Artwork

コンテンツは Tech Newsday and Jim Love によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Tech Newsday and Jim Love またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作物をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal
Player FM -ポッドキャストアプリ
Player FMアプリでオフラインにしPlayer FMう!
icon Daily Deals

DeepSeek - New AI Disruptor Gets Hit With Cyber Attack: Cyber Security Today for Wednesday, January 29, 2025

5:17
 
シェア
 

Manage episode 463717312 series 2146884
コンテンツは Tech Newsday and Jim Love によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Tech Newsday and Jim Love またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作物をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal

Navigating AI Cyber Threats and Critical Infrastructure Vulnerabilities

In this episode of Cybersecurity Today, host Jim Love discusses the recent cyber attack on AI platform DeepSeek that exploited open source vulnerabilities. He highlights significant challenges in U.S. cybersecurity oversight following disruptions in key bodies like the Cyber Safety Review Board. The episode also covers a backdoor vulnerability in Juniper routers being actively exploited, and the FBI warning about misuse of local admin accounts. Organizations are urged to bolster their defenses by reviewing admin logs and enforcing stronger access controls amidst evolving cyber threats.

00:00 Introduction to Cybersecurity Challenges 00:23 DeepSeek Cyber Attack Incident 01:10 Leadership Crisis in Cybersecurity Oversight 02:28 Juniper Router Backdoor Vulnerability 03:49 FBI Warning on Local Admin Account Exploits 04:55 Conclusion and Contact Information

  continue reading

1068 つのエピソード

Artwork
iconシェア
 
Manage episode 463717312 series 2146884
コンテンツは Tech Newsday and Jim Love によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Tech Newsday and Jim Love またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作物をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal

Navigating AI Cyber Threats and Critical Infrastructure Vulnerabilities

In this episode of Cybersecurity Today, host Jim Love discusses the recent cyber attack on AI platform DeepSeek that exploited open source vulnerabilities. He highlights significant challenges in U.S. cybersecurity oversight following disruptions in key bodies like the Cyber Safety Review Board. The episode also covers a backdoor vulnerability in Juniper routers being actively exploited, and the FBI warning about misuse of local admin accounts. Organizations are urged to bolster their defenses by reviewing admin logs and enforcing stronger access controls amidst evolving cyber threats.

00:00 Introduction to Cybersecurity Challenges 00:23 DeepSeek Cyber Attack Incident 01:10 Leadership Crisis in Cybersecurity Oversight 02:28 Juniper Router Backdoor Vulnerability 03:49 FBI Warning on Local Admin Account Exploits 04:55 Conclusion and Contact Information

  continue reading

1068 つのエピソード

すべてのエピソード

×
 
Unveiling the Complexities: The Dark Side of AI and Its Real-World Implications In this episode, explore the intricate discussions surrounding AI with experts Marcel Gagné, John Pinard, and Jim Love. Dive into contemporary understandings of AI, its potential threats, and its application in both personal and professional realms. The panel discusses the 'dark side' of AI not to instill fear, but to devise strategies for managing its risks. Topics include AI misconceptions, the potential for AI to misbehave, operational security in AI implementation, and philosophical debates on AI consciousness. The episode emphasizes the importance of critical thinking, debate, and responsible use as AI technologies become increasingly integrated into society. Join the conversation and share your thoughts on AI's evolving landscape. 00:00 Introduction to Project Synapse 00:46 Exploring the Dark Side of AI 01:05 Invitation to Join the Discussion 02:01 Three Key Areas of AI Concerns 02:38 Speculative Risks and Science Fiction Scenarios 03:29 Implementing AI in Corporate Settings 04:37 AI Misbehavior and Security Concerns 07:09 Consciousness and AI 20:04 AI as Hyper-Intelligent Children 29:18 Security and Data Privacy in AI 31:36 Human Weakness in Security 31:50 Social Engineering Tactics 32:37 Security Misconceptions in Engineering 33:11 AI Data Storage and Security 34:45 AI Data Retrieval Concerns 39:05 Testing Security in Development 40:35 Regulatory Challenges with AI 43:26 Bias and Decision Making in AI 46:47 The Importance of Critical Thinking 50:09 The Role of Social Interaction in Business 54:35 AI as a Consultant 01:01:50 The Future of AI and Responsibility 01:04:24 Conclusion and Contact Information…
 
Cyber Security Today: OpenSSH Vulnerabilities and Black Stash's Stolen Cards In this episode, host Jim Love discusses two significant OpenSSH vulnerabilities that risk man-in-the-middle and denial-of-service attacks. The hacker group Black Stash has released 4 million stolen credit cards for free, potentially enticing further illegal activities. Palo Alto Networks' firewalls face active attacks, with multiple CVEs allowing privilege escalation and bypassing authentication. Critical updates and secure management practices are emphasized to protect systems. 00:00 Introduction and Headlines 00:21 OpenSSH Vulnerabilities Explained 02:39 BlackStash's Stolen Credit Card Dump 04:40 Palo Alto Networks Under Attack 06:21 Conclusion and Contact Information…
 
