Exploring the Dark Web: A Conversation with Criminologist David Decary-Hetu
In this episode, Jim Love interviews David Decary-Hetu, a criminologist at the University of Montreal, discussing the dark web and its impact on criminal activity and cybersecurity. They delve into what the dark web is, how it operates, its primary users, and its role in cybercrime. They also explore the dynamics of online criminal networks, challenges faced by law enforcement, and the surprising aspects of online illicit activities. The importance of monitoring online conversations and understanding cyber threats is emphasized, with insights into the use of cryptocurrencies and the evolution of cybercrime tactics. 00:00 Introduction to Cybercrime and the Dark Web 00:45 Meet David Decary-Hetu: Criminologist and Dark Web Expert 01:06 Understanding the Basics of the Dark Web 05:34 The Technology Behind the Dark Web 20:40 Law Enforcement Challenges and Trust Building 26:03 Cultural Differences in Hacking Communities 26:28 Training Police Officers vs. Research Approaches 26:40 Impact of Technology on Crime 28:09 International Networks and Language Barriers 30:26 Law Enforcement Strategies and Challenges 38:46 The Role of Cryptocurrency in Cybercrime 40:31 Legal and Ethical Considerations in Cybersecurity 42:55 Advice for Policymakers and Corporations 47:48 Educational Resources and Conferences 50:06 Conclusion and Final Thoughts
--------
51:19
--------
51:19
Satellite Internet Data Is Discovered To Be Unencrypted And Easy To Intercept
This episode of Cybersecurity Today, hosted by Jim Love, covers several critical topics in the realm of cybersecurity. Researchers found that unencrypted data from satellites is accessible with cheap equipment, leading to potential eavesdropping on sensitive information worldwide. A new botnet campaign is aggressively scanning for unsecured RDP services, posing a significant threat of ransomware and data theft. Canadian Tire Corporation experienced a data breach affecting customer information. An Android vulnerability allows hackers to steal two-factor authentication codes, prompting discussions on the need for faster security patch rollouts. Lastly, two brothers on trial for a $25 million crypto heist argue that their actions are legal within the blockchain's rules, raising questions about the future of crypto regulation. 00:00 Introduction to Cybersecurity News 00:26 Eavesdropping on Satellite Data 02:02 Massive Botnet Targeting RDP Services 03:58 Canadian Tire Data Breach 05:40 Android Vulnerability: Pick Napping 08:09 Crypto Heist: The Perra Bueno Brothers 10:06 Conclusion and Sign Off
--------
10:44
--------
10:44
FBI Shuts Down Breach Forums and New Cyber Threats Unveiled
In this episode of Cybersecurity Today, host David Shipley discusses several major events, including the FBI's takedown of the Breach Forums portal. This site was associated with a significant Salesforce data breach and extortion campaign led by groups like Shiny Hunters and Scattered Lapses Hunters. Oracle users are also warned about a new critical vulnerability in the E-Business Suite, which could allow unauthorized data access without requiring login credentials. Additionally, the resurgence of the Asuru botnet, leveraging compromised IoT devices to execute large-scale DDoS attacks, raises concerns. The episode emphasizes the need for immediate patching and robust security measures by organizations and consumers alike. A positive note highlights a cybersecurity awareness initiative by the Indiana Toll Road. 00:00 FBI Takes Down Breach Forums 03:42 Oracle E-Business Suite Vulnerability 07:39 Massive Botnet Threatening US Networks 11:04 Community Cybersecurity Awareness 11:47 Conclusion and Sign-Off
--------
12:45
--------
12:45
The Role and Evolution of Virtual CISOs with Craig Taylor
In this episode of Cybersecurity Today, Jim hosts Craig Taylor, a seasoned virtual Chief Information Security Officer (vCISO) with over 25 years of experience. They discuss the evolution and significance of the vCISO role, Taylor's career path, and the founding of his company, Cyber Hoot, which provides cybersecurity education and vCISO services. Taylor shares insights into why companies, especially SMBs, opt for vCISO services due to budget constraints and the scarcity of cybersecurity professionals. He also talks about the common challenges faced by vCISOs, such as managing burnout and ensuring client adherence to security recommendations. The conversation delves into the importance of cybersecurity culture, the need for effective education, and the integration of cybersecurity in business practices. Taylor offers practical advice on hiring the right vCISO and highlights the benefits his company provides. The episode concludes with a discussion on the psychology behind successful cybersecurity practices and Taylor's thoughts on the future of the industry. 00:00 Introduction to Cybersecurity Today 00:04 Meet Craig Taylor: The Virtual CISO 00:47 The Early Days of Virtual CISOs 02:15 Building a Cybersecurity Company 03:40 The Rise of Virtual CISO Services 05:01 Challenges and Realities of Cybersecurity 06:42 The Importance of Cyber Literacy 20:38 Managing Cybersecurity Risks 28:05 Understanding Administrative Risks in Onboarding and Offboarding 28:39 Challenges with MSPs and Cybersecurity 29:27 The Importance of Basic Security Measures 31:52 Dealing with Technology Debt 32:52 Balancing Budget and Security Needs 35:13 Real-Life Cybersecurity Incidents 40:17 The Role of Education in Cybersecurity 46:12 Hiring the Right VCISO 51:33 Conclusion and Final Thoughts
--------
51:54
--------
51:54
Teenage Ransomware Arrest In Day Care Ransom
Cybersecurity Today: Teenage Ransomware Arrests, GoAnywhere Critical Flaw, and Google AI Vulnerability In this episode of Cybersecurity Today, hosted by Jim Love, two teenagers were arrested in London for a ransomware attack on Kiddo International preschools, involving child data extortion. The show discusses a critical vulnerability in GoAnywhere MFT servers actively exploited by ransomware operators, emphasizing the need for immediate patching. It also highlights an urgent warning from CSA about a 2021 Windows flaw now under active attack. Additionally, researchers have found a new method to exploit Google's Gemini AI through invisible unicode characters, with Google declining to patch the issue. The episode concludes with security recommendations and a note on the show's upcoming special weekend edition for Canadian Thanksgiving. 00:00 Introduction and Headlines 00:28 Teenagers Arrested for Preschool Ransomware Attack 01:57 Critical Vulnerability in Go Anywhere MFT Servers 03:21 Urgent Alert for 2021 Windows Flaw 04:32 Google Gemini AI's Invisible Prompt Flaw 06:16 Conclusion and Sign-Off
México