Cybersecurity Today: Major Vulnerabilities and Attacks Uncovered

Join host David Shipley for today's cybersecurity updates on the last day of summer 2025. In this episode, we delve deep into Microsoft's critical Entra ID vulnerability, a cyber attack crippling major European airports, the rise of SpamGPT targeting phishing operations, and the alarming zero-click flaw in OpenAI's deep research agent. Hear about Canadian Police's big win against the shadowy Trade Ogre crypto platform and their $40 million asset seizure. Buckle up for a reality check on the evolving cyber threats and their impact on global security.

00:00 Introduction and Overview
00:55 Microsoft's Extinction Level Vulnerability
05:19 European Airports Cyber Attack
08:20 SpamGPT: AI for Cyber Criminals
09:53 Shadow Leak: Zero Click AI Vulnerability
12:09 Trade Ogre Takedown
14:50 Conclusion and Upcoming Events

Unveiling the Ransomware Ecosystem with Tammy Harper

In this compelling episode, Jim is joined by Tammy Harper from Flair.io to re-air one of their most popular and insightful episodes. Dive into the intricate world of ransomware as Tammy, a seasoned threat intelligence researcher, provides an in-depth introduction to the ransomware ecosystem. Explore the basics and nuances of ransomware, from its origins to its modern-day complexities. Tammy discusses not only the operational structures and notable ransomware groups like Conti, LockBit, and Scattered Spider, but also the impact and evolution of ransomware as a service. She also elaborates on ransomware negotiation tactics and how initial access brokers operate. This episode is packed with invaluable information for anyone looking to understand the cybercrime underground economy. Don’t forget to leave your questions in the comments, and they might be addressed in future episodes!

00:00 Introduction and Episode Re-Run Announcement
00:29 Guest Introduction: Tammy Harper from Flair io
00:41 Exploring the Dark Web and Ransomware
02:21 Tammy Harper's Background and Expertise
03:40 Understanding the Ransomware Ecosystem
04:02 Ransomware Business Models and Initial Access Brokers
07:08 Double and Triple Extortion Tactics
11:23 History of Ransomware: From AIDS Trojan to WannaCry
13:02 The Rise of Ransomware as a Service (RaaS)
19:41 Conti: The Ransomware Giant
26:17 Conti's Tools of the Trade: EMOTET, ICEDID, and TrickBot
32:05 The Conti Leaks and Their Impact
34:04 LockBit and the Ransomware Cartel
37:07 National Hazard Agency: A Subgroup of LockBit
38:17 Release of Volume Two and Its Impact
39:08 Details of the Training Manual
40:52 Ransomware Negotiations
41:28 Ransom Chat Project
42:27 Conti vs. LockBit Negotiation Tactics
43:30 Professionalism in Ransomware Operations
47:07 Ransomware Chat Simulation
48:03 Ransom Look Project
49:11 Current Ransomware Landscape
50:32 Infiltration and Research Methods
51:47 Profiles of Emerging Ransomware Groups
01:05:21 Initial Access Market
01:10:26 Future of Ransomware and Law Enforcement Efforts
01:13:14 Conclusion and Final Thoughts

Cybersecurity Today: The Good News Edition

In this episode, host Jim Love addresses a previous mistake regarding the location of Yellowknife and announces a special 'good news' edition. Key stories include Microsoft's dismantling of a global phishing-as-a-service operation Raccoon 0365, the recovery of nearly $2 million lost to a business email compromise scam by a Texas county, and the Commonwealth Bank of Australia's significant reduction in scam losses through AI-powered defenses. The episode emphasizes lessons learned in cybersecurity and the positive outcomes from recent countermeasures. Love also mentions that the usual host, David Shipley, will return on Monday.

00:00 Introduction and Apology
01:38 Good News Stories Overview
02:18 Microsoft Dismantles Raccoon 0365
03:59 Texas County Recovers $2 Million
05:51 CommBank's AI-Powered Scam Prevention
08:01 Conclusion and Contact Information

Cybersecurity Worms, Steganography Attacks, Municipal Cyber Incidents and More...

In this episode of Cybersecurity Today, host Jim Love delves into multiple cybersecurity threats affecting the tech landscape. He discusses the 'Shai Hulud' worm, which has infiltrated over 187 JavaScript libraries on NPM, exploiting developer tokens for spread, including those maintained by CrowdStrike. Love explains practical but challenging measures to mitigate such threats. He also explores steganography's role in hiding malicious scripts within seemingly benign image files, urging vigilance against embedding hidden commands. Additionally, the episode covers a cyber incident in Yellowknife, causing severe disruptions to municipal services and emphasizing the importance of cyber hygiene and support from higher government levels. Lastly, Jim examines how a Windows 11 patch has created a new vulnerability, stressing the need for enhanced monitoring and quick updates.

