Cybersecurity Year in Review: Future Challenges and Industry Insights

Join host Jim Love and a panel of cybersecurity experts—Terry Cutler from Cyology Labs, David Shipley from Beauceron Security, and Laura Payne of White Tuque—as they review the key cybersecurity events of the past year. Topics discussed include the increasing cyber threats to universities, healthcare systems, and critical infrastructure; the importance of proper cybersecurity measures and employee training; the complexities of adopting quantum-safe encryption protocols; and the impact of AI and shadow IT on cybersecurity. The panel concludes with actionable advice for improving organizational cybersecurity posture in the coming year.

00:00 🎄 The 12 Days of Cyber Christmas 🎄 00:29 🔍 Year in Review: Cybersecurity Highlights 00:40 👥 Meet the Expert Panel 01:19 🏫 University Cyber Attacks: A Growing Concern 02:25 🔒 Penetration Testing vs. Vulnerability Scanning 03:09 🛡️ Persistent Threats and Active Directory Issues 06:28 💡 Strategies for Cybersecurity in Universities 07:34 💰 Funding and Legislation for Cybersecurity 13:52 🛠️ Practical Steps for Cybersecurity on a Budget 18:36 🔐 Quantum Readiness and Future Challenges 25:11 Quantum Computing: The Reality and Risks 25:53 Human Ingenuity and Risk Management 26:29 The Future of Cybersecurity: Q Day and Certificate Rotations 28:02 Major Cybersecurity Incidents of the Year 29:41 The Rise of Ransomware and Supply Chain Attacks 35:35 AI in Cybersecurity: Opportunities and Challenges 38:49 Critical Infrastructure Vulnerabilities 47:09 Year-End Reflections and Looking Forward

Cybersecurity Today: LastPass Hack Fallout, TP-Link Router Ban, and Microsoft's Passwordless Future

In our final daily news show of the season, host Jim Love covers key cybersecurity stories, including millions stolen from crypto wallets linked to the 2022 LastPass breach, potential US ban on TP-Link routers over national security concerns, and Microsoft's push for a passwordless future with passkeys. Don't miss our weekend wrap-up with the cybersecurity panel and special holiday content. Stay tuned for new episodes starting January 6th. Happy holidays!

00:00 Season Finale Announcement 00:29 Crypto Wallets Hacked: Fallout from LastPass Breach 02:38 TP Link Routers Under Scrutiny 04:38 Microsoft's Push for a Passwordless Future 06:38 Holiday Wishes and Future Plans

BlackBerry's Cylance Sale, Major AWS Breach, Klopp Ransomware Strikes Again, and Russian Cyber Attacks

In this episode of Cybersecurity Today, host Jim Love discusses BlackBerry's sale of Cylance to Arctic Wolf for significantly less than its purchase price, the massive AWS breach linked to the Shiny Hunters, Klopp ransomware attacks on Cleo's platforms, and the escalation of Russian cyber attacks on Western critical infrastructure. Tune in to get the details on these major cybersecurity developments and their implications.

00:00 Introduction and Sponsor Message 00:32 BlackBerry's Cylance Sale: A Strategic Move? 02:36 AWS Data Breach: Shiny Hunters Strike Again 04:54 Cleo Data Theft: Klopp Ransomware's Latest Exploit 06:39 Russian Cyber Attacks on Critical Infrastructure 08:32 Conclusion and Contact Information

PumaKit Linux Rootkit, Windows Defender Flaw, and Android Malware Outbreak!

In today's episode of Cybersecurity Today, host Jim Love delves into the discovery of the advanced Linux rootkit PumaKit, critical vulnerabilities in Microsoft's Windows Defender, a new multi-platform malware campaign downgrading browser security, and Germany's recent outbreak of pre-installed malware on 30,000 Android devices. We discuss the implications of these cybersecurity threats and the measures being taken to mitigate them. Stay informed and vigilant with our detailed analysis of these emerging cyber risks.

