In this episode of Cybersecurity Today, host Jim Love is joined by roving correspondent David Shipley to discuss his experiences at the BSides and RSAC conferences. They dive into the significant takeaways from BSides, including highlights from notable presentations such as Truffle Hog's AI Apocalypse and Eva Galperin's talk on the 'World's Dumbest Cyber Mercenaries'. They also explore emerging trends in AI, deepfake technology, and the human side of cybersecurity. The discussion shifts to RSAC, examining vendor presence, CrowdStrike's gamified approach to engagement, and the broader implications of cybersecurity costs and industry consolidation. The episode underscores the importance of ongoing education, responsible cybersecurity practices, and the need for clear communication in the industry.

00:00 Introduction and Guest Introduction
01:24 BSides Conference Overview
03:55 Key Highlights from BSides
04:31 AI Apocalypse and Security Concerns
11:21 World's Dumbest Cyber Mercenaries
15:57 Deepfake Technology and Countermeasures
22:45 RSAC Conference Overview
28:48 Experiencing Autonomous Cars in San Francisco
30:00 The Future of High-Tech Mobility Solutions
32:22 AI in Cybersecurity: Implications and Discussions
37:26 The Role of AI in Coding and Its Challenges
40:34 Chris Krebs and the Importance of Speaking Truth to Power
44:36 Human Side of Cybersecurity: Security Champions
46:49 Operation Shamrock: Tackling Pig Butchering Scams
51:47 CrowdStrike and Vendor Strategies at Conferences
53:16 The Cost of Cybersecurity and Industry Consolidation
54:46 Conclusion and Future Interviews

In this episode, host Jim Love discusses various cybersecurity topics including a book deal from CRC Press for those interested in cybersecurity, auditing, and leadership. Major cyber incidents involving two UK retailers, Co-op and Marks & Spencer's, are detailed, highlighting the challenges they face. Apple's notifications to users in 100 countries about targeted mercenary spyware attacks are covered, emphasizing the importance of taking these alerts seriously. Additionally, a malicious WordPress plugin has been discovered that grants attackers unauthorized access, and an open letter from cybersecurity professionals calls on President Donald Trump to cease investigations into former CISA Director Chris Krebs. The episode concludes by previewing an upcoming segment covering the B Side and RSA shows.

00:00 Introduction and Special Announcement
00:16 Cybersecurity Book Deals
01:37 Major Cyber Attacks on UK Retailers
03:48 Apple's Spyware Alerts
06:22 Malicious WordPress Plugin Discovered
08:19 Open Letter Supporting Chris Krebs
10:57 Conclusion and Upcoming Events

In this episode of Cybersecurity Today, host Jim Love discusses several major cybersecurity events. Two members of Elon Musk's 'Department of Government Efficiency' reportedly gained access to classified US nuclear networks, though accounts were never activated. Nova Scotia Power faces a cyber attack affecting customer services but not critical infrastructure. Additionally, over 1.7 billion stolen credentials have surfaced on the dark web, primarily collected via info stealer malware, emphasizing the growing threat to corporate security. Lastly, the importance of advancing beyond traditional password security is highlighted on World Password Day. For more information, tune in to the episode or reach out via email or LinkedIn.

00:00 Introduction and Headlines
00:22 Musk's Doge Staffers and US Nuclear Networks
03:16 Nova Scotia Power Cybersecurity Incident
05:19 Massive Data Breach on World Password Day
07:56 Conclusion and Contact Information

In this episode of 'Cybersecurity Today', host David Shipley covers multiple key stories: Veritaco CEO Jeffrey Bowie is charged with attempting to infect a hospital with malware. Global Chief Information Security Officers (CISOs) call on world governments to harmonize cybersecurity regulations. Issues arise with Microsoft's recent 'Mystery Folder' security patch. Highlights from B-Side San Francisco's AI discussions include talks on weaponizing large language models and detecting deep fake technology. Additionally, the RSA Conference kicks off, promising numerous vendor announcements and updates.

