Cybersecurity Today: EDR Evasion, SSH Backdoor, WhatsApp Zero-Click Hack, and DeepSeek AI

In today's episode of Cybersecurity Today, host Jim Love discusses several pressing cybersecurity issues. The show covers Canada's Digital Governance Council's launch of a cyber ready validation program designed to help small and medium-sized businesses improve their cybersecurity. Jim then delves into a new cyber attack technique that bypasses Endpoint Detection and Response (EDR) systems, an SSH backdoor used by the Chinese cyber espionage group Evasive Panda, and a zero-click hacking technique targeting WhatsApp users. The episode concludes with insights on the Chinese open-source AI DeepSeek and the importance of nuanced discussion in security debates. Stay tuned for expert interviews on AI and cybersecurity in upcoming episodes.

00:00 Introduction to Cyber Ready Validation Program
00:52 Emerging Cyber Threats: EDR Evasion
04:42 New SSH Backdoor by Evasive Panda
06:31 WhatsApp Zero-Click Exploit
08:03 DeepSeek AI and Security Concerns
10:45 Conclusion and Call for Discussion

In this episode of Cybersecurity Today with Jim Love, explore the growing concerns surrounding DeepSeek AI's censorship and lack of guardrails, the rise of 'Shadow AI' in workplaces, and how cybercriminals exploit major cloud providers like AWS and Azure. Learn about a phishing scam targeting Microsoft single sign-on that's been undetected for six years, and get insights into the critical measures needed to safeguard against these evolving threats.

00:00 Introduction to Cybersecurity Today
00:25 DeepSeek AI: Censorship and Security Concerns
02:56 Shadow AI: The Rise of Unauthorized Generative Tools
05:05 Cloud Providers Exploited by Cybercriminals
07:31 Phishing Scams Targeting Microsoft Single Sign-On
09:03 Conclusion and Listener Engagement

Cybersecurity Threats: Fraud in Canada, DeepSeek AI Jailbreak & Toll Scams - Exclusive Interview with Ivan Novikov

In this episode of Cybersecurity Today, host Jim Love discusses the alarming $638 million lost by Canadians to fraud in 2024, with investment fraud being the most significant contributor. The episode also covers the successful jailbreak of China's DeepSeek AI model, raising major security concerns, and a new phishing scam targeting US toll road users. The episode concludes with a detailed interview with Ivan Novikov, CEO of Wallarm, discussing API security vulnerabilities and their research findings.

00:00 Introduction and Overview
00:21 Fraud in Canada: A Deep Dive
01:14 Investment and Identity Fraud Insights
01:49 Preventive Measures and Reporting
02:47 DeepSeek AI Model Jailbreak
04:38 SMS Phishing Scams Targeting US Toll Road Users
06:34 Exclusive Interview with Ivan Novikov
07:41 Wallarm's API Security Study
15:01 DeepSeek Jailbreak Techniques
25:13 Conclusion and Final Thoughts

Cybersecurity Today: DeepSeek AI Disruptions, Nvidia Breach, and TalkTalk Hack Revisited

In this weekend edition of Cybersecurity Today, our panel reviews the most significant cybersecurity stories of the past month. This episode features Laura Payne from White Tuque, David Shipley from Beauceron Security, and Dana Proctor from IBM. Key topics include the sudden emergence of DeepSeek AI, Nvidia’s vulnerabilities and their effect on stock prices, and TalkTalk’s latest data breach. Additionally, the discussion covers the soaring API security vulnerabilities reported by Wallarm and the UK’s potential legislative action on ransomware payments. Stay tuned for expert insights and analysis on these pressing issues in the world of cybersecurity.

