Cyber Threats Target HR, AI Tools, and Critical Infrastructure: A Comprehensive Update
In this episode of Cybersecurity Today, host David Shipley covers a range of cyber threats including the Venom Spider malware targeting HR professionals, the emergence of the Noodlofile info stealer disguised as an AI video generator, and misinformation campaigns amid the India-Pakistan conflict. Additionally, the episode discusses warnings from U.S. agencies about cyberattacks on the oil and gas sector, and highlights a recent interview with whistleblower Daniel Brules about security lapses at the National Labor Relations Board. 00:00 Introduction and Overview 00:33 Venom Spider Targets HR Professionals 02:12 Fake AI Video Generators and Noodlofile Malware 03:41 Misinformation Amid India-Pakistan Conflict 05:40 US Oil and Gas Infrastructure Under Threat 07:22 Conclusion and Final Thoughts
-------- Â
8:07
Exposing a Government Data Breach: Whistleblower Tells All - Cybersecurity Today Special Report
In this gripping episode of Cybersecurity Today, host Jim Love interviews Daniel Berulis, a self-described whistleblower who recently made a significant disclosure to the U.S. Congress. Berulis reveals the shocking details of tenant admin abuse within a governmental cloud environment, which allowed unauthorized data copying and wiping of audit trails. They discuss Daniel's background, the alarming red flags he observed, his attempt to escalate the issue internally, and finally, his decision to report it to higher authorities. The conversation dives deep into the complexities and moral dilemmas faced by a whistleblower, offering viewers an insider look at the challenges in maintaining transparency and security in high-stakes IT environments. 00:00 Introduction to Cybersecurity Today 00:39 Meet Daniel Berulis: Whistleblower Extraordinaire 01:05 Understanding Tenant Admin Abuse 02:12 Daniel's Career and Community Involvement 05:28 The Mysterious Meeting and Initial Red Flags 08:48 Uncovering the Data Breach 11:56 Internal Reactions and Escalation 19:08 Reporting the Incident and Facing Consequences 23:45 The Whistleblower's Journey 32:31 Conclusion and Final Thoughts
In this episode of Cybersecurity Today, host Jim Love discusses recent cybersecurity breaches and vulnerabilities. Key topics include a security flaw in the new default setting of Microsoft OneDrive, a ransom incident involving PowerSchool that compromised student data, and the breach of a DOGE staffer's computer by info-stealing malware. The episode emphasizes the importance of proper security oversight, the risks of paying ransoms to cyber criminals, and the critical need for government agencies to reevaluate their cybersecurity protocols. 00:00 Introduction to Cybersecurity Today 00:30 Microsoft OneDrive Security Vulnerability 02:52 PowerSchool Ransomware Attack 07:20 DOGE Staffer Malware Breach 10:50 Conclusion and Final Thoughts
-------- Â
11:50
6 Year Old Sleeper Attack Uncovered, Fake Bank Draft Scam, and Signal Tool Breach
In this episode of Cybersecurity Today, host Jim Love delves into a range of alarming cyber incidents. A six-year sleeper supply chain attack has compromised thousands of e-commerce websites, exploiting vulnerabilities in Magento extensions from vendors Tigren, Meetanshi, and Magesolution. Russian-controlled open-source tool Easy JSON raises scrutiny over potential threats in critical sectors like defense and finance. In Ontario, a sophisticated bank draft scam costs a business $108,000, emphasizing the need for verification processes. Additionally, a messaging tool used by the Trump administration to archive Signal messages has been hacked twice, highlighting serious concerns over the security of high-level US communications. Stay tuned for the latest insights and expert advice on maintaining cybersecurity. 00:00 Sleeper Supply Chain Attack Activates After Six Years 02:19 Russian Controlled Open Source Tool Raises Alarms 04:32 Fake Bank Draft Fools the Bank 05:56 Signal Archiving Tool Breached 08:33 Conclusion and Contact Information
-------- Â
8:56
Signal Version Used In National Security Scandal Has Flaws
Cybersecurity Today: Disney Data Theft, Signal Gate, and Major Apple Vulnerability In this episode of Cybersecurity Today, host David Shipley discusses several key security incidents. Hacker 'Null Bulge,' real name Ryan Kramer, pleads guilty to stealing over 1.1 TB of data from Disney's Slack via malware disguised as an AI image generation tool. Additionally, former National Security Advisor Mike Waltz's use of a compromised Signal app 'TM Signal' is explored, highlighting significant security flaws. The episode also covers critical vulnerabilities in Apple AirPlay-enabled devices that allow malicious code execution via Wi-Fi and reveals that an employee benefits administration provider breach has impacted 4 million Americans, significantly more than originally reported. 00:00 Introduction and Headlines 00:34 Disney's Slack Data Breach 02:00 Security Flaws in TM Signal App 03:18 Apple AirPlay Vulnerabilities 04:54 Massive Data Breach at Vari Source Services 06:59 Conclusion and Contact Information
Australia