00:00 Cybersecurity CEO Charged with Hospital Malware Attack
01:56 Global CISOs Call for Unified Cyber Regulations
03:59 Microsoft's Mystery Folder Fix Issues
05:37 AI Talks at B-Side San Francisco
08:08 RSA Conference Highlights and Conclusion

In this episode of Cybersecurity Today, host Jim Love delves into the topic of SaaS (Software as a Service) security. Sharing his early experiences promoting SaaS, Jim elaborates on its inevitable rise due to cost-effectiveness and shared development resources. The episode highlights security concerns with SaaS, such as shadow IT and weak access control, especially in the face of an influx of AI software. Jim introduces Yoni Shohet, CEO and Co-founder of Valence Security, who discusses the SaaS security landscape, focusing on the independent 'State of SaaS Security' report by the Cloud Security Alliance. Yoni outlines the importance of monitoring API tokens, ensuring proper configurations, and the challenges posed by non-human identities. The discussion underscores the evolving nature of SaaS security, encouraging stronger collaboration between security teams and business units to manage risks effectively.

00:00 Introduction to SaaS Security
00:01 The Evolution and Benefits of SaaS
01:33 Challenges and Security Concerns with SaaS
02:08 Introduction to the State of SaaS Security Report
02:34 Interview with Yoni Shohet: Background and Experience
03:06 Yoni Shohet's Journey in Cybersecurity
08:33 The Rise of SaaS Security Issues
14:03 Key Findings from the SaaS Security Report
17:32 The Importance of SaaS Security Measures
21:36 Managing SaaS Security in Organizations
33:43 Valence Security's Approach to SaaS Security
36:59 Conclusion and Final Thoughts

In this episode of Cybersecurity Today, host David Shipley discusses the FBI's report on cybercrime losses in 2024, which reached a record $16.6 billion, marking a 33% increase from the previous year. The report highlights major types of cyber crimes such as phishing, spoofing, extortion, and investment fraud, with older adults being significantly impacted. Additionally, Blue Shield of California experienced a data breach affecting 4.7 million members due to a Google Analytics misconfiguration. The episode also covers global ransomware trends, revealing that 86% of affected firms paid ransoms, and the Verizon Data Breach Investigation Report's findings that ransomware is a factor in nearly half of all cyber incidents. David also previews upcoming cybersecurity events and hints at further discussions on phishing training and data security.

00:00 Record Cybercrime Losses in 2024
04:07 Blue Shield of California Data Breach
07:03 Ransomware Crisis and Global Impact
08:23 Verizon Data Breach Report Insights
09:20 Upcoming Events and Closing Remarks

In this episode of 'Cybersecurity Today,' host Jim Love discusses various pressing topics in the realm of cybersecurity. Highlights include Anthropic's prediction on AI-powered virtual employees and their potential security risks, Microsoft’s introduction of AI security agents to mitigate workforce gaps and analyst burnout, and a pivotal court ruling allowing a data privacy class action against Shopify to proceed in California. Additionally, the show covers the last-minute extension of funding for the Common Vulnerabilities and Exposures (CVE) program by the US Cybersecurity and Infrastructure Security Agency, averting a potential crisis in cybersecurity coordination. These discussions underscore the evolving challenges and solutions within the cybersecurity landscape.

00:00 Introduction and Overview
00:26 AI Employees: Opportunities and Risks
01:48 Microsoft's AI Security Agents
03:58 Shopify's Legal Battle Over Data Privacy
05:12 CVE Program's Funding Crisis Averted
07:24 Conclusion and Contact Information

Cybersecurity Today: Allegations Against Elon Musk, Microsoft Lockout Issues, Cozy Bear's New Malware, and Canada's Anti-Fraud Proposals In this episode of Cybersecurity Today, hosted by David Shipley, we examine several major cybersecurity stories. A whistleblower accuses Elon Musk's team's involvement in a significant cyber breach at the National Labor Relations Board. Administrators face challenges with Microsoft's Mace feature, causing widespread account lockouts over the Easter weekend. The Russian hacking group Cozy Bear targets European diplomats using wine-themed phishing tactics. Canadian Conservative leader Pierre Poilievre proposes stringent measures against online fraud, including hefty fines and criminal charges for companies failing to act against digital scammers. 00:00 Breaking News: Doge and the US Labor Watchdog Cyber Breach 03:30 Microsoft Security Feature Causes Weekend Chaos 06:08 Russian Hackers Target European Diplomats with Wine-Themed Phishing 07:30 Canadian Conservative Leader Proposes Anti-Fraud Measures 09:25 Conclusion and Contact Information