Cybersecurity Today Howard Solomon

North Korean State Actor Infiltrates US Security Firm | Cybersecurity Today
In this episode of Cybersecurity Today, host Jim Love covers two major incidents. The first is an American firm, KnowBe4, inadvertently hiring a North Korean state actor posing as a software engineer, leading to an attempted malware installation. He discusses the techniques used by the threat actor and the broader implications for cybersecurity. The second story involves CrowdStrike's post-incident review of a system crash, detailing the causes, the company's response, and criticisms of their crisis communication strategy. Tune in to learn about these pressing cybersecurity challenges and how companies are handling them.
00:00 A Shocking Cybersecurity Incident
00:20 North Korean State Actor Infiltration
01:59 CrowdStrike's Post Incident Review
05:07 CrowdStrike's Crisis Communication Failure
06:31 Conclusion and Upcoming Shows

In this episode of Cybersecurity Today, guest host Jim Love covers major events impacting the cybersecurity world, including CrowdStrike CEO George Kurtz's summons to testify before a U.S. House Committee on Homeland Security following a massive IT outage and a new malware strain, Frosty Goop, attacking critical infrastructure in Ukraine. The episode also discusses cybersecurity firm Wiz's surprising decision to decline a $23 billion acquisition offer from Google's parent company, Alphabet, opting instead to aim for an IPO. Stay informed about the latest in cybersecurity, and what these developments mean for the industry.
00:00 Introduction and Headlines
00:24 CrowdStrike CEO Summoned by U.S. House Committee
00:38 Impact and Response to the IT Outage
01:41 Frosty Goop: New Malware Threat
03:09 Wiz Rejects Alphabet's Acquisition Offer
04:45 Conclusion and Show Notes

Join Jim Love on a special edition of Cybersecurity Today and Hashtag Trending as he delves into the recent CrowdStrike incident that led to a global IT meltdown. With over 8.5 million Windows devices affected by a faulty CrowdStrike Falcon update, this event is being compared to Y2K and WannaCry. Discover the widespread impacts across key industries, the technical details behind the kernel-crashing error, and the fallout for companies and IT professionals. Learn why this disaster has created such frustration and anger in the cybersecurity community and what steps are being taken to recover. Tune in to understand the broader economic and societal implications of what is being called the 'worst cyber event in history.'
00:00 Introduction and Host Introduction
00:19 CrowdStrike Incident Overview
00:46 Community Reactions and Frustrations
02:29 Understanding CrowdStrike's Role
04:49 Technical Breakdown of the Issue
07:59 Impact and Consequences
09:04 Response and Fixes
12:33 Lessons and Future Precautions
13:20 Final Thoughts and Warnings
13:58 Conclusion

Dodging the Biggest Supply Chain Attack Ever: An Insight with JFrog's Security Research Team
In this weekend edition of Cyber Security Today, host Jim Love discusses with Brian Moussalli, the Security Research Team Lead at JFrog, how potentially the biggest supply chain attack was averted. They delve into the intricacies of supply chain attacks, the risks associated with leaked tokens, and the importance of checking binary files for vulnerabilities. The conversation also touches on securing open source software and the role of JFrog in making the cyber world safer. Tune in to learn critical lessons on cybersecurity from this insightful interview.
00:00 Introduction and Host Update
00:32 Understanding Supply Chain Attacks
02:47 Interview with Brian Moussalli, the Security Research Team Lead at JFrog
06:15 The Python Token Leak Incident
17:01 Lessons Learned and Future Outlook
23:06 Conclusion and Sign-Off
 

With Howard away and today's episode of Hashtag Trending being all about security stories, I took the liberty of doing a cross posting. Hope we'll have Howard back next week.
In today's episode of Hashtag Trending, host Jim Love covers significant cybersecurity news. Microsoft faces criticism for mishandling a reported MSHTML browser engine vulnerability, and Disney investigates a hack by 'Null Bulge,' a group accusing the company of unethical AI use. Additionally, Kaspersky Labs announces its exit from the U.S. market due to government sanctions. The episode also discusses the FBI's swift unlocking of a shooter's phone, indicating advanced law enforcement capabilities. Tune in for these updates and more.
00:00 Introduction and Overview
00:43 Microsoft's Vulnerability Disclosure Controversy
02:28 Disney Hacked: Internal Messages Leaked
03:42 Kaspersky Exits the U.S. Market
04:59 FBI Cracks Encrypted Phones
06:54 Conclusion and Upcoming Shows

A new ransomware group that has been discovered is highlighted in this edition