new phishing-as-a-service attack that compromises two-factor authentication for Microsoft 365 users. The episode also covers a legal case where a scam led a Western Australian company to lose $190,000, underscoring the importance of robust payment verification processes. The discussion extends to AI-powered romance scams, featuring deep fake technology that has defrauded victims worldwide, highlighting the growing need for advanced fraud detection and awareness.

00:00 Introduction to Cybersecurity Threats 00:23 Sneaky 2FA: A New Phishing Threat 01:54 Legal Consequences of Email Scams 03:34 AI-Powered Romance Scams 05:34 Conclusion and Contact Information

Addressing Social Media Fraud: Insights from Netcraft's Robert Duncan

In this weekend edition of Cybersecurity Today, host Jim Love discusses the growing issue of fraud in the cybersecurity landscape. Jim interviews Robert Duncan, VP of Product Strategy at Netcraft, who sheds light on their research into fraudulent activities on social media platforms, particularly focusing on Truth Social. The conversation delves into the mechanics of conversational scams, the role of crypto in fraud, and the challenges faced by social media platforms in combating these threats. They also discuss the need for better protective measures and the varying approaches to content moderation across different jurisdictions. Tune in for an in-depth look into the pervasive issue of online fraud and the ongoing efforts to fight it.

00:00 Introduction to Cybersecurity Today 00:21 Interview with Robert Duncan from Netcraft 01:12 Understanding Social Media Scams 06:09 The Role of Crypto in Scams 14:25 Challenges and Responsibilities of Social Media Platforms 23:31 Future Research and Conclusion

Cybersecurity Today: High-Speed Go Library Exploits & Major Data Breaches

In today's episode, host Jim Love covers recent cybersecurity threats including the exploitation of a high-speed Go library to target Microsoft 365 accounts, North Korea's Lazarus Group's new tactics to lure developers with AI-enhanced job scams, and the leak of sensitive data from over 15,000 FortiGate devices by the Belson Group. Learn more about these threats and how to protect your systems.

00:00 Hackers Exploit High-Speed Go Library to Target Microsoft 365 02:07 North Korea's Lazarus Group Targets Developers with Job Scams 04:09 Belson Group Leaks Sensitive Data from FortiGate Devices 05:58 Conclusion and Contact Information

Cybersecurity Rundown: YouTube Malware, Strava Leaks, UK Ransomware Ban, AWS Exploits & Fortinet Vulnerabilities

In this episode of 'Cybersecurity Today,' host Jim Love covers critical cybersecurity topics including YouTubers targeted with malware links, fitness apps leaking military secrets, a proposed UK ransomware payment ban, a new ransomware gang exploiting AWS encryption tools, and Fortinet firewalls facing potential zero-day attacks. Key insights, expert warnings, and security recommendations are discussed to help protect users and organizations from these growing cyber threats.

00:00 Introduction to Cybersecurity News 00:23 Malware Links Targeting YouTubers 02:01 Fitness Apps Leaking Military Secrets 03:46 UK Proposes Ransomware Payment Ban 05:08 AWS Encryption Exploited by Ransomware 07:12 Fortinet Firewalls Zero-Day Attack 08:12 Conclusion and Contact Information

Massive Data Breaches, Apple Targeted, Facebook Security Flaw - Cybersecurity Today

In this episode of Cybersecurity Today, host Jim Love covers a massive breach revealing how location data is harvested through thousands of popular mobile apps on Android and iOS. Files leaked from Gravy Analytics expose critical privacy concerns with real-time bidding systems. Additionally, hackers are increasingly targeting Apple devices, including a breakthrough hack of iPhone 15's USB-C controller. The episode also discusses a critical vulnerability in Meta's Facebook ad platform, highlighting the importance of up-to-date security measures in ad tech.

00:00 Introduction to Cybersecurity Today 00:23 Massive Location Data Harvesting Exposed 02:03 Apple Devices Under Attack 04:05 Critical Vulnerability in Facebook Ad Platform 05:39 Conclusion and Contact Information

Cybersecurity 2025: Predictions, Challenges, and AI Impacts

Welcome to Cybersecurity Today with your host, Jim Love! In this special episode, our expert panel looks ahead to 2025, discussing potential cybersecurity threats and emerging themes. Featuring Laura Payne from White Tuque, Daina Proctor from IBM, and David Shipley, CEO and culture critic from Beauceron Security, the panel dives into significant topics such as the recent Power Schools data theft, the anticipated surge in SaaS provider attacks, and the evolution of AI in the workforce. They also address crucial issues in public institutions, phishing vulnerabilities, and the looming threat of quantum computing. Tune in for an engaging and thought-provoking discussion on the future of cybersecurity.