00:00 Introduction to Cybersecurity News 00:27 Advanced Linux Rootkit: PumaKit 01:59 Critical Windows Defender Vulnerability 03:42 Malware Downgrades Browser Security 05:08 Pre-installed Malware on Android Devices in Germany 07:02 Conclusion and Final Thoughts

AI and Quantum Computing: Waves of Innovation and Cybersecurity Concerns

In this episode of Cyber Security Today, host Jim Love delves into the latest in AI advancements, discussing their impact on cybersecurity with guests Marcel Gagné and John Pinard. The conversation covers a wide range of topics, including Google's recent quantum computing announcement, OpenAI's impressive features rollout, and practical applications for businesses. The team also discusses the security implications of these technological advancements and the importance of proactive cybersecurity measures. Tune in for an in-depth exploration of the evolving landscape of AI, quantum computing, and their intersection with cybersecurity.

00:00 Introduction to AI and Cybersecurity 00:29 Project Synapse AI in Action 02:05 Google's Quantum Computing Breakthrough 04:01 Quantum Computing: Hype vs Reality 14:42 AI and Deception: A New Report 32:39 Exploring Sora and Canvas 33:26 Canvas: Collaborative AI Tool 34:50 AI in Corporate Settings 35:53 Apple and OpenAI Integration 37:25 Advanced Voice and Vision Capabilities 41:59 Google Gemini and Real-Time Interaction 47:03 AI and Cybersecurity Concerns 52:27 The Future of AI and Privacy 57:55 Competitive AI Landscape 01:01:06 Concluding Thoughts and Future Discussions

Top 5 Phishing Exploits of 2024: Abnormal Security Report and More | Cybersecurity Today

In this episode of Cybersecurity Today, host Jim Love delves into Abnormal Security's end-of-year report outlining the top five phishing exploits of 2024 and their predictions for 2025. The episode covers cryptocurrency fraud, weaponized file sharing services, multi-channel phishing, business email compromise, and email account takeovers. Additionally, it highlights the alarming rise of text-based job scams, the takedown of a major vishing ring in Spain and Peru, and a $5 million U.S. reward to disrupt North Korean IT schemes. Stay informed on the latest cybersecurity threats and protections.

00:00 Introduction to Cybersecurity Today 00:27 Top Phishing Exploits of 2024 00:37 Cryptocurrency Fraud and File Sharing Scams 01:54 Multi-Channel Phishing and Business Email Compromise 03:10 Email Account Takeover and Future Predictions 04:39 Rise of Task Scams 06:53 Massive Vishing Operation Busted 08:42 North Korean IT Worker Fraud 11:15 Conclusion and Final Thoughts

SEC Cyber Disclosure Rules, Deloitte Hack Denial, and Critical Microsoft & SAP Patches | Cybersecurity Today

In this episode of Cybersecurity Today, host Jim Love delves into the ongoing confusion and compliance struggles faced by companies one year after the SEC's cyber disclosure rules were introduced. We analyze a BreachRx report revealing that less than 17% of public companies provide specific details in their cyber incident filings. Deloitte's recent denial of a data theft claim by the BrainCypher ransomware group is also discussed, along with the firm's history of cybersecurity challenges. Additionally, Microsoft and SAP have rolled out critical patches addressing severe vulnerabilities, emphasizing the urgency for users and organizations to apply these updates. Stay informed on these pressing cybersecurity issues.

00:00 Introduction and Headlines 00:20 SEC Cyber Disclosure Rules: One Year Later 02:30 Deloitte Denies BrainCypher Ransomware Allegations 04:23 Microsoft and SAP Issue Critical Patches 07:19 Conclusion and Show Notes

Cybersecurity Today: Email Frauds, Google Warnings, and U.S. Telecom Hacks

In this episode of Cybersecurity Today, host Jim Love discusses a personal encounter with email fraud attempts, including invoice scams and fake payroll changes. Google issues a stark warning to Gmail users about session cookie thefts leading to email takeovers. Additionally, the U.S. telecom industry grapples with the fallout from a major breach by Chinese hackers exploiting legacy systems. Love shares insights on improving email security and safeguarding against such sophisticated cyber threats. Tune in to learn more about the latest cyber challenges and solutions.