00:00 Introduction and Panel Welcome
00:41 DeepSeek AI Disruption
02:09 Security Concerns and Reactions
04:06 NVIDIA's Vulnerabilities and AI Security
07:15 Economic and Geopolitical Implications
12:13 AI in Business and Security Practices
20:57 Open Source AI and Cybersecurity Risks
25:37 Responsibility in Data Management
26:25 AI's Unstoppable Progress
26:53 API Security Concerns
28:41 Non-Human Identities and API Challenges
30:36 The State of Cybersecurity Awareness
35:05 Legislative Hopes and Cybersecurity
37:25 TalkTalk Breach Revisited
44:10 Ransomware Legislation Proposals
45:34 Shoutout to Cyber Police
47:04 Closing Remarks and Audience Engagement

Cybersecurity Today: DeepSeek AI's Data Breach, New API Threats, & Operation Talent

In this episode of 'Cybersecurity Today,' host Jim Love delves into the recent security lapse by DeepSeek AI, highlighting the exposure of sensitive data through an open ClickHouse database. Learn about the growing threat posed by APIs as the primary attack vector in cybersecurity, with findings from Wallarm's 2025 API Threat Stat Report. Additionally, discover the impact of international law enforcement's Operation Talent on dismantling major cybercrime forums, and be informed about a new browser attack technique, 'browser sync jacking,' which poses risks to millions of users. Stay tuned for a comprehensive overview of the latest in cybersecurity.

00:00 Major Security Concerns with DeepSeek AI Databases
03:13 The Rise of API Cyber Attacks
05:23 Global Crackdown on Cybercrime Forums
07:04 New Browser Attack Technique Discovered
08:54 Conclusion and Upcoming Discussions

Navigating AI Cyber Threats and Critical Infrastructure Vulnerabilities

In this episode of Cybersecurity Today, host Jim Love discusses the recent cyber attack on AI platform DeepSeek that exploited open source vulnerabilities. He highlights significant challenges in U.S. cybersecurity oversight following disruptions in key bodies like the Cyber Safety Review Board. The episode also covers a backdoor vulnerability in Juniper routers being actively exploited, and the FBI warning about misuse of local admin accounts. Organizations are urged to bolster their defenses by reviewing admin logs and enforcing stronger access controls amidst evolving cyber threats.

00:00 Introduction to Cybersecurity Challenges
00:23 DeepSeek Cyber Attack Incident
01:10 Leadership Crisis in Cybersecurity Oversight
02:28 Juniper Router Backdoor Vulnerability
03:49 FBI Warning on Local Admin Account Exploits
04:55 Conclusion and Contact Information

Cybersecurity Recap: Major Data Breaches, Transparency Issues, and a Twist on Script Kiddies

In this episode of Cybersecurity Today, host Jim Love covers various major cybersecurity incidents and developments. Mozilla criticizes the auto industry's data privacy practices following a Volkswagen data breach affecting 800,000 electric cars. The Upper Canada School Board faces a data breach exposing sensitive information. MasterCard is scrutinized for its lack of transparency over a DNS misconfiguration. In a surprising turn, a fake malware builder hacks 18,000 script kiddies attempting cyber attacks. Tune in for detailed insights and important cybersecurity updates.

00:00 Volkswagen Data Breach Exposes 800,000 Electric Cars
02:14 Upper Canada School Board Data Breach
03:40 MasterCard's Transparency Issues
05:56 Hackers Get Hacked: Fake Malware Builder
07:33 Conclusion and Contact Information

Exploring Cyber Vulnerabilities in Civic Infrastructure with Ethical Hacker Nick Aleks

In this episode, we dive into the vulnerabilities present in our civic infrastructure with ethical hacker Nick Aleks. We discuss the risks associated with outdated and poorly secured systems that run our cities' utilities, smart buildings, and transit networks. Nick provides insights into how nation-state hackers could exploit these vulnerabilities and the serious consequences of such attacks. The video highlights the importance of collaboration, regular security updates, and the role of ethical hackers in identifying and mitigating these threats.

00:00 Introduction to Civic Infrastructure Issues
01:28 A Hacker's Perspective on City Infrastructure
03:36 Exploring Vulnerabilities in Smart Infrastructure
12:01 The Threat to Municipal Systems
19:00 Defensive Measures and Solutions
23:42 Conclusion and Final Thoughts