00:00 Introduction and Panelist Introduction 00:35 Major Cybersecurity Incidents of 2024 03:40 The Impact of SaaS Provider Breaches 06:59 Challenges in Cybersecurity Culture and Practices 18:39 Global Cybersecurity Threats and Geopolitical Implications 24:04 The Pitfalls of Regulation Implementation 25:02 The Checklist Mentality in Security 26:36 The Role of AI in Modern Workplaces 27:54 The Dangers of Blind Faith in Technology 30:33 The Rise of AI Employees 40:37 Quantum Computing and AI: The Future 45:14 Resolutions and Reflections for the New Year

Cybersecurity Alert: Free VPN Risks, Packers' Data Breach, and SonicWall Vulnerability

In this episode, host Jim Love delves into critical cybersecurity issues including the hidden dangers of free VPNs, a payment skimmer attack on the Green Bay Packers’ online pro shop, and a severe vulnerability in SonicWall’s SonicOS firmware. Learn why 90% of free VPNs can compromise your security, the impact of the Packers' data breach affecting 8,500 fans, and the urgent need to update SonicWall devices to prevent potential exploitation. Stay informed to protect your privacy and data!

00:00 The Hidden Dangers of Free VPNs 02:30 The Green Bay Packers Payment Skimmer Attack 04:35 SonicWall's Critical Vulnerability Alert 06:29 Show Wrap-Up and Weekend Preview

Cybersecurity Updates: New US Cyber Trust Mark & Rising Threats

In this episode of Cyber Security Today, host Jim Love discusses the launch of the US Cyber Trust Mark, a new cybersecurity safety label for smart devices. The episode also covers increasing Mac OS attacks by North Korean hackers, including the discovery of the Spectral Blur backdoor, and US Treasury sanctions against Integrity Technology Group for supporting Chinese state-sponsored hacking. Tune in for critical insights on these pressing cybersecurity issues.

00:00 Cyber Security Safety Labels for Smart Devices 02:27 North Korean Hackers Targeting Mac OS 04:03 U.S. Sanctions Chinese Cybersecurity Firm 06:24 Conclusion and Contact Information

In this episode, we delve into the latest cybersecurity threats and developments. We cover a new double click exploit that bypasses browser protections and a massive compromise affecting millions of Chrome users through infected extensions. Additionally, we discuss the U.S. Treasury hack linked to Chinese state-sponsored hackers and how CrowdStrike rebounded from the largest IT outage in history. Join host Jim Love to explore these critical issues and understand the implications for both users and organizations.

00:00 Introduction and Headlines 00:25 Browser Exploits: Double Click and Extensions 03:24 U.S. Treasury Breach Linked to Chinese Hackers 06:03 CrowdStrike's Comeback After Major IT Outage 09:43 Conclusion and Final Thoughts

Cybersecurity Year in Review: Future Challenges and Industry Insights

Join host Jim Love and a panel of cybersecurity experts—Terry Cutler from Cyology Labs, David Shipley from Beauceron Security, and Laura Payne of White Tuque—as they review the key cybersecurity events of the past year. Topics discussed include the increasing cyber threats to universities, healthcare systems, and critical infrastructure; the importance of proper cybersecurity measures and employee training; the complexities of adopting quantum-safe encryption protocols; and the impact of AI and shadow IT on cybersecurity. The panel concludes with actionable advice for improving organizational cybersecurity posture in the coming year.

00:00 🎄 The 12 Days of Cyber Christmas 🎄 00:29 🔍 Year in Review: Cybersecurity Highlights 00:40 👥 Meet the Expert Panel 01:19 🏫 University Cyber Attacks: A Growing Concern 02:25 🔒 Penetration Testing vs. Vulnerability Scanning 03:09 🛡️ Persistent Threats and Active Directory Issues 06:28 💡 Strategies for Cybersecurity in Universities 07:34 💰 Funding and Legislation for Cybersecurity 13:52 🛠️ Practical Steps for Cybersecurity on a Budget 18:36 🔐 Quantum Readiness and Future Challenges 25:11 Quantum Computing: The Reality and Risks 25:53 Human Ingenuity and Risk Management 26:29 The Future of Cybersecurity: Q Day and Certificate Rotations 28:02 Major Cybersecurity Incidents of the Year 29:41 The Rise of Ransomware and Supply Chain Attacks 35:35 AI in Cybersecurity: Opportunities and Challenges 38:49 Critical Infrastructure Vulnerabilities 47:09 Year-End Reflections and Looking Forward

Cybersecurity Today: LastPass Hack Fallout, TP-Link Router Ban, and Microsoft's Passwordless Future

In our final daily news show of the season, host Jim Love covers key cybersecurity stories, including millions stolen from crypto wallets linked to the 2022 LastPass breach, potential US ban on TP-Link routers over national security concerns, and Microsoft's push for a passwordless future with passkeys. Don't miss our weekend wrap-up with the cybersecurity panel and special holiday content. Stay tuned for new episodes starting January 6th. Happy holidays!

00:00 Season Finale Announcement 00:29 Crypto Wallets Hacked: Fallout from LastPass Breach 02:38 TP Link Routers Under Scrutiny 04:38 Microsoft's Push for a Passwordless Future 06:38 Holiday Wishes and Future Plans