Cybersecurity Today

Jim Love
  • 5.0 (3)
  • NOTICIAS TECNOLÓGICAS
  • CADA DÍA

Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.

  1. HACE 1 DÍA

    AWS Flaw Could Have Put Every Account At Risk

    Cybersecurity Today: Critical Fortinet Flaws, Windows 11 Issues, and Major Cloud Security Near Miss In today's episode of Cybersecurity Today, host David Shipley covers several pressing cybersecurity topics including the continued exploitation of Fortinet flaws despite recent patches, Windows 11 systems failing to boot after January updates, a thwarted cyber attack on Poland's energy sector by the Sandworm group, a sophisticated phishing campaign targeting the energy sector, and a critical AWS vulnerability that posed a significant risk to cloud security globally. Stay informed on these key issues and more. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:48 Fortinet Flaws Still Actively Exploited 03:08 Windows 11 Update Issues 04:44 Cyber Attack on Poland's Energy Systems 06:18 Phishing Campaign Targeting Energy Sector 07:48 AWS CodeBuild Vulnerability 10:26 Conclusion and Final Thoughts

    12 min

  2. HACE 3 DÍAS

    VoidLink: An In-Depth Look at the Nest Generation of AI Generated Malware

    Discovering Void Link: The AI-Generated Malware Shaking Up Cybersecurity In this episode, we explore the fascinating discovery of 'Void Link,' one of the first documented cases of advanced malware authored almost entirely by artificial intelligence. Hosts delve into an eye-opening interview with experts from Checkpoint Research—Pedro Drimel  and Sven Rath—who were integral to uncovering this next-gen cyber threat. Learn how Void Link's design, rapid development, and sophisticated features signify a new age in malware creation, and understand the implications for cybersecurity, particularly in cloud and Linux environments. This episode provides a compelling look into the tools and methodologies behind the groundbreaking find, and a rare glimpse into the evolving landscape of AI-driven cyber threats. LINK TO CHECKPOINT RESEARCH PAPER:  https://research.checkpoint.com/2026/voidlink-early-ai-generated-malware-framework/ Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:19 AI-Generated Malware: The Void Link Case 03:16 Interview with Checkpoint Researchers 04:05 Background of the Researchers 06:56 Discovering Void Link 10:27 Analyzing the Malware 14:46 AI's Role in Malware Development 19:55 Implications and Future of AI in Cybersecurity 21:21 Introduction to IDE and Agent Support 21:45 Jailbreaking AI Models for Malware Development 22:24 Challenges and Implications of AI in Malware 23:43 AI's Role in Malware Detection and Development 26:35 The Future of AI in Cybersecurity 32:30 Operational Security and AI Limitations 33:59 Concluding Thoughts and Future Research 36:28 Final Remarks and Acknowledgements 37:32 Show Wrap-Up and Sponsor Message

    40 min

  3. HACE 4 DÍAS

    11 Year Old LInux Bug Allows Root Access

    Fortinet Firewall Breached, Hidden Linux Vulnerability & Ransomware Boss Pleads Guilty | Cybersecurity Today In this episode of Cybersecurity Today, host David Shipley discusses the latest breach involving Fortinet FortiGate firewalls, an 11-year-old critical Linux vulnerability that was recently discovered, and a rare courtroom case where a ransomware boss pleaded guilty. The episode also highlights a report on widespread credential exposure in the retail sector. Stay informed on the latest cybersecurity news and developments. Sponsored by Meter. 00:00 Introduction and Sponsor Message 00:39 Fortinet Firewalls Breached 02:05 Critical Linux Vulnerability Exposed 03:31 Ransomware Boss Pleads Guilty 04:52 Widespread Credential Exposure in Retail 05:47 Conclusion and Sign-Off 06:11 Sponsor Message and Closing Remarks

    7 min

  4. HACE 6 DÍAS

    The First Wave Of Sophisticated AI Generated Malware

    Critical Cybersecurity Updates: Microsoft, Goot Loader, Anthropic, and AI-Generated Malware In this episode of Cybersecurity Today, host Jim Love discusses the latest security patches and threats in the industry. Topics include Microsoft's recent patch for a Windows Admin Center flaw, the resurgence and evolution of Goot Loader malware, Anthropic's quiet patching of key vulnerabilities in their Git MCP server, and the emergence of Void Link, an advanced AI-generated malware targeting Linux-based servers. Tune in to learn about the implications of these updates and what steps you can take to protect your systems. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:20 Microsoft Patches Critical Windows Admin Center Flaw 02:54 Goot Loader Malware Resurgence 06:18 Anthropic Patches Git MCP Vulnerabilities 09:55 Void Link: AI-Generated Malware

