Cybersecurity Alert: Free VPN Risks, Packers' Data Breach, and SonicWall Vulnerability

In this episode, host Jim Love delves into critical cybersecurity issues including the hidden dangers of free VPNs, a payment skimmer attack on the Green Bay Packers’ online pro shop, and a severe vulnerability in SonicWall’s SonicOS firmware. Learn why 90% of free VPNs can compromise your security, the impact of the Packers' data breach affecting 8,500 fans, and the urgent need to update SonicWall devices to prevent potential exploitation. Stay informed to protect your privacy and data!

00:00 The Hidden Dangers of Free VPNs
02:30 The Green Bay Packers Payment Skimmer Attack
04:35 SonicWall's Critical Vulnerability Alert
06:29 Show Wrap-Up and Weekend Preview

Cybersecurity Updates: New US Cyber Trust Mark & Rising Threats

In this episode of Cyber Security Today, host Jim Love discusses the launch of the US Cyber Trust Mark, a new cybersecurity safety label for smart devices. The episode also covers increasing Mac OS attacks by North Korean hackers, including the discovery of the Spectral Blur backdoor, and US Treasury sanctions against Integrity Technology Group for supporting Chinese state-sponsored hacking. Tune in for critical insights on these pressing cybersecurity issues.

00:00 Cyber Security Safety Labels for Smart Devices
02:27 North Korean Hackers Targeting Mac OS
04:03 U.S. Sanctions Chinese Cybersecurity Firm
06:24 Conclusion and Contact Information

In this episode, we delve into the latest cybersecurity threats and developments. We cover a new double click exploit that bypasses browser protections and a massive compromise affecting millions of Chrome users through infected extensions. Additionally, we discuss the U.S. Treasury hack linked to Chinese state-sponsored hackers and how CrowdStrike rebounded from the largest IT outage in history. Join host Jim Love to explore these critical issues and understand the implications for both users and organizations.

00:00 Introduction and Headlines
00:25 Browser Exploits: Double Click and Extensions
03:24 U.S. Treasury Breach Linked to Chinese Hackers
06:03 CrowdStrike's Comeback After Major IT Outage
09:43 Conclusion and Final Thoughts

Cybersecurity Year in Review: Future Challenges and Industry Insights

Join host Jim Love and a panel of cybersecurity experts—Terry Cutler from Cyology Labs, David Shipley from Beauceron Security, and Laura Payne of White Tuque—as they review the key cybersecurity events of the past year. Topics discussed include the increasing cyber threats to universities, healthcare systems, and critical infrastructure; the importance of proper cybersecurity measures and employee training; the complexities of adopting quantum-safe encryption protocols; and the impact of AI and shadow IT on cybersecurity. The panel concludes with actionable advice for improving organizational cybersecurity posture in the coming year.

00:00 🎄 The 12 Days of Cyber Christmas 🎄
00:29 🔍 Year in Review: Cybersecurity Highlights
00:40 👥 Meet the Expert Panel
01:19 🏫 University Cyber Attacks: A Growing Concern
02:25 🔒 Penetration Testing vs. Vulnerability Scanning
03:09 🛡️ Persistent Threats and Active Directory Issues
06:28 💡 Strategies for Cybersecurity in Universities
07:34 💰 Funding and Legislation for Cybersecurity
13:52 🛠️ Practical Steps for Cybersecurity on a Budget
18:36 🔐 Quantum Readiness and Future Challenges
25:11 Quantum Computing: The Reality and Risks
25:53 Human Ingenuity and Risk Management
26:29 The Future of Cybersecurity: Q Day and Certificate Rotations
28:02 Major Cybersecurity Incidents of the Year
29:41 The Rise of Ransomware and Supply Chain Attacks
35:35 AI in Cybersecurity: Opportunities and Challenges
38:49 Critical Infrastructure Vulnerabilities
47:09 Year-End Reflections and Looking Forward

Cybersecurity Today: LastPass Hack Fallout, TP-Link Router Ban, and Microsoft's Passwordless Future

In our final daily news show of the season, host Jim Love covers key cybersecurity stories, including millions stolen from crypto wallets linked to the 2022 LastPass breach, potential US ban on TP-Link routers over national security concerns, and Microsoft's push for a passwordless future with passkeys. Don't miss our weekend wrap-up with the cybersecurity panel and special holiday content. Stay tuned for new episodes starting January 6th. Happy holidays!

00:00 Season Finale Announcement
00:29 Crypto Wallets Hacked: Fallout from LastPass Breach
02:38 TP Link Routers Under Scrutiny
04:38 Microsoft's Push for a Passwordless Future
06:38 Holiday Wishes and Future Plans

BlackBerry's Cylance Sale, Major AWS Breach, Klopp Ransomware Strikes Again, and Russian Cyber Attacks

In this episode of Cybersecurity Today, host Jim Love discusses BlackBerry's sale of Cylance to Arctic Wolf for significantly less than its purchase price, the massive AWS breach linked to the Shiny Hunters, Klopp ransomware attacks on Cleo's platforms, and the escalation of Russian cyber attacks on Western critical infrastructure. Tune in to get the details on these major cybersecurity developments and their implications.

00:00 Introduction and Sponsor Message
00:32 BlackBerry's Cylance Sale: A Strategic Move?
02:36 AWS Data Breach: Shiny Hunters Strike Again
04:54 Cleo Data Theft: Klopp Ransomware's Latest Exploit
06:39 Russian Cyber Attacks on Critical Infrastructure
08:32 Conclusion and Contact Information

PumaKit Linux Rootkit, Windows Defender Flaw, and Android Malware Outbreak!

In today's episode of Cybersecurity Today, host Jim Love delves into the discovery of the advanced Linux rootkit PumaKit, critical vulnerabilities in Microsoft's Windows Defender, a new multi-platform malware campaign downgrading browser security, and Germany's recent outbreak of pre-installed malware on 30,000 Android devices. We discuss the implications of these cybersecurity threats and the measures being taken to mitigate them. Stay informed and vigilant with our detailed analysis of these emerging cyber risks.

00:00 Introduction to Cybersecurity News
00:27 Advanced Linux Rootkit: PumaKit
01:59 Critical Windows Defender Vulnerability
03:42 Malware Downgrades Browser Security
05:08 Pre-installed Malware on Android Devices in Germany
07:02 Conclusion and Final Thoughts

Top 5 Phishing Exploits of 2024: Abnormal Security Report and More | Cybersecurity Today

In this episode of Cybersecurity Today, host Jim Love delves into Abnormal Security's end-of-year report outlining the top five phishing exploits of 2024 and their predictions for 2025. The episode covers cryptocurrency fraud, weaponized file sharing services, multi-channel phishing, business email compromise, and email account takeovers. Additionally, it highlights the alarming rise of text-based job scams, the takedown of a major vishing ring in Spain and Peru, and a $5 million U.S. reward to disrupt North Korean IT schemes. Stay informed on the latest cybersecurity threats and protections.

00:00 Introduction to Cybersecurity Today
00:27 Top Phishing Exploits of 2024
00:37 Cryptocurrency Fraud and File Sharing Scams
01:54 Multi-Channel Phishing and Business Email Compromise
03:10 Email Account Takeover and Future Predictions
04:39 Rise of Task Scams
06:53 Massive Vishing Operation Busted
08:42 North Korean IT Worker Fraud
11:15 Conclusion and Final Thoughts