00:00 Introduction and Overview
00:21 The Shy Ude Worm: A New Threat
02:19 Steganography: Hiding in Plain Sight
05:30 Cybersecurity Incident in Yellowknife
07:24 Microsoft's Patch Problems
08:27 Conclusion and Contact Information

Cybersecurity Today: NPM Attack, Void Proxy Phishing, and Major Business Disruptions

In this episode of Cybersecurity Today, host David Shipley discusses a recent massive NPM attack that, despite causing significant disruption, left hackers with minimal gains. We also cover a new, highly sophisticated phishing service called Void Proxy, which targets Microsoft and Google accounts. Additionally, we delve into the severe repercussions of cyber attacks on major companies like Jaguar Land Rover and Marks and Spencer, highlighting the wide-ranging impacts on supply chains and leadership. Join us for the latest updates and insights from the world of cybersecurity.

00:00 Introduction and Headlines
00:35 Massive NPM Attack: What Happened?
02:53 Void Proxy: A New Phishing Threat
05:31 Jaguar Land Rover Cyber Attack Impact
06:59 Marks and Spencer Leadership Change
08:04 Conclusion and Final Thoughts

Inside Zero Trust: John Kindervag and the Evolution of Cybersecurity

In this episode of Cybersecurity Today: Weekend Edition, host Jim Love speaks with John Kindervag, the pioneer behind the Zero Trust model of cybersecurity. With over 25 years of industry experience, John delves into how the concept originated from his early work with firewalls, advocating for a system where no packet is trusted by default. He discusses the fundamental principles of Zero Trust, including defining protect surfaces, mapping transaction flows, and implementing microsegmentation. The conversation also touches on overcoming cultural and organizational challenges in cybersecurity, the inadequacies of traditional risk models, and adapting Zero Trust methodologies in the evolving landscape, including AI. Through thoughtful discourse and practical insights, John underscores the importance of strategic and tactical implementations in building resilient and secure systems.

00:00 Introduction to Cybersecurity Today
00:25 Meet John Kindervag: The Godfather of Zero Trust
01:50 The Birth of Zero Trust
04:08 Challenges and Evolution of Zero Trust
06:03 From Forrester to Practical Implementations
11:40 The Concept of Protect Surfaces
17:30 Risk vs. Danger in Cybersecurity
30:54 Farmers and Technology
31:48 The Importance of IT in Business
32:26 Introduction to Zero Trust
32:41 Five Steps to Zero Trust
33:14 Mapping Transaction Flows
34:25 Custom Architecture for Zero Trust
34:55 Defining Policies with the Kipling Method
36:04 Monitoring and Maintaining Zero Trust
36:28 The Concept of Anti-Fragile Systems
38:47 Challenges and Success Stories in Zero Trust
42:02 Microsegmentation and Protect Surfaces
45:39 AI and Zero Trust
49:22 Advice for Implementing Zero Trust
50:37 Military Insights and Decision Making
57:19 The Future of Zero Trust
59:07 Conclusion and Final Thoughts

Cybersecurity Today: Microsoft Patches, Canadian Data Breach, NVIDIA's New Tool, and a Senator's Call for Investigation

In this episode of Cybersecurity Today, host Jim Love discusses Microsoft's September patch update addressing 81 security flaws, including two zero-day vulnerabilities. Highlights include a data breach in Canada affecting email and phone numbers, NVIDIA's release of an open-source LLM vulnerability scanner, and US Senator Ron Wyden's call for the FTC to investigate Microsoft's security practices. The episode also clears up the mystery behind the bricked SSDs after a Windows 11 update.

00:00 Microsoft Patches 81 Flaws
02:29 Canadian Government Data Breach
03:38 NVIDIA's Garrick: AI Vulnerability Scanner
05:01 Senator Urges FTC to Probe Microsoft
06:52 Mystery of Bricked SSDs Solved
08:24 Conclusion and Upcoming Interview

Phishing Scams, Leaked Stream Keys, Zero-Day Android Vulnerabilities, and Bounties on Russian Hackers

In this episode of Cybersecurity Today, host Jim Love discusses several critical cybersecurity issues. Attackers are using iCloud calendar invites for phishing scams, leveraging Apple's system to bypass security checks. The US Department of Defense has exposed livestream credentials, risking hijack and fake content insertion. Billions of Android phones are vulnerable due to unpatched critical zero days, and Google has only fixed issues for Pixel devices so far. Additionally, the US State Department has placed a $10 million bounty on three Russian FSB hackers responsible for attacks on energy companies. Jim emphasizes the importance of securing digital assets and maintaining strong cybersecurity practices.

00:00 Introduction and Headlines
00:24 Phishing Scam via iCloud Calendar Invites
03:18 US Department of Defense Livestream Vulnerabilities
05:53 Critical Android Zero-Day Vulnerabilities
07:38 US Bounty on Russian FSB Hackers
09:42 Conclusion and Contact Information