00:00 Introduction and Personal Encounter with Email Fraud 03:20 Google's Warning on Email Takeovers 05:12 Session Cookie Theft: A Rising Threat 06:48 U.S. Telecom Industry Infiltration by Chinese Hackers 08:44 Conclusion and Final Thoughts

Cyber Security Today: Navigating Novel Phishing Campaigns and Ransomware Tactics

Join host Jim Love and the Cyber Security Today panel featuring Terry Cutler of Cyology Labs, David Shipley of Beauceron Security, and cybersecurity executive John Pinard. In this episode, they delve into pressing cybersecurity challenges such as novel phishing tactics using corrupted Word documents, the importance of robust offboarding processes in light of breaches at major companies like Disney, and the ramifications of a major ransomware attack on the City of Hamilton. Topics also include the recurring issue of session cookie theft, the implications of third-party cybersecurity risk as seen in the Blue Yonder ransomware attack impacting Starbucks, and the rise of hacktivism. Tune in for valuable insights and discussions aimed at improving cybersecurity measures in an ever-evolving threat landscape.

00:00 Introduction and Panelist Introductions 00:40 David Shipley's Cyber Risk Talk 02:39 Novel Phishing Campaign Discussion 06:08 Fileless Malware and Human Error 10:44 Offboarding and Internal Audits 19:48 Vendor Responsibility and Ransomware 27:06 City of Hamilton Cyber Attack 28:19 Keynote Talks and Cybersecurity Challenges 29:30 The Reality of Cyber Attacks 29:46 Ransomware and Business Email Compromise 31:21 Cyber Insurance and Its Pitfalls 32:44 Andrew Tate Hack and Hacktivism 36:04 Chinese State-Sponsored Hacks 41:26 Canadian Cybersecurity Issues 44:53 Session Cookies and Two-Factor Authentication 49:45 AI in Software Development 56:42 Concluding Thoughts and Final Remarks

Massive Telecom Hack and the Future of Cybersecurity

In this episode of Cybersecurity Today, host Jim Love covers a series of crucial topics including a major cyber attack by Chinese hackers on U.S. telecom networks labeled as the biggest in history, the challenges tied to hardware upgrades for enhanced security, and the U.S. Department of Defense's efforts to combat deepfakes. The discussion underscores the importance of encryption, highlights moves by Microsoft and Google for hardware security, and explores the implications of AI-generated deepfakes for national security.

00:00 Introduction and Book Promotion 00:30 Major Cyber Attack on U.S. Telecom Networks 02:31 Encryption and Security Measures 03:59 Hardware Upgrades for Enhanced Security 06:19 Combating Deep Fakes 08:39 Conclusion and Upcoming Panel Discussion

Cybersecurity Today: From Data Theft to Total Destruction

In today's episode, we cover the latest shifts in cybercrime as hackers move from data theft to complete system destruction, impacting businesses on a massive scale. We discuss Palo Alto Networks' insights on these damaging attacks, Veeam's critical vulnerability patches, and a major breach affecting thousands in Saskatchewan. Additionally, we report on Russia's life sentence for a notorious cyber criminal leader and a significant European takedown of a cybercrime network. Stay informed with the latest in cybersecurity and learn about the steps being taken to counter these escalating threats.

00:00 Introduction: Cybersecurity Headlines 00:26 Evolving Cyber Threats: From Ransomware to Destruction 02:42 Veeam's Critical Vulnerability Patch 04:17 Saskatchewan Data Breach and Privacy Concerns 05:14 Massive Data Breach at SL Data Services 06:29 Russia's Crackdown on Cybercrime 08:21 Operation Passionflower: Dismantling Matrix 10:11 Conclusion and Show Notes