    14 min

  5. 19 ENE

    Cisco Patches Async OS Bug

    Critical Security Flaws Patched by Cisco and Fortinet Amidst Recent Cyber Threats In this episode of Cybersecurity Today, host David Chipley covers several pressing cybersecurity issues. Cisco has patched a maximum severity zero-day vulnerability in its Async OS software, which has been exploited by a Chinese state-linked group. Fortinet has also addressed a critical vulnerability in its 40 Seam product, which is being actively exploited in the wild. The Dutch National Police are still recovering from a Citrix breach, emphasizing the need for modern infrastructure. Meanwhile, a spear-phishing campaign targeting US organizations uses Venezuela-themed lures. The episode wraps up with a discussion on a recent study revealing that training AI to produce insecure code can lead to broader problematic behaviour. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:46 Cisco Patches Critical Async OS Bug 02:26 Fortinet Vulnerability Exploited in the Wild 04:04 Dutch National Police and Aging IT Infrastructure 05:55 Spear Phishing Campaign with Venezuelan Lure 07:54 AI Writing Buggy Code: Unexpected Consequences 10:21 Conclusion and Final Thoughts

    13 min

  6. 17 ENE

    She Hacks Purple: An Interview With Cybersecurity Expert Tanya Janca

    Building Secure Software with Tanya Janca: From Coding to Cybersecurity Advocacy In this episode of Cybersecurity Today, host Jim Love interviews Tanya Janca, also known as She Hacks Purple, a renowned Canadian application security expert and author. Tanya shares her journey from a software developer and musician to becoming a penetration tester and cybersecurity advocate. She discusses her work in training developers on secure coding practices and application security, emphasizing the need for integrated security training in academic programs and the software development lifecycle. Tanya also talks about the challenges women face in the cybersecurity field and her efforts to empower underrepresented groups through initiatives like WOsec and We Hack Purple. Sponsored by Meter, this episode dives deep into the importance of building security into software development and the potential role of AI in improving code security. 00:00 Introduction and Sponsor Message 00:18 Meet Tanya Janca: The Journey Begins 01:05 From Developer to Pen Tester 03:14 Empowering Women in Cybersecurity 13:11 Challenges in Academia and Training 19:18 The Need for Secure Coding 21:22 Challenges in Medical Device Security 22:18 The Economics of Open Source 24:43 Building Security into Development 26:14 Training and Cultural Shifts 32:33 AI and Secure Coding 39:03 Incident Response and Preparedness 39:54 Final Thoughts and Future Directions

    43 min

  7. 16 ENE

    Staples Slips Up On Data Removal

    Cybersecurity Challenges: Data Privacy Failures, AI Risks, and New Malware Threats In this episode of Cybersecurity Today, host David Shipley covers a range of pressing issues. The discussion kicks off with Staples Canada reselling laptops without wiping customer data, highlighting loopholes in Canada's privacy laws. Next, David delves into a new class of attacks known as 'Reprompt' that target Microsoft Co-pilot, exposing vulnerabilities in large language models. The episode also explores a critical flaw in ServiceNow's virtual agent that allowed attackers to impersonate legitimate users, emphasizing the importance of robust identity verification. Lastly, a newly discovered advanced Linux malware framework designed for cloud environments is dissected, pointing to evolving threats that leverage customer mistakes. The episode concludes with a call to address these problems through better people, processes, and cultural practices. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:48 Staples' Privacy Lapse: A Recurring Issue 03:03 Microsoft Co-pilot Vulnerability: Reprompt Attack 05:22 ServiceNow's AI Vulnerability: Authentication Gaps 07:02 Advanced Linux Malware: A Cloud-First Threat 08:46 Conclusion and Key Takeaways 09:37 Closing Remarks and Sponsor Acknowledgment

    11 min

  8. 14 ENE

    HPE Open View Vulnerability Hits CISA Known Exploited List

    Cybersecurity Today: Credit Card Skimming, Valley Rat Malware, WhatsApp Exploit & AI Defenses In this episode of Cybersecurity Today, hosted by Jim Love, we explore several critical cybersecurity threats and advancements. We cover a massive credit card skimming campaign active since early 2022, a severe bug in HPE OneView, the stealthy Valley Rat malware, and a potential zero-click exploit in WhatsApp. Additionally, we delve into AI-driven advancements in cybersecurity defense being developed at US National Laboratories. Stay informed and vigilant with the latest insights in cybersecurity. 00:00 Introduction and Sponsor Message 00:48 Credit Card Skimming Campaign Uncovered 02:49 Critical Vulnerability in HPE OneView 04:16 Valley Rat Malware Threat 06:22 Suspected Zero-Day Vulnerability in WhatsApp 08:29 AI-Powered Cyber Defenses in US National Labs 10:08 Conclusion and Sponsor Message

    11 min
Ver todo (105)

Anfitriones e invitados

Calificaciones y reseñas

5
de 5
3 calificaciones

Acerca de

Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.

Información

  • Creador
    Jim Love
  • Años de actividad
    2018 - 2026
  • Episodios
    105
  • Clasificación
    Apto
  • Mostrar sitio web
    Cybersecurity Today

También te podría interesar