Critical PostgreSQL Bug Exploited in Treasury Hack & New Threats Unveiled - Cybersecurity Today In today's episode of Cybersecurity Today, hosted by Jim Love, we delve into major cybersecurity events, including a crucial PostgreSQL vulnerability exploited in the U.S. Treasury hack, Russian hackers bypassing traditional password security with device code authentication, and the discovery of the 'Final Draft' malware hijacking Microsoft Outlook drafts. Additionally, we explore the BBC's new tool to combat digital misinformation with Content Credentials. Tune in for in-depth insights and latest cybersecurity updates. 00:00 Introduction and Headlines 00:24 PostgreSQL Vulnerability and U.S. Treasury Hack 02:21 Russian Hackers Exploit Device Code Authentication 04:09 New Malware Hijacks Outlook Drafts 05:55 BBC Tests Truth Marks to Combat Fake News 07:49 Conclusion and Contact Information…
 
Unpacking AI: Executive Insights & Essential Questions Join us in this special edition of Hashtag Trending and Cybersecurity Today as we dive deep into AI with technology consultant Marcel Gagné and cybersecurity expert John Pinard. We discuss the necessity for executives to understand and implement AI despite limited knowledge, the need for question-based learning, and the significance of a comprehensive AI bootcamp. From real-world applications to the evolving AI landscape, this episode provides a nuanced view on leveraging AI in business while addressing the critical question of safety. 00:00 Introduction and Welcome 00:19 Meet the Panelists 00:38 AI in the Executive World 00:54 Bootcamp for Executives 01:17 Starting the Discussion 01:44 Understanding AI Challenges 03:00 The Importance of Asking Questions 07:45 Historical Context of AI 11:30 Practical Applications of AI 15:06 Generative AI and Its Impact 23:09 Future of AI Models 30:39 Introduction to Google Recorder App 31:11 AI for Meeting Transcriptions 33:18 AI in Marketing and Business Applications 34:07 The Future of AI in Business 36:03 Debating AI's Potential and Limitations 38:09 Advanced AI Models and Their Uses 40:12 AI in Consulting and Decision Making 49:47 Risk Management in AI Implementation 59:34 Final Thoughts and Wrap-Up…
 
Cybersecurity Today: North Korean Hacks, AI Memory Breach, and School Data Comprimise In this episode of Cybersecurity Today, host Jim Love covers a range of crucial topics in the cybersecurity landscape. North Korean hackers are using new social engineering tactics to infiltrate systems by posing as South Korean officials, while prompt injection attacks are compromising the long-term memory of Google's Gemini AI. Canada's Privacy Commissioner is investigating a significant data breach affecting students' personal information in PowerSchool, and the FBI's Operation Level Up is tackling cryptocurrency investment frauds, potentially saving victims millions. Get the latest insights and stay informed on how to protect yourself against these evolving threats. 00:00 Introduction and Headlines 00:23 North Korean Hackers' New Tactics 02:35 Prompt Injection Attacks on AI 04:37 Canada's PowerSchool Data Breach 06:38 FBI's Operation Level Up 09:20 Conclusion and Upcoming AI Show…
 
Scammers Exploit DeepSeek Hype & Jailbreak OpenAI's O3 Mini – TechNewsDay Update In this episode, we uncover how scammers are exploiting the recent hype around DeepSeek, a new AI model, by creating fake websites, counterfeit cryptocurrency tokens, and malware-laced downloads. We also discuss the jailbreaking of OpenAI's newly released O3 mini model, highlighting its security vulnerabilities. Additionally, a woman is sought by police for purchasing an iPhone using a stolen identity in a London Apple store. Stay tuned for important updates on cybersecurity, AI advancements, and fraud prevention. 00:00 Scammers Exploit DeepSeek Hype 01:43 DeepSeek's Security Challenges 04:10 OpenAI's O3 Mini Model Jailbreak 06:49 iPhone Fraud in London Apple Store 07:44 Conclusion and Call for Tips…
 
In this episode of Cyber Security Today with host Jim Love, we delve into the significant 35% drop in global ransomware payments in 2024, highlighting a growing resistance to hacker demands and improved law enforcement actions. We also discuss a national security crisis sparked by Treasury's DOGE access and its broader implications for intelligence operations. Additionally, we share an eye-opening backup horror story emphasizing the critical importance of not just taking backups but ensuring they are restorable. Tune in for these updates and more in today's episode. 00:00 Ransomware Payments Drop in 2024 02:48 Treasury's DOGE Access Crisis 05:02 The Dangers of Untested Backup Systems 07:28 Conclusion and Contact Information…
 
