In this episode, the host delves into the alarming rise of 'pig butchering' scams, a form of fraud that preys on vulnerable and trusting individuals, often leaving them financially and emotionally devastated. These scams are orchestrated by organized crime syndicates that use brutal methods, including violence and human trafficking, to sustain their operations. Erin West, a former prosecutor, discusses her transition to founding Operation Shamrock, a nonprofit focused on combatting these scams through education, law enforcement support, and victim assistance. West explains the severity of the issue, sharing insights into the terrifying environments where these scams are executed and the challenges victims face in reporting and recovering their losses. She emphasizes the need for public awareness, empathy, and collaborative efforts to tackle the global crisis. The episode concludes with actionable steps for cybersecurity professionals and the public to join the fight against this pervasive fraud.

00:00 Introduction to Cybersecurity and Pig Butchering Scams
01:42 The Human Impact of Scams
03:33 Operation Shamrock: Fighting Back
04:04 Interview with Erin West: From Prosecutor to Advocate
06:24 Understanding the Scale and Evolution of Scams
08:33 The Role of Technology in Modern Scams
12:17 Operation Shamrock's Mission and Strategies
15:13 Empowering Victims and Law Enforcement
29:28 Raising Awareness and Taking Action
37:50 Conclusion and Call to Action

In this episode of Cybersecurity Today, host Jim Love covers critical updates in the world of cyber threats. The FBI warns of hijackers posing as IT support to infiltrate law firms, a Wisconsin city reveals a ransomware attack affecting 67,000 residents, and a Texas city refuses to pay a ransom, risking the public release of sensitive data. The episode also highlights the 3-2-1-1-0 backup strategy as a defense against ransomware and reports on sophisticated scams targeting summer travelers. Additionally, Jim previews tomorrow’s discussion on scammers targeting vulnerable groups.

00:00 Introduction and Headlines
00:29 FBI Warns of IT Support Scams Targeting Law Firms
03:18 Ransomware Attack on Sheboygan, Wisconsin
05:24 Texas City Refuses Ransom Payment
07:05 Understanding the 3-2-1-1-0 Backup Strategy
09:37 Summer Travel Scams on the Rise
12:55 Conclusion and Upcoming Topics

In this episode of Cybersecurity Today, host Jim Love explores the intricacies behind phishing emails that cleverly spoof Microsoft addresses, making many fall for scams despite appearing legitimate. Love emphasizes the need for a stringent 'zero trust' approach to counter these advanced tactics.

Additionally, the episode delves into the activities of the hacking group Hazy Hawk, which exploits misconfigured DNS records to hijack trusted domains and propagate malware. Organizations are warned about the importance of regular DNS audits to prevent such attacks. The episode also covers the alarming wave of departures at the Cybersecurity and Infrastructure Security Agency (CISA), raising concerns over the agency's effectiveness amid increasing cyber threats.

In another segment, Love discusses a sophisticated fraud operation out of Hanoi, where perpetrators manipulated X's Creator Revenue Sharing Program to siphon funds through fraudulent engagement metrics. The need for built-in fraud prevention mechanisms in digital reward systems is stressed. The episode concludes with a call for listener feedback and support.

00:00 Introduction and Overview
00:27 Phishing Scams: Authentic-Looking Emails
02:58 DNS Misconfigurations and Hazy Hawk
05:36 CISA Leadership Exodus
08:16 X's Creator Revenue Sharing Fraud
10:56 Conclusion and Contact Information

In this episode of Cybersecurity Today, host David Shipley dives into several alarming cyber incidents.

The show starts with Nova Scotia Power's confirmation of a ransomware attack that forced the shutdown of customer-facing systems and led to data being published on the dark web. The company decided not to pay the ransom, adhering to law enforcement guidance and sanctions laws.

A shocking case in New York follows, involving a crypto investor charged with kidnapping and torturing a man to obtain his Bitcoin wallet password.

The next segment highlights a record-setting DDoS botnet, Aisuru, which performed a test attack that peaked at 6.3 terabits per second, posing a disproportionate threat to online retailers.

The final story covers Microsoft's controversial AI feature, Recall, which takes screenshots every three seconds and raises significant privacy concerns. The episode underscores the growing need for robust cybersecurity measures and effective legislation.

00:00 Introduction and Headlines
00:30 Nova Scotia Power Ransomware Attack
02:57 Ransomware Trends and Statistics
03:51 Operation End Game: A Global Win Against Ransomware
04:25 Crypto Investor's Shocking Crime
05:57 Record-Breaking DDoS Botnet
07:36 Microsoft's Controversial AI Feature Recall
09:10 Conclusion and Sign-Off

LINKS:

https://distrust.co/software.html - Software page with OSS software

Linux distro: https://codeberg.org/stagex/stagex

Milksad vulnerability: https://milksad.info/

In this episode of Cybersecurity Today on the Weekend, host Jim Love engages in a captivating discussion with Anton Livaja from Distrust. Anton shares his unique career transition from obtaining a BA in English literature at York University to delving into cybersecurity and tech. Anton recounts how he initially entered the tech field through a startup and quickly embraced programming and automation. The conversation covers Anton's interest in Bitcoin and blockchain technology, including the importance of stablecoins, and the frequent hacking incidents in the crypto space. Anton explains the intricacies of blockchain security, emphasizing the critical role of managing cryptographic keys. The dialogue also explores advanced security methodologies like full source bootstrapping and deterministic builds, and Anton elaborates on the significance of creating open-source software for enhanced security. As the discussion concludes, Anton highlights the need for continual curiosity, teamwork, and purpose-driven work in the cybersecurity field.