In this episode of Cybersecurity Today, host Jim Love dives deep into the latest advancements in AI technology with a focus on the new open-source model, DeepSeek, from China. Love discusses the significant cost differences in training and running this model compared to competitors like OpenAI and highlights DeepSeek's efficiency and ability to run on older GPUs. The conversation pivots to the cybersecurity implications of such open-source models, especially for professionals in the field. Special guest Robert Falzon, head of engineering at CheckPoint Software, joins the discussion to provide insights on how cybercriminals are leveraging AI tools and the newfound accessibility of powerful AI models. Love and Falzon also explore the current state of cybersecurity education, risk assessment, and the importance of realistic conversations about risks and safeguards in the face of these technological advancements. Tune in for an in-depth analysis of the intersection of AI and cybersecurity and what it means for professionals and companies moving forward. 00:00 Introduction to Cybersecurity Today 00:05 DeepSeek: A Game-Changer in AI 00:48 DeepSeek's Cost Efficiency and Accessibility 01:30 Open Source and Democratization of AI 02:59 Cybersecurity Concerns with AI Advancements 03:51 Interview with Robert Falzon from CheckPoint Software 04:13 AI's Impact on Everyday Life and Cybersecurity 05:17 The Knowledge Gap in AI and ML 07:50 The Risks of Data Security in AI 10:20 Cybersecurity Fundamentals and AI 10:59 The Growing Threat of AI in Cybercrime 18:29 The Need for Improved Security Measures 23:07 The Reality of AI-Driven Cyber Attacks 25:08 Advanced Malware Targeting Specific Industries 25:48 The Evolution of Phishing Attacks 27:13 AI and Home Automation Security 28:12 Banking System Vulnerabilities 29:23 Internal AI Threats and Risk Management 31:07 The Need for Updated Risk Assessments 31:43 Educating Organizations on AI and Cybersecurity 36:19 The Importance of Cyber Hygiene 45:11 Final Thoughts and Optimism for the Future…
 
Cybersecurity Today: EDR Evasion, SSH Backdoor, WhatsApp Zero-Click Hack, and DeepSeek AI In today's episode of Cybersecurity Today, host Jim Love discusses several pressing cybersecurity issues. The show covers Canada's Digital Governance Council's launch of a cyber ready validation program designed to help small and medium-sized businesses improve their cybersecurity. Jim then delves into a new cyber attack technique that bypasses Endpoint Detection and Response (EDR) systems, an SSH backdoor used by the Chinese cyber espionage group Evasive Panda, and a zero-click hacking technique targeting WhatsApp users. The episode concludes with insights on the Chinese open-source AI DeepSeek and the importance of nuanced discussion in security debates. Stay tuned for expert interviews on AI and cybersecurity in upcoming episodes. 00:00 Introduction to Cyber Ready Validation Program 00:52 Emerging Cyber Threats: EDR Evasion 04:42 New SSH Backdoor by Evasive Panda 06:31 WhatsApp Zero-Click Exploit 08:03 DeepSeek AI and Security Concerns 10:45 Conclusion and Call for Discussion…
 
In this episode of Cybersecurity Today with Jim Love, explore the growing concerns surrounding DeepSeek AI's censorship and lack of guardrails, the rise of 'Shadow AI' in workplaces, and how cybercriminals exploit major cloud providers like AWS and Azure. Learn about a phishing scam targeting Microsoft single sign-on that's been undetected for six years, and get insights into the critical measures needed to safeguard against these evolving threats. 00:00 Introduction to Cybersecurity Today 00:25 DeepSeek AI: Censorship and Security Concerns 02:56 Shadow AI: The Rise of Unauthorized Generative Tools 05:05 Cloud Providers Exploited by Cybercriminals 07:31 Phishing Scams Targeting Microsoft Single Sign-On 09:03 Conclusion and Listener Engagement…
 
Cybersecurity Threats: Fraud in Canada, DeepSeek AI Jailbreak & Toll Scams - Exclusive Interview with Ivan Novikov In this episode of Cybersecurity Today, host Jim Love discusses the alarming $638 million lost by Canadians to fraud in 2024, with investment fraud being the most significant contributor. The episode also covers the successful jailbreak of China's DeepSeek AI model, raising major security concerns, and a new phishing scam targeting US toll road users. The episode concludes with a detailed interview with Ivan Novikov, CEO of Wallarm, discussing API security vulnerabilities and their research findings. 00:00 Introduction and Overview 00:21 Fraud in Canada: A Deep Dive 01:14 Investment and Identity Fraud Insights 01:49 Preventive Measures and Reporting 02:47 DeepSeek AI Model Jailbreak 04:38 SMS Phishing Scams Targeting US Toll Road Users 06:34 Exclusive Interview with Ivan Novikov 07:41 Wallarm's API Security Study 15:01 DeepSeek Jailbreak Techniques 25:13 Conclusion and Final Thoughts…
 
Cybersecurity Today: DeepSeek AI Disruptions, Nvidia Breach, and TalkTalk Hack Revisited In this weekend edition of Cybersecurity Today, our panel reviews the most significant cybersecurity stories of the past month. This episode features Laura Payne from White Tuque, David Shipley from Beauceron Security, and Dana Proctor from IBM. Key topics include the sudden emergence of DeepSeek AI, Nvidia’s vulnerabilities and their effect on stock prices, and TalkTalk’s latest data breach. Additionally, the discussion covers the soaring API security vulnerabilities reported by Wallarm and the UK’s potential legislative action on ransomware payments. Stay tuned for expert insights and analysis on these pressing issues in the world of cybersecurity. 00:00 Introduction and Panel Welcome 00:41 DeepSeek AI Disruption 02:09 Security Concerns and Reactions 04:06 NVIDIA's Vulnerabilities and AI Security 07:15 Economic and Geopolitical Implications 12:13 AI in Business and Security Practices 20:57 Open Source AI and Cybersecurity Risks 25:37 Responsibility in Data Management 26:25 AI's Unstoppable Progress 26:53 API Security Concerns 28:41 Non-Human Identities and API Challenges 30:36 The State of Cybersecurity Awareness 35:05 Legislative Hopes and Cybersecurity 37:25 TalkTalk Breach Revisited 44:10 Ransomware Legislation Proposals 45:34 Shoutout to Cyber Police 47:04 Closing Remarks and Audience Engagement…
 
Cybersecurity Today: DeepSeek AI's Data Breach, New API Threats, & Operation Talent In this episode of 'Cybersecurity Today,' host Jim Love delves into the recent security lapse by DeepSeek AI, highlighting the exposure of sensitive data through an open ClickHouse database. Learn about the growing threat posed by APIs as the primary attack vector in cybersecurity, with findings from Wallarm's 2025 API Threat Stat Report. Additionally, discover the impact of international law enforcement's Operation Talent on dismantling major cybercrime forums, and be informed about a new browser attack technique, 'browser sync jacking,' which poses risks to millions of users. Stay tuned for a comprehensive overview of the latest in cybersecurity. 00:00 Major Security Concerns with DeepSeek AI Databases 03:13 The Rise of API Cyber Attacks 05:23 Global Crackdown on Cybercrime Forums 07:04 New Browser Attack Technique Discovered 08:54 Conclusion and Upcoming Discussions…
 
Navigating AI Cyber Threats and Critical Infrastructure Vulnerabilities In this episode of Cybersecurity Today, host Jim Love discusses the recent cyber attack on AI platform DeepSeek that exploited open source vulnerabilities. He highlights significant challenges in U.S. cybersecurity oversight following disruptions in key bodies like the Cyber Safety Review Board. The episode also covers a backdoor vulnerability in Juniper routers being actively exploited, and the FBI warning about misuse of local admin accounts. Organizations are urged to bolster their defenses by reviewing admin logs and enforcing stronger access controls amidst evolving cyber threats. 00:00 Introduction to Cybersecurity Challenges 00:23 DeepSeek Cyber Attack Incident 01:10 Leadership Crisis in Cybersecurity Oversight 02:28 Juniper Router Backdoor Vulnerability 03:49 FBI Warning on Local Admin Account Exploits 04:55 Conclusion and Contact Information…
 
Cybersecurity Recap: Major Data Breaches, Transparency Issues, and a Twist on Script Kiddies In this episode of Cybersecurity Today, host Jim Love covers various major cybersecurity incidents and developments. Mozilla criticizes the auto industry's data privacy practices following a Volkswagen data breach affecting 800,000 electric cars. The Upper Canada School Board faces a data breach exposing sensitive information. MasterCard is scrutinized for its lack of transparency over a DNS misconfiguration. In a surprising turn, a fake malware builder hacks 18,000 script kiddies attempting cyber attacks. Tune in for detailed insights and important cybersecurity updates. 00:00 Volkswagen Data Breach Exposes 800,000 Electric Cars 02:14 Upper Canada School Board Data Breach 03:40 MasterCard's Transparency Issues 05:56 Hackers Get Hacked: Fake Malware Builder 07:33 Conclusion and Contact Information…
 
Loading …

プレーヤーFMへようこそ!

Player FMは今からすぐに楽しめるために高品質のポッドキャストをウェブでスキャンしています。 これは最高のポッドキャストアプリで、Android、iPhone、そしてWebで動作します。 全ての端末で購読を同期するためにサインアップしてください。

 

icon Daily Deals
icon Daily Deals
icon Daily Deals

クイックリファレンスガイド

探検しながらこの番組を聞いてください
再生