00:00 Introduction to Cybersecurity Today
00:17 Anton's Journey from Literature to Cybersecurity
01:08 First Foray into Programming and Automation
02:35 Blockchain and Its Real-World Applications
04:36 Security Challenges in Blockchain and Cryptocurrency
13:21 The Rise of Insider Threats and Social Engineering
16:40 Advanced Security Measures and Supply Chain Attacks
22:36 The Importance of Deterministic Builds and Full Source Bootstrapping
29:35 Making Open Source Software Accessible
31:29 Blockchain and Supply Chain Traceability
33:34 Ensuring Software Integrity and Security
38:20 The Role of AI in Code Review
40:37 The Milksad Incident
46:33 Introducing Distrust and Its Mission
52:23 Final Thoughts and Encouragement

In this episode of Cybersecurity today, host Jim Love reports on various critical cyber threats and data breaches. A newly discovered flaw in Windows Server 2025 allows attackers to seize full domain control, referred to by researchers as the 'bad successor' exploit. Government messaging app Telem Message, a customized version of Signal, was hacked, exposing sensitive communications of over 60 officials, leading to its shutdown. Microsoft disrupted the global Luma Stealer malware operation, which had infected nearly 400,000 computers. Coinbase suffered a major data breach affecting over 69,000 customers due to an insider compromise. Additionally, hackers distributed a malicious version of the KeyPass password manager, embedding it with malware to steal data and deploy ransomware. Jim Love encourages listeners to stay vigilant and download software only from official sources. He teases an upcoming interview with a knowledgeable guest working on open-source solutions to cybersecurity issues.

00:00 Introduction to Cybersecurity News
00:36 Windows Server 2025 Vulnerability
03:09 Telem Messages Hack Scandal
05:37 Microsoft Disrupts Luma Malware
07:29 Coinbase Breach Details
08:54 Malicious Password Manager Alert
10:55 Conclusion and Upcoming Interview

In this episode of 'Cybersecurity Today,' host Jim Love discusses several urgent cybersecurity topics. Microsoft has released an emergency patch after a recent Windows update caused BitLocker recovery mode on certain systems, locking users out without warning. The issue stems from the May security update affecting systems using Intel, vPro chips, and TXT. Tech enthusiasts may manually download the patch through the Microsoft Update catalog, while Microsoft urges users to secure their BitLocker recovery keys. The episode also highlights day one of Pwn2Own Berlin 2025, where hackers successfully breached Windows 11, Red Hat Linux, and Oracle Virtual Box, earning a combined $260,000 in prize money. Additionally, US experts discovered hidden communication hardware in Chinese-made solar equipment, raising concerns about remote access risks to the power grid. The FBI warns of a new wave of AI-generated phishing attacks that bypass traditional security measures. Finally, the Consumer Financial Protection Bureau has quietly backed down from regulating data brokers, sparking controversy among privacy advocates. Jim Love offers insights and reminds listeners of the importance of cybersecurity.

00:00 Introduction and Headlines
00:27 Microsoft's Urgent Patch for BitLocker Issue
02:26 Pwn2Own Berlin 2025: Major Security Breaches
04:11 Hidden Devices in Chinese Solar Equipment
06:05 FBI Warns of New Linkless Phishing Attacks
07:58 CFPB Withdraws Rule on Data Brokers
09:33 Conclusion and Contact Information

In this episode of 'Cybersecurity Today', host Jim Love is joined by panelists Laura Payne from White Tuque and David Shipley from Beauceron Security to review significant cybersecurity events over the past month. The discussion covers various impactful stories such as the disappearance of a professor, a data breach at Hertz, and government officials using a commercial app during a conflict. They dive deep into the ransomware attack on PowerSchool and its implications for K-12 schools in North America. The conversation also highlights the vulnerability of critical infrastructures, including the food supply chain and the importance of robust cybersecurity measures. Finally, the panel touches upon the progression towards post-quantum encryption by major tech companies like AWS and Google, signaling advancements in securing future technologies.

00:00 Introduction and Panelist Welcome
00:20 Major Cybersecurity Incidents of the Month
02:04 PowerSchool Data Breach Analysis
04:11 Ransomware and Double Extortion Tactics
12:20 4chan Security Breach and Its Implications
16:31 Hertz Data Loss and Retail Cybersecurity
17:44 Critical Infrastructure and Cyber Regulation
27:03 The Importance of CVE Database
27:54 Debate on Vulnerability Scoring
30:17 Open Source Software and Geopolitical Risks
31:43 The Evolution and Challenges of Open Source
37:17 The Need for Software Regulation
46:50 Signal Gate and Compliance Issues
54:08 Post-Quantum Cryptography
56:10 Conclusion and Final Thoughts